Privacy Policy

1. Privacy Policy

Doctify Limited (“Doctify”, “we” or “us”) are committed to protecting your privacy. This Privacy Policy describes the ways we collect information from you when you use our websites, apps and booking platforms (the “Doctify Network”), or interact with us any other way. It should be read in conjunction with the Website terms and conditions of use.

2. A summary of the data Doctify collects, and why

Doctify needs to collect, process and store personal information about you in order to provide our service of connecting patients with the most appropriate healthcare provider, and for you to review them. Your healthcare provider may also contact you separately from Doctify to ask for your feedback.

If you are a patient, the personal data we will process to facilitate your booking depends on your healthcare provider, but usually includes detailed personal information such as name, age, sex, date of birth, contact details (telephone numbers and email addresses) insurance authorisation code, address, details of your general practitioner, insurance policy number, healthcare provider booked, patient registration number (PHIN questions only), time of booking, date and location of booking and other relevant free text. If you receive a reply to one of your reviews, we’ll use your mobile number to let you know, unless you’ve asked us not to.

If you are a healthcare provider, the personal data we will handle includes but is not limited to, age, sex, date of birth, contact details (telephone numbers and email addresses), details of your place of work, your qualifications, key search words, patient booking slots and/or languages spoken.

More detail on this is available in section 3 below.

3. More detail about the data Doctify collects, and the lawful basis

If you are a patient, we collect the following personal data from you when you use the Doctify Network

What do we collect?What is our lawful basis?
The information you leave when reviewing a healthcare provider. That data being made public by the data subject and because use of the data is in the public interest in the area of public health.Our legitimate interest to connect patients with reliable healthcare providers and (for special category data) that data being made public by the data subject.
Your contact details that you provide in order for us to provide
you with further information on our services, including technical updates and service information.
Our legitimate interests to keep you informed about our services and provide you with service updates.
Marketing information, such as our newsletters and offers.Your consent.
Information you provide when making an account with us, an
d filling in appointment booking forms on the Doctify Network,
such as to find an appropriate healthcare provider.
Our contract with you to process your enquiry and
connect you with the most appropriate Healthcare
Provider.
If you contact us with general customer service queries or report a problem with the Doctify NetworkOur legitimate interest to provide excellent customer service.

When you make a booking, we share your personal data with the organisations involved in providing care to you – usually your insurance company and your healthcare provider. 

If you are a healthcare provider, we collect the following personal data from you when you use the Doctify Network

What do we collect?What is our lawful basis?
Comments, reviews and feedback about your services, which are generally available to the public via the Doctify Network.Our legitimate interest to connect patients with reliable healthcare providers and (for special category data) that data being made public by the data subject.
Your contact details that you provide in order for us to provide you with further information on our services including technical updates, service information and/ or marketing information.Our legitimate interest to keep you informed about
our services and provide you with service updates.Or where you have opted-in to receive these communications, your consent.
Information you provide by filling in forms on the Doctify Network as a Healthcare Provider.Our legitimate interest to connect patients with reliable healthcare providers.
If you contact us with general customer service queries or report a problem with the Doctify Network.Our legitimate interest to provide excellent customer service.

4. Protecting and sharing information

As mentioned above, we only share identifiable information about patients to facilitate their care. Identifiable information about healthcare providers is shared as part of the reviews left by patients across the Doctify Network, which are generally available to the public. We may also share publicly available review data with insurance providers. 

We also create anonymous data from the personal data flowing through the Doctify Network. This may include, for example, statistics on how many people experienced a particular injury in a geographical area. We do not commercialise patient identifiable data.

If our business is sold, we will transfer your data to the purchaser because we have a legitimate interest to ensure our business can be continued by the buyer. We may also be required to disclose your data if we are under a legal obligation to do so. Unless we are prevented from notifying you (such as by a court order) we will always notify you before we disclose your data in this way.

We use other companies to provide payment processing, maintenance, hosting and database management services to us. These companies have access to your data (but they have signed strict contracts under which they can only use your data in the way we tell them to). 

5. How long do we hold your data for?

Where you sign up to our Doctify Network as a patient or a healthcare provider we will store your data for a period of 6 years from the date the contract between us has been terminated.

Where you are only receiving technical or marketing information from us, we will store your contact details until you unsubscribe, or withdraw your consent to receive these communications from us. Please keep in mind that very limited details (your email address) may be retained by us in accordance with data protection law to ensure we don’t contact you again.

Where you provide information in connection with reporting a problem with our service, we will store any such information for as long as reasonably required to fix such a problem and prevent any future occurrences but in any event, no longer than 6 years.

Where you contact us and we keep a record of that correspondence we will keep that for as long as is reasonably required.

6. Storage of your data

The data we collect from you is stored on our servers and third party servers which are based:

  1. for providers and patients resident in the UK and the EEA, in the UK and EEA (and in certain limited circumstances and at all times in accordance with the law, outside of the UK and EEA). 
  2. for providers and patients resident in the UAE, in the UAE (and in certain limited circumstances and at all times in accordance with the law, outside of the UAE). 
  3. for providers and patients resident in Australia, in Australia (and in certain limited circumstances and at all times in accordance with the law, outside of Australia).

When working with our third party sub-processors we may also need to transfer your personal data outside of the UK, EEA, UAE or Australia, respectively.

Whenever we transfer your personal information outside of the UK, EEA, UAE or Australia (where relevant), we ensure it receives additional protection as required by law. To keep this Privacy Policy as short and easy to understand as possible, we haven’t set out the specific circumstances when each of these protection measures are used. You can contact us at dpo@doctify.com for more information about this.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with data protection legislation as well as this Privacy Policy.

7. Your rights under data protection law

You have various other rights under applicable data protection laws, including the right to:

  • access your personal data (also known as a “subject access request”);
  • correct incomplete or inaccurate data we hold about you;
  • ask us to erase the personal data we hold about you;
  • ask us to restrict our handling of your personal data;
  • ask us to transfer your personal data to a third party; 
  • object to how we are using your personal data; and
  • withdraw your consent to us handling your personal data.

Privacy law is often complicated, and whether these rights are available to you sometimes depends on the types of data we are handling about you. If you would like to exercise any of these rights, please contact us at dpo@doctify.com.

Right to complain: If you wish to complain about our use of your personal data you may complain to the UK Information Commissioner’s Office (ICO) which can be contacted in writing at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, telephone (0303 123 113) or by email at casework@ico.org.uk.

8. Cookies

We use cookies (small files which remember a user’s electronic device) to help improve the Doctify Network in a variety of different ways. For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy.

9. The internet

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your User Data, we cannot guarantee the security of your User Data transmitted to our Doctify Network; any transmission is at your own risk. Once we have received your User Data we will use procedures and security features to try to prevent unauthorised access.

Our Doctify Network may, from time to time, contain links to other Sites which are outside our control and are not covered by this Privacy Policy. If you access other Sites using the links provided, the operators of these sites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours. We do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

10. Information about us

We have worked hard to produce a short Privacy Policy that clearly explains how your data is used.

Your feedback and suggestions on this Privacy Policy are very welcome. If you feel that we have overlooked an important perspective or used language which you think we could improve, please let us know by contacting us at dpo@doctify.comOr you can write to us at our registered office: Doctify Limited, 4th Floor, 43 Berkeley Square, London, England, W1J 5FJ.

This privacy notice was last updated on 5 January 2023.