Privacy Policy (November 2019)
Information About Us
We are PrivateDoc Limited, a digital health clinic providing safe and secure online consultations with a doctor for a range of conditions. Prescriptions are dispensed by Omnicare Pharmacy Ltd and despatched to patients following completed consultation via the Royal Mail/DPD.
We believe in giving you outstanding care and this includes how we treat your personal data. We respect and value your privacy so if you visit our website, www.privatedoc.com, we will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the law.
This policy outlines how we treat your personal data, but if you have any questions about or service please contact our care team on 0333 358 0200.
What this policy covers
This Privacy Policy applies only to your use of www.privatedoc.com website.
What information we collect
Our use of cookies
How we use your information
Identity Checks
Lawful basis for processing personal data
Disclosing your personal information
Where we store your data
How we keep your data secure
How you access, update or correct your information
Retention of your personal information
Contacting us
What information we collect
Personal data
To enable us to provide you with the best possible service and care we will collect personal information about you, gathered through registration, consultation and communication (written and verbal).
- Name
- Date of birth
- Contact information such as email address, postal address and telephone number
- IP address
- Medical history including your GP details and medication previously prescribed
- Consultation information, needed to assess your suitability for treatment, which may include: height, weight, gender, lifestyle and activity.
Our use of cookies
We may use “cookies” on this website. Cookies are used by most website operators to gather small pieces of information that are stored by your browser on your computer’s hard drive and are used to record how you navigate this website on each visit. You can think of cookies as providing a ‘memory’ for the website, so that it can recognise you when you come back and respond appropriately.
- Operational cookies:These are cookies that are required for the operation of our online services. For instance, cookies to enable you to log in to access our services, or cookies that are needed to take advantage of our e-billing services.
- Performance cookies:These cookies allow us to track how our users use our service and which pages you use most. This helps us improve our platform so you can find the things you are looking, ensure our content is more relevant for you and ensure you have the best possible experience.
- Functionality cookies:These cookies allow us to provide you with a more individual experience, we can recognise you by name and tailor the content to be the most appropriate to you.
- Targeting cookies:These cookies record your visit to our site, the pages you visit and the links you click. We use this information to organise our site and content based on your needs. This information may also be shared with third-party providers.
- Advertising cookies:We may use cookies to help us show adverts to you on other websites across the internet. For example, if you view a page on our website about hair loss, we may advertise our hair loss to you on other sites such as Google or Facebook. You can find out more information on behavioural advertising/retargeting, including how to opt out of it, by visiting youronlinechoices.com.
We use cookies to improve our services and site as they enable us to understand the size of our audience, your interests, how you use the site and speed up how you find information. We also use them to recognise when you return to our site. Most browsers automatically accept cookies, but you can change your browser to prevent cookies being stored by following your browsers instructions. If you choose to turn cookies off, this could limit the service we provide to you and may affect your online experience.
For more information about cookies and how to switch them off visit https://www.aboutcookies.org
How we use your information
We will use your personal information ONLY to allow us to provide the services you have requested. Your information will be recorded, used and protected by us in accordance with current data protection legislation, our Terms and Conditions and this Privacy Policy.
We will only share your information with other professional partners whom are directly involved in providing the service and care you have requested.
- Our Care Team
- Our doctors
- Omnicare pharmacy Ltd
- Royal Mail/DPD (Name & Address Only)
- Drug manufacturers for the purposes of research on improving patient experience
We will primarily use your information:
- to register you for a service
- to create and maintain your patient record once you have registered
- to confirm your identity at the point you submit your first consultation via our identity verification partner
- to provide and follow-up the service you request from us, including communication if any service requested are unavailable or if there is a problem/query regarding your order
- to notify you about any changes to our services and send you service emails
- to request your feedback on the service provided
- to respond to your queries, refund requests or complaints. We will keep a record of these queries and any communication between us throughout. This complies with our contractual obligations, legal obligations and legitimate business interest in providing you with the best service possible.
- To carry out market research so that we can improve our services if you consent
- With consent, keep you informed about relevant products, services and offers, by email, telephone, web, or text. You can opt out of hearing from us by any of these channels at any time.
- To continuously improve our service to our customers by monitoring telephone calls to our customer care team for the purposes of staff training, quality control and service improvement.
- To track and analyse activity on our website
- As part of our efforts to keep our website safe and secure
- To comply with relevant law, for example, in response to a request from a court or regulatory body, where such a request is made in accordance with the law.
Identity Checks
PrivateDoc Limited will perform an automated check to confirm your identity at the point that you submit your first consultation on our website.
We will share your name, date of birth and address with a third-party provider to validate your identity.
The third-party provider is contracted to us and they will not use your details for any marketing purposes and your details will not be shared outside that organisation.
By proceeding with a consultation, you agree to this validation being performed.
In the event of you failing the automated check, we will require another form of ID, such as a passport or driving licence in digital format and this will be stored on your profile with us.
Lawful basis for processing personal data
In compliance with GDPR and other regulatory or legal requirements the lawful basis for processing data is as follows:
- Processing your data is necessary for compliance with a legal obligation. We are legally obliged to abide by regulations governing healthcare which require accurate medical records.
- Processing of special categories of personal data or the purposes of preventive or occupational medicine, … medical diagnosis, the provision of health or social care or treatment ….
- Vital Interests – specifically if it is necessary for us to process your data or contact you to protect your health, safety or life.
- Legitimate Interests– your information is used for legitimate interests for our organisation to improve our services to you.
- Your consent– where you have given us clear consent to use your personal data for a specific purpose, such as to receive offers, promotions and newsletters.
Data is collected to provide clinical consultation and dispensing of medicine under regulation of the Medicines Act.
Disclosing your personal information
Your details are not shared or sold to any third parties under any circumstances other than as specifically set out in this policy.
In order to provide our products and services, we may occasionally contract other organisations to carry out some of the processing activities on our behalf. These may include our partner pharmacists at Omnicare Pharmacy Ltd, technology hosts, printing companies, mailing houses and identity verification partners. In these instances, we will ensure you data is properly protected and that it is in used in accordance with our Privacy Policy.
Our doctors are UK registered doctors are contracted through Shori Enterprises. We may occasionally contract clinical support though other Doctor and Pharmacy Services providers. We only share your information with them for the provision of your care and to provide our services to you.
Where we store your data
Your information is stored in the UK on a patient record system.
As part of the services offered to you through this website the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU
These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
How we keep your data secure
All medical records by Both Clinic and Pharmacy will be retained in accordance with “Records Management Code of Practice for Health & Social Care, Jul 2016”
All data at PrivateDoc is stored in keeping with best practice for ISO 27001:2015. This means that your data is securely stored and only accessible to people with the authority to access it via our clinical application.
PrivateDoc’s databases are secured in a private network and access to these databases are granted on an exceptional basis only. Your data is secured by industry standard protocols and firewalls to prevent unauthorised access to information. PrivateDoc operates to a recovery point objective of 15 minutes, which means your data is also securely backed up and protected in the event of any disruption to our IT system.
All access to data is logged so we have a complete audit trail of your data inside of our organisation.
www.PrivateDoc.com is tested quarterly to ensure that high security standards are maintained, this significantly reduces the risk that the site will be compromised and sensitive data will be accessed.
How you access, update or correct your information
You have the right to ask for a copy of any of your personal data held by us (where such data is held). Under GDPR, no fee would normally be payable, and we will endeavour to provide any and all information in response to your request free of charge. Please contact us for more details at [email protected]
You can update or correct your personal information online via your patient record/my account, you can access your account here: Account login. Please update your personal information promptly if it changes. If information changes about your health, please contact our customer care team as this may affect the appropriateness of the medication prescribed to you.
Retention of your personal information
We will only hold your personal data on our systems for as long as is determined by appropriate legislation, or where we have a legitimate and lawful reason to do so. We will not retain any personal data longer than this period that is no longer required for the purposes outlined in this Privacy Policy. Even if we delete your data, your data may still be retained on backup or archival media for legal, tax or regulatory purposes. The retention of your personal data will be subject to periodic review.
For statistical purposes we may keep an anonymised form of your personal data, which will no longer refers to you, without time limits, where we have a legitimate and lawful interest in doing so.
Contacting Us
If you have any questions about Our Site or this Privacy Policy, please contact Us by email at [email protected], by telephone on 0333 358 0200, or by post at PrivateDoc Limited, Unit 7 Wharfside House, Prentice Road, Stowmarket, Suffolk, IP14 1RD, UK. Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you.