🔏

General Privacy Policy

ℹ️
Last reviewed 28th June Matthew Payne

👋 Who are we?

We are Healthtech-1 Limited. We provide software to enable health and social care teams to automate their admin tasks. Our company details and our registration with the UK’s Data Protection Regulator (the ICO) can be found here.

Your trust in our data security and privacy is at the heart of what we do. It's not enough to ask you to trust us, we have to show that we are trustworthy. Being transparent about what we do with any personal data needed to provide our software is key to that.

This page tells you what we do. Please see the following groups below to see how we use data about you:

  • Health and Care Professionals
  • Patients
  • Prospective buyers from healthcare organisations
  • User/ Market Research Participants
  • Job Applicants and Prospects

This notice may change periodically and will be published on the Healthtech-1 website.

👨🏾‍💼 Roles

Health and Care Professionals

Healthtech-1 is a automation software provider for healthcare organisations like your employer - perhaps a GP practice or hospital Trust. If you’re a member of staff here that uses Healthtech-1, we receive information about you in three ways:

  • Healthtech-1 account registration - when you sign up, or are signed up for an Healthtech-1 account by your employer
  • ongoing use of the Healthtech-1 platform
  • if you contact us directly, for example through our email or chat platform

Healthtech-1 registration

We create a Healthtech-1 account for you on the request of your employer, we collect the following information about you and link this to a unique identifier in our system:

  • Name
  • Email
  • Telephone number
ℹ️
Why: We collect this information on the basis of legitimate interest to be ready to link your profile to your organisation (after which, we process your data as a data processor).

Ongoing use for your work in a healthcare organisation

We provide software products to healthcare organisations. These healthcare organisations are responsible for how your information is used in our platform - in legal language, they are the “Data Controller”. They provide us with information and instruct us how to use it. This means we’re acting as a “Data Processor”. When your registration (above) is linked to an organisation, we link the data to other information about you, provided by yourself or your organisation, including your job role, and actions you’ve taken in Healthtech-1 software. We have a very clear agreement with your healthcare provider that sets out what we do with the data, and how we keep it safe. You can request a copy of this agreement from your employer.

Email, social media or telephone engagement with us as an actual or prospective Healthtech-1 user

When you contact us over social media, email, or via live chat on our website, we may collect the following information about you:

  • Name
  • Email
  • Telephone number
  • Social media handles
  • Anything else you share with us in our engagement

ℹ️
Why: We collect this information on the basis of our legitimate interest to respond to you.

Patients

Healthtech-1 is a automation software provider for healthcare organisations like your GP practice or local hospital. If you’re a patient, we receive information about you in two ways:

  • Via healthcare organisations who use Healthtech-1 software
  • If you contact us directly, for example through our email or chat platform

Via healthcare organisations who use Healthtech-1 software

We provide software products to healthcare organisations involved in your care. These healthcare organisations are responsible for how your information is used - in legal language, they are the “Data Controller”. When they want to use our software to complete tasks with or about you, they provide us with information and instruct us how to use it.

This means we’re acting as a “Data Processor” and this falls outside the scope of a Privacy Policy. We have a very clear agreement with your healthcare provider that sets out what we do with the data, and how we keep it safe. You can request the full agreement and more information about our role and how we protect data.

Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS England's Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.

Via direct correspondence with you

If we correspond with you directly, we’ll collect information about you. The exact information we collect about you will depend on the way you contact us.

By email or social media

  • Name
  • Email
  • Telephone number
  • Social media handles
  • Anything else you share with us over the correspondence
ℹ️
Why: We collect this information on the basis of our legitimate interest to ensure we deal with your queries quickly and efficiently and understand how you interact with us.

Prospective buyers from healthcare organisations

If you work for a commissioner in the NHS or someone who buys software for healthcare providers.

When we speak to you about prospective deals for our software services, we will collect the following information about you:

  • Name
  • Age
  • Email
  • Content of email communications with you and metadata (including delivery status)
  • Any additional information you provide to us through our communications with you
ℹ️
Why: we collect this information on the basis of our legitimate interests to discuss procurement and purchasing decisions of our products by your organisation.

 User/Market Research Participants

We try to build software that our users love. To achieve this, we spend a lot of time speaking to healthcare professionals and to patients to understand their needs and what they’re looking for. We may conduct this research to improve existing products or inform the development of new products.

When you participate in our research, we will collect the following information about you:

  • Name
  • Age
  • Email
  • Any additional information you provide to us through surveys, interviews or other communications with us
ℹ️
Why: we collect this information on the basis of our legitimate interest to ensure our products are fit for purpose and match your expectations as a healthcare professional or patient or explicit consent which we will obtain from you at the beginning of the research project. In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to analyse our programmes and support other similar programmes around the world.

