The staff at MSMB Healthcare (T/A Concierge Doctor) are committed to respecting and protecting the privacy of our patients as well as our website users. In case, you feel your concerns are not being met here, kindly contact us by email or phone and we will back to you as soon as possible.
- Our identity and contact details
The data controller is MSMB Healthcare LTD (data protection registration number ZA229909) of 69 Harley Street, London, W1G 8QW. Our data protection officer is Dc Petal, who can be contacted by email at firstname.lastname@example.org or by post at 69 Harley Street London W1G 8QW.
- Information we collect from you:
We will collect and process the following data about you:
Information you give us;
- This is information you give us and information we collection from you when you fill for the forms during registration on our mobile application or when you visit our website on https://www.conciergedoctor.co.uk and other web platforms which are termed together as our ‘platform’ or by corresponding with us by phone, email or otherwise. It includes information you provide when you register to use our platform, search for services on our platform, promotion or survey and when you report a problem with our platform.
- The information you provide and we collect may include;
- Your name, address, phone number, email address, date of birth, type of appointment you are requesting, the reason for asking for an appointment, payment information (financial or credit card information including billing address), medical records or personal description.
2.1 Information we collect about you
- a) With regard to each of your visits to our platform and our service we may collect the following information:
- IP Address (internet Protocol), your login information, type of browser and versions, operating systems, device and location information.
- URL (Uniform Resource Locators), Page Interaction information, Page response times, Download errors, services viewed or searched for, duration of visit to certain pages.
- b) Consultation
- Appointment location, duration of your appointment and medical notes taken during consult. We also collect information from third parties such as family members, legal guardians, insurance companies or other people who have authorised to provide your personal information to us and we do this under legitimate interest if there is no implied contract in place with you as a patient.
3. Uses of the information and the legal basis for processing
We use and process the information held about you under direct contract with you the patient to provide healthcare services. Medical notes are stored in compliance with standards set by the General Medical Council.
Why do we collect and use your personal information;
- To provide you with services
- For communicating with you about our products and services
- For quality assurances purposes
- To make disclosures as required by regulatory bodies such as GMC and CQC
- For internal record keeping and account creation;
- To confirm appointment booking when you make them
- Where you request or have consented to insurance companies who are paying for your services
- Where you request it, to provide it to your GP, Laboratory services or other healthcare practitioners to whom we refer you.
- To process your payment for products and services
- To send promotional emails about new services, special offers or other information which we think you may find interesting.
- To contact you for market research purposes by email, phone or mail.
- To customise our platform to ensure that the content is presented in the most effective manner for you and for your device.
- For internal operations, troubleshooting, data analysis, research, testing, statistical and survey purposes
4. Disclosure of your information
We only disclose your information to a third party when we need to do so to provide a service that you have requested unless we are required to do so by law.
You agree that we have the right to share your personal data with:
- Within our team to ensure we deliver the best possible care, which includes doctors, nurses and administrative staff
- With any third party specialist with whom we may believe it is appropriate to refer to (this will only be done after consulting with you)
- With third party diagnostic providers i.e pathology laboratories, imaging clinics, centres or companies.
- Other GPs (NHS or Private), Acute or mental health trusts, local authorities, community health providers, pharmacists, care homes, CQC, out of hour service providers, GMC, Insurance companies (with your consent), emergency service providers, the health service ombudsman, NHS counterfraud, NHS digital, NHS England and specific non NHS organisation for the purpose of direct and indirect delivery of care.
- With our IT service providers who hosts and provide the IT and email systems.
- Member of our group companies – subsidiaries or ultimate holding company and their subsidiaries as per definition in section 1159 of the UK companies ACT 2006
- With third parties ; Payment service providers, GPs, suppliers and sub contractors for the performance of any contract we enter into with them or you. Business partners including medical insurance providers.
- Search engine and analytic providers who help us in the improvement and optimisation of the platform.
- If we are acquired by a third party – personal data held by us about customers that use our platform will be one of the transferred assets
5. Storage of your personal information
Your medical records are held on our secure clinical system where our doctors can store, view your medical records. We will never share your records with anyone unless you give consent or as acquired under clause 4. When making booking using our mobile application you have an option to allow or prevent from the doctor viewing your previous consultations. They will only have access to these if you request for your history to be shown.
- The dta collected maybe transferred to, stored at, a destination outside of the European Economic Area (EEA) or outside the United Kingdom. The data may be processed by staff that operate out of EEA or the united kingdom that work directly for us or for our suppliers.
- These include staff engaged in booking of your appointments, processing of payment, provision of support services.
- By submitting your personal information you agree to any such transfer, processing and storing. We will take all necessary steps to ensure that your data is secure and in accordance with this policy.
- All information provide by you to us is stored on our secure servers.
- Any payment transactions will be encrypted. We do not store any card or other payment details. Any card details collected by our staff are destroyed after processing for payment.
- Your are responsible for keeping your passwords confidential and we ask that you do not share the passwords given to you by us or where you have chosen.
- Transmission of information over internet is not completely secure and all though we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our platform. Any transmission is at your own risk. Once we have received your information, we employ strict procedures and security features to try to prevent unauthorised access.
6. Retention and deletion of information
You have the right to access information held about you. We may use your personal data for purposes and periods unless and until you request for the deletion or anonymisation of your personal data.
- For the duration of the service you are receiving
- Long as necessary to comply with any legal requirement.
- For legitimate business interest outlined above if necessary. We will delete if we feel it is not necessary to retain it.
7. Your rights
You have may at any time request for erasure, correction or copy of your personal data or advise to stop using your data at any time (if certain criteria apply).
We will notify you if intend to your personal data for marketing purposes or if we intend to disclose your information to any third party for marketing purposes. Your right to stop processing can be exercised by checking the certain boxes on the forms used to collect your data. This right can also be exercised by contacting the data protection officer at email@example.com. However some information may be withheld under some exceptional circumstances.
- Access to your information
You may request details of personal data we retain about you.