Privacy Policy

Privacy Policy

PracticeHub Limited ("We") are committed to protecting and respecting your privacy.

This Privacy Policy (“Privacy Policy”), together with our Customer Terms and any other documents referred to in this Privacy Policy, sets out the basis on which any personally identifiable information (“Personal Data”) we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it in respect of your use of practicehub.io (“the Service”).

By using the Service, you are accepting the terms of this Privacy Policy. In the event of a conflict between the terms of this Privacy Policy and the Customer Terms, the Customer Terms will prevail.

Information we may collect from you

The Company will collect and process the following personal information:

Information you give us.

If you decide to register with or use the Service you will be asked to provide certain information about yourself. You will voluntarily provide us with Personal Data which includes your name, email address and contact details when you:

  • Purchase or register to use the Service.
  • Sign up to use the Services via an integrated service, such as Google.
  • Request and receive Customer Support.
  • Provide billing and payment information.
  • Register for offers or events.
  • Post comments on our website.
  • Participate in discussion boards or other social media functions on our website.

Patient Data

This is information you enter into PracticeHub or one of it's apps about your Patients when using PracticeHub and our Services. This Patient Data may be supplied by you when you:

  • Use our Services in the course of your business
  • Use PracticeHub in the course of your business
  • When you report a problem with our Site.

This Patient Data may be processed by us for the purposes of:

  • Storing Patient Data on PracticeHub
  • Storing Patient Data on our servers
  • Supplying you with our products and Services
  • Enabling and assisting us to comply with all legal, regulatory and compliance obligations to which we are subject
  • Ensuring the security of our Services, maintaining back-ups of our databases and sending communications to you
  • Providing information to your clients/ patients through our or your app
  • Providing information through the secure API links you set up

Information we collect about you. Each time you use the Service we may automatically collect the following information:

Technical information that your browser sends whenever you visit a website or your mobile app sends when you are using it. This log data may include your Internet Protocol (IP) address, the address of the web page you visited before using the Service, your browser type and settings, the date and time of your use of the Service, information about your browser configuration and plug-ins, language preferences and cookie data.

Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

We may also collect publicly accessible data about you from social media websites that you visit when using the Service.

We may also collect non-personally identifiable information (e.g. gender and location) to assist in providing the Service to you. Non-personally identifiable information by itself cannot be used to identify or contact you. However, this information may be combined with other identifiers in a way that enables you to be identified.

By submitting your Personal Data and non-personally identifiable information, you consent to the collection, use and transfer of your information in accordance with the terms of this Privacy Policy.

Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected via the Service. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

We employ the use of an AI named 'Fin' to assist us in answering customer support queries.
Fin is AI-powered technology that facilitates customer support conversations through the Intercom platform (which we use to monitor CS queries) and is powered by large language models (LLM) provided by third party AI companies (“Third Party LLM Provider”) as well as Intercom’s proprietary machine learning.

  • Processing by Third Party LLM Providers. When using Fin, Third Party LLM Provider acts as a sub-processor of personal data submitted to Fin, including personal data that may be contained in Inputs or other Customer Data. All personal data processing activities will be governed by the DPA in place between Intercom and Customer (visible here; https://www.intercom.com/legal/data-processing-agreement).
  • Location of Processing. Currently, Third Party LLM Provider’s services are hosted in the United States only. Any personal data sent to such Third Party LLM Providers will be processed in the United States.
  • Inputs and Outputs. Questions, data, content or information submitted to Fin are deemed Customer Data under the Agreement and subject to the rights, restrictions and obligations applicable thereto.
  • Accuracy. Outputs may contain material inaccuracies and may not reflect correct, current or complete information.
  • Uses made of Information

    Lawful Grounds for the Company’s processing activities

    When the Company processes Personal Data, whether as Data Controller or as Data Processor, we will rely on the following lawful grounds for processing of each of the categories of data identified above.

    Customer Data – the legal basis for this processing is:

    • Because this is necessary in order for us to supply the Services to you and perform our contract with you and/or taking steps at your request to enter such a contract
    • Because this is necessary for the purposes of our legitimate interests (or those of a third party).

    Patient Data – the legal basis for this processing is:

    • Consent from the Patient/data subject
    • Because this is necessary for your use of of PracticeHub and the supply of our Services to you in accordance with our contract
    • Your legitimate interests, namely the supply of your services to your Patients.

    We will only use information held about you for the following purposes.

    Information you give to us:

    Company data may be processed for the purposes of:

    • To understand and improve our Services to you.
    • To ensure that content from our Service is presented in the most effective manner for you and for your computer.
    • To communicate with you by responding to your requests and sending you emails and messages about invoicing and account management.
    • To administer your account and keep track of billing and payments.
    • To keep the Service secure by investigating and preventing abuse and fraud.
    • To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us.
    • To provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about.
    • To notify you about changes to our Service.

    Information we collect about you. We will use this information:

    • To administer our Service and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
    • To improve our Service to ensure that content is presented in the most effective manner for you and for your computer.
    • To allow you to participate in interactive features of our Service, when you choose to do so.
    • To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
    • To make suggestions and recommendations to you and other users of our Service about services that may interest you or them.

