Privacy Policy

Trustedoctor Limited ("we", “us” or “our”) is committed to protecting and respecting your privacy.


This policy (together with our Terms of Website Use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.trustedoctor.com (the “Website”) and by using our services, your personal data will be used as set out in this policy.


For the purpose of the data protection legislation, the controller is Trustedoctor Limited of 27 Commerell Street, London, SE10 0EA.


We reserve the right to amend or modify this Privacy Policy at any time and in response to changes in applicable law.


Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.


This Privacy Policy was last reviewed on 24/05/2018.


Information we may collect from you

We may collect and process the following data about you as a User as defined in the Terms of Website Use:

Information you give us.


You may give us personal information by filling in forms on the Website or by corresponding with us by phone, e-mail or otherwise. This includes in the following instances:

when you register to use the Website as a Patient or Health Specialist (each defined in the Terms of Website Use);

uploading medical records to the Website;

searching for a Health Specialist;

placing an order on the Website;

participating in a telephone conversation via the Website;

participating in a video-consultation via the Website;

participating in discussion boards and other social media functions on the Website;

when you report a problem with the Website or contact us directly on another matter.


The information that you provide to us may include your name, address, date of birth, e-mail address and phone number, financial and credit card information, gender, photographs, medical history and records and any other information you directly provide us with.

For the avoidance of doubt, any reference in this Privacy Policy to your data shall include data about other individuals that you have provided us with. You represent and warrant to us that you have obtained the express consent from the individuals whose data you provide us with.


We will hold the above information for as long as is necessary in order to provide you with the service on the Website, deal with any specific issues that you may raise, establish, exercise or defend a legal claim or otherwise as is required by the law of England and Wales. We keep the information in line with industry standard practices as set out in the Records Management Code of Practice for Health and Social Care 2016.


Information we collect about you.

With regard to each of your visits to the Website we may automatically collect the following information:

information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number; and

technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.


Information we receive from other sources.

We are also working closely with third parties (including, for example, business partners, charity partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.


Special Category Personal Data

In order to provide you with the service, we must process data relating to your health. We require your explicit consent in order to do this and this is obtained when you complete the registration form. You have the right to withdraw this consent at any time. If you do not wish to provide consent, or if you wish to withdraw your consent, then we will not be able to provide you with the services. You can of course obtain medical advice from other providers at any time.


Cookies

The Website uses cookies to distinguish you from other users of the Website. This helps us to provide you with a good experience when you browse the Website and also allows us to improve the Website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

Uses made of the information


We use information held about you in the following ways:

With your consent:

to provide you with our newsletter and other information about our services we feel may interest you. We will contact you only if you have consented to this. If you consent to us using your data in this way and/or passing your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form);

to support medical research carried out by our business and charity partners where you have expressly provided consent for us to use your data in this way. If you consent to us using your data in this way, please tick the relevant box situated on the form on which we collect your data for this purpose;

Pursuant to a contract:

to generally carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;

to schedule appointments between Health Specialists and Patients, as applicable to you;

to process appointments, orders, registrations and enquiries;

to send appointment confirmation and reminders;

to enable Health Specialists to perform analyses on potential health issues or treatments, provided that Patients choose to use the applicable services;

to enable Health Specialists to refer Patients to, and make appointments with, other Health Specialists on the Patients’ behalf;

to allow you to participate in interactive features of our service, when you choose to do so;

to highlight Health Specialist services on the Website;

to notify you about changes to our service;

to monitor compliance with our Terms of Website Use, the Introduction Contract and the Health Specialist Services Agreement;

to provide you with information about the Health Specialists who may be suitable to provide the Medical Services you seek. This is based on information that you provide to us such as geographical location and medical specialty. In an effort to assist you in locating a Health Specialist and to enable the maximum choice and diversity of the Health Specialists offering Medical Services via the Website, your search results will also be based on our rating calculated by various inputs including, but not limited to, number of journal articles that the Health Specialist has written, patient base, years of qualification, number of surgeries performed, academic recognition, professional endorsements. Our system uses all these inputs to make an automated decision on which Health Specialists are suitable for you.

To comply with legal obligations:

to prevent fraud and other prohibited or illegal activities;

to protect personal data;

to comply with any other legal obligations placed on us from time to time.

In our legitimate interests to run a successful and continuing business and provide the best service to you:

to protect the rights and safety of our affiliated entities and third parties, as well as our own;

to ensure you receive information relevant to you;

to administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

to ensure that content from the Website is presented in the most effective manner for you and for your computer; and

as part of our efforts to keep the Website safe and secure.


Disclosure of your information

We may share your information with a limited number of third parties including:

to our business partners, suppliers and sub-contractors for the performance of any contract we enter into with you;

to our business and charity partners for the performance of medical research where the data has been aggregated and can no longer be linked to you as an individual; and

analytics providers using analytics built internally to our systems that assist us in the improvement and optimisation of the Website.

if Trustedoctor Limited or substantially all of its assets are acquired by a third party personal data held by us about our customers will be one of the transferred assets in order to maintain service continuity under our contract with you. We will not transfer any health data without first obtaining your consent.

