Privacy Policy - Online Health Optimisation Clinic

Privacy Policy for The Online Health Optimisation Clinic

At The Online Health Optimisation Clinic, our mission is to become the leading global platform for online health, providing convenient access to advice, medical support, and treatment options to help individuals make informed decisions about their wellbeing.

While we understand that legal documents can be tedious, we encourage you to carefully review this Privacy Notice (“Notice”), as it contains essential information about who we are, how and why we collect, store, use, and share your personal information, your rights regarding your personal data, and how to contact us or the appropriate regulatory authority if you have any concerns.

We’ve crafted this policy to be straightforward and easy to navigate. Use the drop-down headings below to find detailed information on specific topics.

What Does This Privacy Policy Cover?

This Privacy Notice applies to any personal information we collect from you or obtain from third parties in the following situations:

When you visit or use our website (our “Site”)
When you create an account with us
When you purchase our products or services
When you engage with our social media channels
When you provide feedback, participate in market research or user testing, or share customer testimonials
When you offer your services to us as a Supplier
When you request information about our products and services

Our Site, products, and services are intended for individuals aged 18 and older. We do not knowingly collect personal information from anyone under the age of 18.

If you disagree with any part of this Notice, we advise you not to sign up for an account, purchase our products or services, or submit any personal information to us.

Who Collects Your Information?

The Online Health Optimisation Clinic Limited is responsible for collecting, storing, using, and sharing your personal information. In this capacity, we act as the “controller” of that personal data. When you see references to “The Online Health Optimisation Clinic,” “we,” “our,” “us,” or “the Company” in this Notice, it refers to The Online Health Optimisation Clinic Limited (company number XXXXXXXX). For our contact details, please refer to the “Contact Us” section of this Notice.

Useful Terms

Customer: An individual who creates an account on our Site, whether or not they purchase products or services from The Online Health Optimisation Clinic.
Website Visitors: Individuals who visit our Site, which may include Customers.
Suppliers: External vendors and providers who offer products and/or services to The Online Health Optimisation Clinic.
Personal information/personal data: Any information that can identify an individual, either directly or indirectly. This does not include anonymised data where personal identity has been removed.

We hope this Privacy Notice clarifies how we handle your personal information. For further details, feel free to explore the sections below or contact us directly.

What Personal Information Do We Collect?

We collect, use, store, and transfer various types of personal information to provide and improve our services. We categorize the data as follows:

Identity Data: This includes your first name, last name, username, password, date of birth, user/device identifiers, job title, and company.
Contact Data: Information such as your email address, home or business address, phone number, and professional/social network contact details.
Financial Data: This may include (i) credit card or billing information for payment processing and address verification, and (ii) bank details for payment if you provide services to us.
Transaction Data: Details of payments and purchases made. In some cases, Transaction Data may include Health Data.
Technical Data: Includes your IP address, browser type and version, time zone, location, browser plug-ins, operating system, platform, and other technical information regarding the devices you use to access our Site.
Usage Data: Information on how you use our Site, including page visits, duration of visits, actions taken, and interactions with our social media channels.
Audio/Visual Data: Your image and/or voice.
Assessment Data: Information provided via questionnaires or during consultations with clinicians to evaluate your suitability for a product or service. This may include Health Data.
Feedback Data: Feedback you provide during user testing, market research, or as part of customer testimonials. Depending on the content, this may also include Health Data.
Marketing and Communications Data: Your preferences for receiving marketing communications from us.
Health Data: Information about your current health or medical history, including health conditions and consultation notes.

How Do We Use Your Personal Information?

Customers

When you create an account on our Site, we collect and process your Identity Data and Contact Data. To manage your account, we also process Technical Data, Usage Data, Transaction Data, Assessment Data, Audio/Visual Data, and Marketing and Communications Data. To assess your eligibility for specific treatments or services, we may need to process your Assessment Data and, in some cases, your Audio/Visual and Health Data.

If you purchase products or services, we will use your Identity Data, Contact Data, Transaction Data, and Financial Data to process your payment and fulfil the transaction. Where necessary, we may also process your Health Data to assess suitability and prescribe medication.

Certain services may involve consultations with medical professionals. To facilitate these consultations, we will process your Identity Data, Contact Data, Audio/Visual Data, and Assessment Data.

We may anonymize your data for clinical research purposes, service improvement, and contributing to public understanding of health treatments. Your personal identification will only be shared with third-party researchers if you provide explicit consent or if required by law.

Feedback and Market Research

If you participate in market research, user testing, or provide a customer testimonial, we will process your Identity Data, Contact Data, Transaction Data, Audio/Visual Data, and Feedback Data.

