Data protection legislation generally differentiates between controllers and processors of personal data to establish the responsibility for such data. It is the controller who determines the purpose and means of the processing of personal data. A processor processes personal information on behalf of a controller based on the controller’s instructions.
Trustedoctor processes personal data both as a processor and a controller. When you share data with a Service Provider through the Trustedoctor Platform (including when you receive care or other services from them), we will mostly only act as a data processor of such data, meaning that we process it “in the background” as instructed by your Service Provider while such Service Provider will be the controller of your data. In other cases, however, Trustedoctor is the controller of your data.
Personal data, or personal information, is any information about a person from which he or she can be identified. It does not include data where the identity has been removed (anonymous data).
Depending on your interactions with us, we may process different kinds of personal data about you for various purposes:
We also process any data about you available on the Trustedoctor Platform as necessary for us to comply with legal obligations placed on us from time to time, including to: (a) prevent prohibited or illegal activities; (b) prevent breaches of Applicable Data Protection Laws; (c) comply with our obligations relating to your personal data, including when you exercise your rights under Applicable Data Protection Laws and make requests; and (d) deal with disputes and legal claims.
We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for any other purpose then, unless you have already given your consent for us to do so, we will notify you, explain the legal basis which allows us to do so and where necessary ask for your explicit consent.
The Trustedoctor Platform allows you to input, upload, store, send and receive content such as text, messages and other communications, and audio, video, images, documents and other files, including medical records and written and imaging reports (collectively, “Content”) through your account.
You control your Content on the Trustedoctor Platform. We will only store your Content, keep it safe and otherwise process it in accordance with your instructions. We do not access or view your Content unless it’s necessary to comply with our legal obligations or enforce our policies, or you expressly give us permission to do so. This may be, for example, where you make an enquiry for or sign up to a service that enables you to receive introductions from us to Service Providers and have given us your permission to access your Content, or where you contact our support team for help with specific Content on your account (such as if you can’t find a file you believe should be on your account) in which case we may ask for your limited permission to look at your Content to the extent necessary.
We collect data about you in different ways:
We do not knowingly collect personal data about children under the age of 18 without the consent of their parent or legal guardian. If you are under 18, please make sure you have permission from your parent or legal guardian before uploading any of your personal data to the Trustedoctor Platform.
In order for us to process your personal data, we need to have a lawful basis for doing so under Applicable Data Protection Laws. Our lawful basis will generally depend on the data in question and the specific context in which we collect it.
We process your personal data primarily on the following legal bases:
Please note that if you receive care or other services from Service Providers on the Trustedoctor Platform, such Service Provider will rely on their own lawful bases for processing your data.
However, we may also at times, depending on the services you use, collect and process special category data about you, such as health and medical information. This will typically be if you make an inquiry for or sign up on the Trustedoctor Platform to a service that enables you to receive introductions from us to Service Providers. We need to do this in order for us to assist you in identifying a Service Provider who is suitable to provide you the services you seek and to ensure they are provided with sufficient information about your case to provide the appropriate care. To lawfully process such special category data, we must, in addition to having a lawful basis, meet a separate condition for the processing. We only process special category data if:
If you have consented to receiving newsletters or marketing messages from us, you can ask us to stop at any time by following the opt-out links on the relevant newsletters or messages or by contacting us. Where you do so, this will not apply to personal data provided to us for other purposes and we will still use your contact information to communicate with you for other purposes (e.g. regarding an appointment you have booked).
We never sell or allow your personal information to be used by third parties for their own marketing purposes.
We may also share your personal data with any other person where we have obtained your explicit consent to do so.
We do not store your personal data on your computer or mobile device. All your personal data is securely stored in the cloud.
The cloud storage servers we use to store your data are based in the European Economic Area ("EEA") and the United Kingdom. We do not transfer or store your personal data outside this area except in certain specific cases. This will typically be where you interact or communicate with a Service Provider or a user of the Trustedoctor Platform who is located outside the EEA or the United Kingdom in connection with the provision or receipt of services, in which case we may transfer your personal data to them as required in connection with those services.
In addition, your data may be transferred outside this area in connection with the provision of services by third-party service providers who act as processors on our behalf and help us enable some of the functions of the Trustedoctor Platform. For example, we use a chatbot business-messenger service to enable live chat and messaging functionality on the Trustedoctor Platform to provide tech support to users. This service is provided by a third-party provider whose servers are based in the United States. The video provider we use to enable video consultations on the Trustedoctor Platform is also based in the United States. While no video or audio media is permanently stored on any of the video provider’s servers, such media may in certain circumstances be temporarily stored in flash memory in the United States for the duration of the video/audio session. We may also use certain other third-party service providers from time to time. We have safeguards in place with all these providers to ensure your data is adequately protected.