    By using the Service, you agree that we can access, aggregate and use non-personally identifiable data we have collected from you. This data will in no way identify you or any other individual. We may use this aggregated non-personally identifiable data to:

    • Assist us to better understand how our customers are using the Service.
    • Provide our customers with further information regarding the uses and benefits of the Service.
    • Provide useful business insights from the aggregated data.
    • Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive). By using the Service, you consent to Personal Data being collected, held and used in this way and for any other use you authorize.

    Patient Data may be processed for the purposes of:

    • Storing Patient Data on PracticeHub
    • Storing Patient Data on our servers
    • Supplying you with our products and Services
    • Enabling and assisting us to comply with all legal, regulatory and compliance obligations to which we are subject
    • Ensuring the security of our Services, maintaining back-ups of our databases
    • Requested information within the App

    Disclosure of your information

    We may share your Personal Data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

    Information we share with third parties. We may share your information with selected third parties including:

    • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you and for the purposes of providing part of the Service to you. Such third parties supply the hardware infrastructure, storage and associated services necessary for us to provide the Service. All information submitted to third parties will be encrypted using SSL technology. By using our websites and/or the Service you consent to our third party service partners having access to your Personal Data.
    • Analytics and search engine providers that assist us in the improvement and optimization of our Service.

    Personal Data we disclose to third parties. We follow strict guidelines in the storage and disclosure of information which you have given us, to prevent unauthorized access. We comply with the laws of the countries from which we operate. We may disclose your Personal Data to third parties:

    • In the event that we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets.
    • If PracticeHub Limited or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets.
    • If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply our Customer Terms and/or any other agreements; or to protect the rights, property, or safety of PracticeHub Limited, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

    In complying with court orders and similar legal processes, we strive for transparency. When permitted, we will make a reasonable effort to notify users of any disclosure of their information, unless we are prohibited by law or court order from doing so, or in rare, exigent circumstances.

    Your rights

    Consent If you wish to subscribe to our marketing communications, we will use your name and email address to send communications to you. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You may elect to stop receiving our marketing emails by following the unsubscribe instructions included in such emails.

    We send push notifications from time to time in order to update you about any Service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your account. If you change your mind about being contacted in the future, please click on the opt out options included in emails or the Service and we will remove you from our mailing lists.

    Access to information You have the right to access information held about you.

    Right to deletion, rectification and data export. We permit you to delete, rectify and export information you have provided to us, subject to the conditions of our Customer Terms and our legal obligations set out below.

    Retention We retain Personal Data for as long as we provide the Services to you or your account remains open. However, we may keep some data after your account is closed or you cease using the Service, for the purposes set out below.

    After you have closed your account we may retain Personal Data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Customer Terms, offer new features you may be interested in, or fulfil your request to “unsubscribe” from further messages from us. If none of these obligations apply we will delete Personal Data within 12 months of your account being closed.

    Complaints If you have any complaints about our use of your information please contact us as set out at the end of this Privacy Policy or contact the UK supervisory authority – The Information Commissioner’s Office (“ICO”).

    Where we store your Personal Data for EU Customers only

    The Personal Data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. By submitting your Personal Data, you agree to this transfer, storing or processing outside of the EEA. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

    We always ensure that your information is only transferred in full accordance with UK data protection laws and/or applicable EU data protection law. In particular, this means that your information will only be transferred to a country that provides an adequate level of protection (for example, because the European Commission has determined that a country provides an adequate level of protection) or the recipient is bound by standard contractual clause according to conditions provided by the European Commission (“EU Model Clauses”). You are responsible for checking the privacy policy of any third party websites we link to.

    Our Service is accessible via the Internet and may potentially be accessed by any user around the world. Other users may access the Service from outside the EEA. This means that where you choose to upload your data to the Service, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.

    Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Service, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.

    Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our Service; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

    The Service may contain links to and from third party websites of our partners, networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for the privacy practices or content of these websites.

    We’re not affiliated with the companies that host our service or apps.

    Use of cookies

    We use cookies on our website to distinguish you from other users of our website and Service. This helps us to provide you with a good experience when you browse our website and also allows us to improve the website and Service. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

    If you are under 16 years of age

    If you're under the age of 16, you may not have an account on the Service. We do not knowingly collect information from or direct any of our content specifically to children under 16. If we learn or have reason to suspect that you are a user who is under the age of 16, we will have to close your account. Please see our Customer Terms for information about account termination.

    Changes To This Privacy Policy

    We reserve the right to change this Privacy Policy at any time and any amended Privacy Policy will be posted on our websites and notified to you by email, where appropriate. Please check back frequently to see any updates or changes to our Privacy Policy. This Privacy Policy was last updated on 31 July 2023 and replaces any other Privacy Policy previously applicable from this date.

    Contact Us

    Questions, comments and requests regarding this Privacy Policy are welcomed and should be forwarded by email to: hello@practicehub.io.