If you consent to us disclosing your data in this way, please tick the relevant box situated on the form on which we collect your data (the registration form).

We may disclose your personal information to third parties in any event:

if we are under a duty to disclose or share your personal data in order to comply with any legal obligation;

in order to enforce or apply our Terms of Website Use, the Introduction Contract, Health Specialists Services Agreement and any other relevant agreements;

or to protect the rights, property, or safety of Trustedoctor Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;

for the establishment, exercise or defence of legal claims; or

as outlined in this Privacy Policy.


Where we store your personal data

The data that we collect will be stored on the cloud based in the European Economic Area ("EEA"). From there the data may be transferred to, and stored by, Health Specialists operating outside the EEA and processed by their employees or subcontractors to fulfill the services that you have requested. We will only do this where you have consented to the transfer.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. We use Commission approved model clauses in our contracts with third parties outside the EEA to ensure personal data is treated with an appropriate level or security and confidentiality. Please contact us if you would like a copy of the model clauses.


Safeguarding personal data

The communication (including sensitive text data like medical records, including operations, habits, permanent medication, drug allergies and permanent diagnoses) internally between our servers (e.g. between application server and database) is handled via secure socket layer (“SSL”) to provide encryption and all information between our servers and your browser is handled via SSL encryption, providing an industry-standard level of protection for data in-transit. You should always make sure that your browser can validate the Website’s certificate. All encrypted data is signed using a message authentication code (MAC) so that the underlying value cannot be modified once encrypted.The cloud platforms that we use maintain certification with robust security standards, including:

SSAE16 / ISAE 3402 Type II: SOC 2 and SOC 3 public audit report

ISO 27001, one of the most widely recognized, internationally accepted independent security standards.

PCI DSS v3.0

HIPAA BAA

Data travelling between a customer’s device and our cloud platform is also encrypted.

Any payment transactions will be processed securely by Paypal or credit card.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. Your passwords are stored on our servers in encrypted form using a one-way hashing algorithm. Please be reminded that you must protect any passwords or other credentials associated with your account for the Service, and take full responsibility for any use of the account under your password. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data transmitted to the Website, although we will do our best to protect your personal data. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

Where processing of your personal data is based on consent, you can withdraw that consent at any time. Please note that if you withdraw consent for processing activities which are essential to the provision of our services to you then we will be forced to cease provision of those services. You will remain liable for any fees or costs incurred as a result of your requests for service prior to withdrawal of consent, as set out in the Terms of Website Use.

You have the following rights. You can exercise these rights at any time by contacting us at [email protected] You have the right:

to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes;

to ask us not to process your personal data where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing;

to ask us not to process your personal data for scientific or historical research purposes, where relevant, unless the processing is necessary in the public interest.

to request from us access to personal information held about you;

to ask for the information we hold about you to be rectified if it is inaccurate or incomplete;

to ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation or the data is children’s data and was collected in relation to an offer of information society services;

to ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing);

to ask for data portability if the processing is carried out by automated means and the legal basis for processing is consent or contract.

Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details above. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/.

The Website may, from time to time, contain links to other third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability in respect of these policies. Please check these policies before you submit any personal data to these websites.


Contact

Questions, comments and requests regarding your personal data, the personal data of others that you have provided, or this Privacy Policy are welcomed and should be addressed to 27 Commerell Street, SE10 0EA, London, UK or [email protected]



Information about our use of cookies

Our website www.trustedoctor.com, (the “Website”) uses cookies to distinguish you from other users of the Website. This helps us to provide you with a good experience when you browse the Website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to log into secure areas of the Website, use a shopping cart or make use of e-billing services.

Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the Website when they are using it. This helps us to improve the way the Website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies. These are used to recognise you when you return to the Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Cookie Name

Cookie type

Purpose

td_session

session cookies

This cookie is essential for our site to store user session to estimayte our audience size and usage pattern.

XSRF-TOKEN

session cookies

This cookie is essential to allow us to verify the user and to optimize the service performance. We store information about your preferences, and so allow us to customize our site and to provide you with service that is targeted at your individual interests.

cfduid

session cookies

This cookie is essential for our site to store user session to estimayte our audience size and usage pattern.

Except for essential cookies, all cookies on our Website will expire after 2 hours.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

How can you control cookies?

Cookies can be controlled by your web browser settings. Whether our cookies are used will depend on your browser settings, so you are in control. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please use the following links:

Internet Explorer cookies information

Chrome cookies information

Firefox cookies information

Safari cookies information

Please be aware that by blocking all cookies you may not be able to access or use all the features of our website and you will not receive a personalised service.

Our website unfortunately does not support your browser.
Please click here to download and install modern browser.
Supported browsers: Firefox, Chrome, Opera.