Marketing Communications

If you opt into our mailing list or request to receive information on freebies, discounts, or special offers, we will use your Contact Data and Marketing and Communications Data to send promotional content according to your preferences.

We may also use this data to display advertisements on social media channels like Facebook, Twitter, Instagram, and TikTok, based on your preferences. Social media companies may process your personal data as joint controllers when you interact with our content. We encourage you to review the privacy policies of these social media platforms for more information.

We are committed to protecting your privacy while ensuring you have access to the information and services you need to make informed health decisions.

How Do We Use Your Personal Information?

Customers

As a customer, we may use your personal information in the following ways:

Identity, Contact, and Transaction Data: To manage and maintain our relationship with you, including responding to your inquiries and communications.
Contact Data: To send important transactional and service-related messages about your orders or account.
Identity, Contact, Transaction, Financial, Audio/Visual, and Assessment Data: To provide customer service and support.
Identity, Contact, Transaction, Assessment, Usage, and Technical Data: To detect and resolve technical issues, maintain the Site, and enhance your user experience.
Identity, Contact, Transaction, Assessment, Audio/Visual, Usage, and Technical Data: To analyse, assess, and improve the Site and our products and services.
Identity, Contact, Transaction, Technical, Usage, Assessment, Audio/Visual, and Feedback Data: To manage daily business operations (e.g., maintaining data systems, backups, insurance, etc.).
All categories of personal data: To comply with legal or regulatory requirements or to establish, exercise, or defend legal claims.

Website Visitors

When you visit our Site, we automatically collect Technical Data and Usage Data through cookies and similar technologies to:

Deliver relevant content.
Measure the effectiveness of our content and improve our Site, marketing, and user experience.
Protect and administer the Site.

If you complete a pre-treatment assessment as an unregistered user, we will process your Identity Data and Assessment Data to determine your suitability for treatment. If you contact us through our Site, we will collect your Identity Data and Contact Data along with the content of your message.

Social Media Users

We use social media platforms (e.g., Facebook, Twitter, Instagram, TikTok) to advertise our products and services. If you engage with our channels, we collect Usage Data and Technical Data to analyse user interaction. If you contact us through social media, we will use your Contact Data and message content to communicate with you. If you engage with our social media advertisements, we may collect your Identity, Contact, and Marketing and Communications Data based on your preferences.

Please note, when you interact with our social media channels, the platform may also process your data as a joint controller. We encourage you to review the privacy policies of the respective social media platforms.

Suppliers

If you are a Supplier, we collect Identity Data, Contact Data, Transaction Data, and Financial Data related to you or your organization during the creation, negotiation, and management of contracts and services. We may use:

Identity, Contact, and Transaction Data: To maintain and update contact details in our system and manage our relationship with you.
Identity, Contact, Transaction, and Financial Data: To administer business dealings, obtain services, and meet legal obligations.
All categories of personal data: To comply with legal or regulatory requirements or establish, exercise, or defend legal claims.

Other Individuals

If you agree to participate in market research or user testing, we may process your Identity Data, Contact Data, Audio/Visual Data, and Feedback Data to analyse your feedback and identify opportunities for improving the Site and our products and services.

What is Our Legal Basis for Processing Your Personal Information?

For Customers

Contract Performance: We process your personal data to create, manage, and administer your account, assess your treatment suitability, and process transactions as part of our contractual obligations to you.
Healthcare Purposes: If we process your Health Data (e.g., medical history, photos) for diagnosis, treatment, or management of healthcare services, we do so under the responsibility of a health professional. Note: You may not always have the right to erase your Health Data due to the need for clinical governance and safe record-keeping.
Consent: We rely on your consent to process data for feedback collection (market research, user testing, testimonials) and to send marketing communications.
Legitimate Interests: We process personal data for site maintenance, customer service, troubleshooting, business operations, and legal claims when necessary for our legitimate interests, provided that your rights are not overridden.
Legal Obligations: We process personal data when required to comply with legal or regulatory obligations (e.g., disclosures to regulators).

For Website Visitors

Legitimate Interests: We process personal information to deliver relevant content, improve the Site’s effectiveness, user experience, and marketing, and respond to contact messages, as we believe these activities support our legitimate interests without infringing on your rights.
Pre-Contractual Steps: If you complete a pre-treatment assessment, we process your data to take necessary steps before entering a contract. Health Data processing is carried out for healthcare purposes under the responsibility of a health professional.
Consent: We rely on your consent for data collection through cookies for analytics purposes. For more information, please refer to our Cookie Policy.

How We Use Your Personal Information

Social Media Users

Engagement and Communication: We process your personal information to analyse engagement with our social media channels and to communicate with you. This processing is necessary for our legitimate interests, and we believe that your rights and interests do not override these.
Marketing: If we process your personal information to send you information about our products and services, we do so on the basis of your consent.

Suppliers

Contractual Obligations: We process your personal information during the creation, negotiation, and management of contracts and while receiving products or services from you. This is necessary to perform the contract we have with you.
Legal Obligations: If required by law, we will rely on legal obligations to hold or disclose your personal information (e.g., to regulatory authorities).
Legitimate Interests: We process your personal information to administer and manage our business relationship with you, as well as for other purposes outlined in this notice, in a way that balances our legitimate interests with your rights.

Other Individuals

Market Research & User Testing: We process your personal information to obtain feedback for market research or user testing, based on your consent.

How We Collect Personal Information About You

We collect personal information from the following sources:

Directly from You: Information you or someone authorized to act on your behalf provides directly, including during consultations with our clinicians or through communications via phone, email, or web forms.
Third-Party Sources: If you are a supplier, we may collect publicly available information from sources like professional networking sites (e.g., LinkedIn) or general market research.
Automatic Collection: We automatically collect certain technical and usage data when you visit our Site (e.g., through cookies).

Who We Share Your Personal Information With

We may share your personal information with the following third parties:

Partner Clinicians: When you purchase a service, we may share your information with Partner Clinicians who act as independent data controllers. They provide services such as consultations, clinical assessments, and prescribing medication. Please review our Website Terms of Use and Terms of Sale for more details.
Professional Advisors: We may share personal information with professional advisors (e.g., lawyers, accountants, insurers) to perform services necessary for our business.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to new owners.
Legal Compliance: We may be required to disclose personal information to comply with legal obligations.

Security and International Data Transfers

Security

We employ industry-standard security measures to protect your personal data from accidental loss, unauthorized access, or unlawful use. However, no electronic storage or transmission method is 100% secure. We take all necessary steps to protect your data, but we cannot guarantee absolute security. Access to your personal data is limited to those who need to know for business purposes and are bound by confidentiality obligations.

In the event of a suspected data breach, we will notify you promptly if there is a risk to your personal data.

We recommend that you take precautions to secure your data online, such as following security guidelines from reputable organizations like the NHS or BCS Chartered Institute for IT.

International Data Transfers

Some of our service providers may be based outside the UK, including in the USA, Pakistan and Nepal. If we transfer your data internationally, we ensure that appropriate safeguards are in place, such as using International Data Transfer Agreements or Standard Contractual Clauses. For more details on these safeguards, please contact our Data Protection Officer at [email protected].

Use of Cookies and Similar Technologies

We use cookies and similar technologies to learn how you interact with our website. You can set your browser to block or alert you about cookies, though this may affect your experience on the site. For more information, please see our Cookie Policy.

Third-Party Links and Services

Our website may contain links to third-party websites, plug-ins, and applications. These third parties may collect your data, and we are not responsible for their privacy practices. Please review the privacy notices of any third-party websites you visit.

Retention of Personal Information

We retain personal information only as long as necessary for the purposes for which it was collected, including legal, accounting, or reporting requirements. Factors we consider when determining retention periods include the sensitivity of the data, the risk of harm from unauthorized use, and any applicable legal requirements.

Marketing

You may opt out of receiving marketing communications from us at any time by following the unsubscribe link in any email or by contacting [email protected]. Opting out of marketing does not affect your ability to receive important service-related messages.

Your Rights

You have certain rights regarding your personal data, including:

Access: Request a copy of your personal data and other supplementary information.
Correction: Request corrections to inaccurate or incomplete data.
Erasure: Request the deletion of your data in certain circumstances, although legal requirements may prevent us from deleting certain medical records.
Data Portability: Receive your personal data in a machine-readable format and transfer it to another controller.
Object: Object to processing for direct marketing or automated decision-making.
Restrict Processing: Request a pause on processing while the accuracy or purpose is verified.
Withdraw Consent: Withdraw your consent where consent is the basis for processing.

If you wish to exercise any of these rights, please contact our Data Protection Officer at [email protected].

Complaints

If you have concerns about our use of your personal data, you can file a complaint with the Information Commissioner’s Office (www.ico.org.uk) in the UK.

Changes to This Privacy Policy

This policy was last updated on 30 October 2023. We may update this policy periodically to reflect changes in how we handle personal information or comply with legal obligations. Please review this notice regularly to stay informed.

Contact Information
For any inquiries or requests regarding this privacy policy, please contact us at [email protected].