In the limited circumstances where we transfer your personal information outside the EEA and the United Kingdom, we will only do so in accordance with Applicable Data Protection Laws, that is, if we can ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is in place:
Please contact us if you want more information about partners we may use who store data outside of the EEA and the United Kingdom or further information on the specific mechanism used by us when transferring your personal data out of this area.
If none of these safeguards are available in respect of a proposed transfer of your personal data outside the EEA and the United Kingdom, we will explain the possible risks to you of the proposed transfer, following which, if you provide your explicit consent, we may proceed with the transfer.
Your personal data may also be transferred and stored outside the EEA and the United Kingdom by Service Providers (or their processors) or by independent third-party suppliers (such as payment service providers). Such transfers are outside our control and you should refer to their privacy notices for more details.
We do not make any kinds of solely automated decisions about you (meaning decisions made without any human involvement) which could affect you in legal or similarly significant ways.
Our staff only have access to your personal information to the extent they need it in order to provide you with access to the Trustedoctor Platform and the services available on or through it.
Communications (including those containing sensitive medical records like operations, habits, permanent medication, drug allergies and permanent diagnoses) internally between our servers (e.g. between application server and databases) are handled via secure socket layer (“SSL”) encryption, providing an industry-standard level of protection for data in-transit. You should always make sure that your browser can validate the Website’s certificate. All uploaded data is stored in encrypted form and the encrypted values generated are signed using a message authentication code (MAC) so that the underlying value cannot be modified once encrypted.
The cloud storage provider that we use has certifications for compliance with the leading security frameworks/standards and holds an array of security compliance certifications, including ISO 27001 (one of the most widely recognised, internationally accepted independent security standards), SOC 1, FISMA, FedRAMP, PCI DSS Level 1, ISO 9001 and ISO 27018. In addition, the provider aligns its HIPAA risk management program with FedRAMP and NIST 800-53, which are higher security standards that map to the HIPAA Security Rule.
All data travelling between your device and our cloud servers is also encrypted using industry standard methods.
Any payment transactions will be processed securely by Paypal or, if you opt for payment via credit card, Braintree (a division of Paypal).
Where we have given you (or where you have chosen) a password to access the Trustedoctor Platform, you are responsible for keeping this password confidential. Your passwords are stored on our servers in encrypted form using a one-way hashing algorithm and you can opt to use two-factor authentication (2FA) to login and access your account. Please be reminded that you must protect any passwords or other credentials associated with your account.
You should be aware that the transmission of information via the internet is never completely secure and we cannot guarantee the security of your data transmitted to the Trustedoctor Platform, although we will do our best to protect your personal data. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Any payments made on the Trustedoctor Platform are handled by third-party payment service providers who operate independently of us. We currently use PayPal and Braintree (a division of PayPal (Europe) S.a.r.l. et Cie, S.C.A.) to handle such payments. PayPal offers mobile and web payment systems for online vendors and Braintree is a PayPal service that handles credit card payments. If you choose to make a payment for a product or service on the Trustedoctor Platform, you will be re-directed to the relevant service provider and will provide your information directly to them. We will also transmit certain data (such as price, currency and unique user ID (client token)) to them. They will process all such data for the purpose of payment processing as an independent controller. We may also receive some limited information from them about you such as transaction ID, credit card number (only the last four digits), total order amount, date and time of transaction and status confirmation (transaction successful or failed)). All processing by PayPal / Braintree (or any other third-party service provider as designated by us from time to time) is governed by their own privacy policies for which we are not responsible. You can access the Privacy Statements of PayPal and Braintree via the following links:
You are in control of and can delete the Content on your account at any time. If you do so, it will no longer be accessible to you or others who may access your account. You should be aware that if you share any Content with another user of the Trustedoctor Platform, copies of such Content may be accessible to them through their accounts even after you delete it from your account.
However, even after you or we delete any of your information, we may retain minimised logs of your account activity for longer periods for legal reasons.
We may occasionally anonymise your information so that it can no longer be associated with you (which, if it includes sensitive data such as health data, we will only do with your explicit consent), for research or statistical purposes, in which case we may use this information indefinitely without further notice to you. For more details about our retention policies, please contact us.