Job Applicants and Prospects

When you’ve signed up for information about events and job opportunities:

If you sign up for hiring events or opportunities updates, we gather information:

  • Name
  • Email address
  • Any other information, for example about roles that you are interested in, that you may provide when you sign up
ℹ️
Why: To send you the event or hiring information or to process your booking in relation to an event we are organising. We process this on the basis of your consent and you may opt out at any time.

When you apply for a role with us:

If you apply for a role at Healthtech-1, we will collect the following information about you:

  • Name
  • Telephone number
  • Email address
  • Employment history and other data in your CV or otherwise submitted to us
  • Assessments completed by you as part of the application process
  • Feedback about you from our staff and your referees
ℹ️
Why: We collect this information on the basis of our legitimate interest to assess job applications and to take steps necessary to enter into an employment contract with you. We also collect it because we have a legal obligation to ensure applicants have the right to work.

Email or social media contact

If you contact us over email or social media about a job application, we will also collect the following information about you:

  • Name
  • Email
  • Telephone number
  • Login information
  • Time-zone setting
  • Browser plug-in types and versions
  • Operating system
  • Platform
  • IP addresses
  • MAC addresses and social media handles

We retain information about you as a prospective employee for a maximum of 24 months, so we can use it to improve our hiring process, or to inform you of other opportunities.

If we reach out to you via social media about a job opportunity we think you are a good match for, we will collect your name and social media URL, and will retain this information for up to 24 months. This is to help us build a prospective candidate list that we can contact for any new opportunities and track how well our recruitment processes are working. We use your data in this way as it's in our legitimate interest to find great people to work for us, and to improve our hiring practices.

ℹ️ General Questions

How do we collect information?

We may collect information about you from a variety of sources:

  • Email, telephone, social media and in-person interactions we have with you
  • From other organisations within the health system
  • Via the chat function on our website
  • Cookies on our website and pixels in our emails
  • Publicly accessible sources including your employer’s website or your social media profile

How long do we retain your personal data?

Our data retention periods for different groups are set out below. If you have questions about any categories of data not provided below, please contact hello@healthtech1.uk

Type of Data
Retention Period
Health Care and Professional
As long as necessary for the purpose of selling or providing our service, subject to your rights.
Communications from patients who contact us directly
For up to 48 months after any direct contact with us.
Prospective buyers
Up to 48 months after last contact with your organisation.
User/Market Research Participants
For up to 48 months after research has been concluded, unless otherwise stated in the project’s information and consent material.
Job Applicants and prospects
For prospects, we will retain your information for up to 48 months. For job applicants, we retain your application information for up to 48 months after any hiring process you are directly involved in has been completed.

Which third parties are involved in processing your data?

The parties we may share different groups’ data with are set out below. If you have questions beyond this, please contact hello@healthtech1.uk.

Group
Parties your information may be shared with
Health Care and Professional
We have contractual agreements in place with Integrate Care Boards and GP practices, which govern and protect the data about you when you use our software. If you contact us directly, your data may be securely stored in the software service providers of our email, office, live chat support, and social media systems. We may share your data with regulators, authorities and enforcement agencies if we’re under a duty to comply with any legal obligation or enforce our terms and conditions.
Patients
We have contractual agreements in place with Integrate Care Boards and GP practices, which protect your data when they work with you. If you contact us directly, your data may be securely stored in the software service providers of our email, office, and live chat support systems. We may also share your data with regulators, authorities and enforcement agencies if we’re under a duty to comply with any legal obligation or enforce our terms and conditions.
Prospective buyers from healthcare organisations
Your data may be stored by our email, CRM software, and storage providers.
User/Market Research Participants
Your data may be stored by our email, productivity, design, communication and storage providers.
Job Applicants and prospects
Your data may be stored in our recruitment platform provider well as in our email, productivity, design, communication and storage providers.

What rights do you have under data protection laws?

You have various rights under data protection law in relation to the data that we control about you. Please note that if you are a patient or a member of staff in an organisation that uses Healthtech-1, you should contact the organisation concerned (the data controller) to understand your rights and exercise any that you have. If you wish to exercise any of these rights or have any questions, please contact hello@healthtech1.uk.

  • Access: You can request access to and obtain a copy of your personal data
  • Rectification: You can correct incomplete or inaccurate data we hold about you
  • Erasure: You can ask to erase personal data we hold about you
  • Restrict: You can ask us to restrict how we handle your personal data
  • Portability: You can ask us to transfer your personal data to a third party
  • Object: you can object to how we’re using your personal data

You also have the right to lodge a complaint with us or the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales.