Privacy Policy

Effective: July 2025

1. Contact Us – We're Here to Help

You're welcome to reach out to us anytime with questions or concerns about how we handle and protect your personal information.

You can contact us to:

  • Ask questions about your data
  • Update or correct your information
  • Modify or delete your Clinic Companion account
  • Adjust your preferences
  • Raise a concern or file a complaint
  • Opt out of marketing communications
  • Or for any other related reason

We're easily reachable via phone or email. For any privacy-related inquiries, email us at info@cliniccompanion.com.

2. About Clinic Companion

We provide the Clinic Companion platform (the "Platform") to qualified medical professionals and clinics ("Practitioners") to support patient care.

Definitions in this policy:

  • We, our, or us — refers to Clinic Companion Ltd and affiliated entities (see Section 14).
  • You — the reader or user of this policy.
  • Your information — personal data you share with us.
  • Our services — includes the Platform and any associated services we offer.
  • Privacy laws — all data protection and health privacy laws that apply to our operations.

3. What Information Do We Collect?

We collect and store various types of data to provide and enhance our services, ensure security, and meet regulatory requirements. This includes:

Types of Information Collected

Category Details
General Personal Information Includes name, contact details, address, date of birth, gender. For Practitioners, we may also collect your professional qualifications and education.
Payment and Claim Details Information such as credit card numbers, bank account details, Medicare card numbers, and claim data needed for billing and claims.
Sensitive Health Information Health data provided by Practitioners or users for healthcare delivery. This may include medical history, clinical notes, test results, diagnoses, and prescriptions. All identifiable patient data is pseudonymised and not used for AI development.
Device Information Information like device type, IP address, browser data, geolocation, connection data, and standard web logs.
Additional User Inputs Information shared via surveys, forms, customer support interactions, or other digital engagement.
Data for Service Improvement De-identified data used in aggregate to analyze Platform performance and enhance our services.
Cookies May include browser type, operating system, and browsing history. Some cookies may collect personal data if linked to an account. See Section 9.
Recruitment Data If you apply for a position, we may collect employment history, references, background checks, and other job application data.

Note: Refusing to provide certain information may limit access to specific features or services.

4. How We Collect Your Information

Most information is collected directly from you when you interact with us. We may also receive information from third parties.

Main Sources of Collection

Category Details
Registration When you create an account on our Platform.
Communication Through messages, emails, forms, and chats.
Usage Interaction When using our Platform, website, services, or interacting with ads or content.
Third Parties Includes recruitment consultants, former employers, educational institutions, and sources verifying professional credentials (for Practitioners).

5. How We Use Your Information

We use your information to provide, improve, and secure our services. Our approach incorporates privacy by design, ensuring strong security, minimal data use, and transparent processing.

Purpose Details
Access To allow you to use our website, Platform, and services.
Service Improvement To analyze use, improve features, and personalize your experience.
Healthcare Delivery To support Practitioners in providing care to patients.
De-identified Usage We may use anonymised data to enhance Platform features — never involving identifiable patient data.
Support & Notifications To send alerts, service updates, and technical notices.
Contact To communicate important updates about your account or our services.
Marketing To send promotional material (with your consent).
Compliance To meet legal requirements or cooperate with authorities.
Employment To evaluate job applications.

We do not use your health information for marketing without your express permission.

6. Marketing and Opt-Out Options

We may send you updates about our services or products via email or other channels. You can opt out of marketing at any time by:

  • Clicking "unsubscribe" in any message, or
  • Contacting us directly (see Section 1).

We never:

  • Use health data for marketing without consent
  • Share your data with third parties for their marketing purposes

7. Data Storage and International Transfers

Your personal information is securely stored in the United Kingdom. Data processing is also limited to the UK or European Economic Area (EEA).

If we use third-party services, we ensure their operations comply with the UK GDPR and Data Protection Act 2018, including through strict contractual obligations.

8. When We Share Your Information

We may share your personal data with:

  • Employees and affiliated companies
  • Third-party service providers (e.g. payment processors, Platform hosts)
  • Professional advisers and authorized agents
  • Healthcare partners and system operators
  • Regulatory bodies, law enforcement, or others as legally required
  • Anyone you've authorized us to share with

We only share what's necessary and in accordance with privacy laws.

9. Cookies and Website Usage

We use cookies to enhance your experience, track website usage, and remember your settings.

You can change your browser settings to:

  • Accept all cookies
  • Reject all cookies
  • Notify you before cookies are stored

Please note: blocking cookies may affect site functionality.

We also use third-party analytics tools to understand user behavior and improve performance. These tools never access or store Protected Health Information (PHI) or other sensitive health data.

10. Data Security Measures

We implement multiple safeguards to protect your information, including:

Measure Details
Staff Training Employees are trained in data protection practices.
Encryption All data is encrypted at rest and in transit using industry-standard methods.
De-identification Identifiable data is anonymised before secondary use.
Secure Infrastructure Systems are built with robust security controls to prevent unauthorized access.
Retention and Disposal We retain your data only as long as necessary or as required by law.

11. Your Rights and Choices

You have several rights regarding your personal data. You may:

  • Request a copy of your data
  • Ask for corrections or updates
  • Withdraw consent or object to processing
  • Request deletion or data portability
  • Lodge a complaint

To make a request, include your name, contact details, and a clear description of your inquiry. We aim to respond within 30 days. Verification may be required.

If you're not satisfied with our response, you may contact the UK Information Commissioner's Office (ICO). Our GDPR Compliance Policy offers more detailed guidance on exercising your rights.

12. Information We Collect from Employees

We also collect specific information from current and former employees, including:

Category Details
Personal Information Name, contact details, DOB, photo
Education & Lifestyle Academic history, interests, family/marital status
Sensitive Information Health status, criminal background, beliefs, sexual orientation
Financial Data Bank details, tax ID, residency, credit checks
Employment Info Job history, professional memberships, and work-related output

Questions about employee data should be directed to: info@cliniccompanion.com

13. Changes to This Policy

If this Privacy Policy is updated in a way that affects how we handle your data, we will notify you through the Platform and publish the new version on our website. We encourage you to check periodically to stay informed.