You have certain rights in relation to your personal information, including the following:
|The right to object to processing||You have the right to object to the processing of your personal data in certain situations. You have an absolute right to stop your personal data being used for direct marketing.|
|The right of access||You have the right to request access to your personal data held by us. You also have the right to request a copy, and we will provide you with this unless legal exceptions apply. Certain other people also have a statutory right to apply for access to your health records in case of your death under the Access to Health Records Act 1990.|
|The right to rectification||If the personal data that we process is incomplete or incorrect, you have the right to request their completion or correction at any time, though we may need to verify the accuracy of the new data you provide to us.|
|The right to erasure (also known as the "right to be forgotten")||You have the right to request that we delete your personal data. This is not an absolute right and only applies in certain circumstances, for example, we cannot delete information if there is a legal or regulatory obligation on us to keep it.|
|The right to restrict the processing||You have the right to request that we restrict the processing of your personal data in certain situations: a) if you contest the accuracy of your Personal Data, you may request that its processing is restricted while we verify its accuracy; b) If the processing of your Personal Data is considered unlawful, but you do not require the deletion of your Personal Data; c) If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defence of legal claims; d) If you object to our processing of your data based on our legitimate interests.|
|The right to data portability||You have the right to request that we provide your personal data to you in a machine-readable format. This right can only be used where the data is held electronically and the processing relies on consent or contract and is carried out by automated means.|
|Your rights in relation to automated decisions making and profiling||You have the right to object to decisions based exclusively on the automated processing of your personal data. We do not engage in profiling or any processing related to automated decision-making activity.|
|The right to withdraw your consent||If your personal data is processed based on your consent, you have the right to withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of how we used your personal data before you withdrew consent, and we will let you know if we can no longer provide you with your chosen service.|
You will generally not have to pay a fee to exercise any of your rights as a user, although we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We could also refuse to comply with your request in these circumstances.
When you make a request to exercise your rights, we may need to ask for proof of your identity and/or ownership of your account before fulfilling your request. We may also contact you to ask for further information in relation to your request.
Please note that if your request pertains to data that you have shared with a Service Provider, such Service Provider will be responsible for granting your request.
If you are not satisfied with our response you can contact the UK's Supervisory Authority, the Information Commissioner's Office (ICO) in the UK:
Information Commissioner's Office, Wycliffe House, Water Lane, SK9 5AF, Cheshire, United Kingdom
Phone: 03031231113 (local rate) or 01625545745 (national rate), www.ico.org.uk
Trustedoctor Ltd. is registered with the Information Commissioners Office, registration number ZA217178.
|App||the Trustedoctor mobile application software|
|Applicable Data Protection Law||all data protection laws, regulations and orders relating to the privacy, security, confidentiality and integrity of personal data and the privacy of electronic communications that is applicable to our processing of your personal data, including the EU General Data Protection Regulation 2016/679 (GDPR) and any corresponding national laws and regulations|
|Content||any content, such as text, messages and other communications, and audio, video, images, documents and other files, including medical records such as X-ray and imaging reports, that a user inputs, uploads, stores, sends or receives through their account on the Trustedoctor Platform|
|Controller||as defined in Applicable Data Protection Laws (this typically means a person or entity who, alone or jointly with others, determines the purposes and means of the processing of personal data)|
|personal data (or personal information)||as defined in Applicable Data Protection Laws (this typically means any information about a person who is or can be identified from that information, directly or indirectly (e.g. by reference to an identifier such as a name or location data))|
|processing||as defined in Applicable Data Protection Laws (this typically means any operation performed on personal data such as collection, organisation, storage, transfer, alteration, retrieval, use, disclosure or erasure)|
|processor||as defined in Applicable Data Protection Laws (this typically means a person or entity who processes personal data on behalf of the controller)|
|Private User||a patient, policyholder, customer or other service recipient registered on the Trustedoctor Platform for the purpose of receiving services from Service Providers|
|Professional User||a health specialist, expert, doctor, dietitian, insurance provider, administrator, other healthcare professional or individual such as an adviser or coach registered on the Trustedoctor Platform for the purpose of providing medical or health-related services or assistance|
|Service Provider||collectively, Professional Users and Trustedoctor Partners|
|special category data (also referred to as sensitive data)||as defined in Applicable Data Protection Laws (this typically means personal data relating to race, ethnic origin, politics, religious or philosophical beliefs, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life or sexual orientation)|
|Trustedoctor (or TD)||Trustedoctor Limited, a company incorporated in England and Wales with registered number 10228675 and whose registered office is at Franklin Building, 124 Goswell Road, London, Greater London, United Kingdom, EC1V 7DP|
|Trustedoctor Partner||an individual or entity who has entered into a contract with TD to provide or offer various healthcare and/or related services who employ or are otherwise affiliated with certain Professional Users (and on whose behalf such Professional Users provide their services to Private Users)|
|Trustedoctor Platform (or Platform)||the Website, the App, any other Trustedoctor product and the services that Trustedoctor provides on, through or in relation to them|
|Website||the website Trustedoctor.com or other Trustedoctor owned, operated, licensed or controlled websites and their respective sub-domains|