Privacy Statement

iPLATO Healthcare Ltd (“we”, “us”, “our”, ” iPLATO “), a company registered in England & Wales with company number 6131747 with registered offices at One King Street, 1-15 King Street, London, W6 9HR.

We are committed to protecting and respecting your privacy. We are a data controller under UK law with registration number ZA074488. This means we are responsible for determining the purposes for which and the manner in which the personal data provided to us is processed.

What does this statement relate to?

This statement sets out the basis on which any personal data we collect from you, or that you provide to us or that is provided to us by other third parties will be processed by us. Please read this statement carefully to understand our practices regarding your personal data and how we will treat it.

This Statement does NOT relate to the use of the myGP® App. The registration and use of the myGP® App is specifically covered by the App Privacy Policy and forms part of the Terms of Use of the App. This Statement pertains to all other uses of any and all data collected by iPLATO in relation to the use of our website and/or other Products and Services.

For the avoidance of doubt, by registering with, or using any iPLATO website, or supplying data or information through any iPLATO website, you consent to the collection, use and transfer of that data and your information under the terms of this Privacy Statement.

1.     What personal information do you give us and we collect about you.

You may give us information about you by entering information our website, allowing us access to data about you held by third parties, filling in forms, or by corresponding with us by phone, e-mail or otherwise. You may also give us information, and we may collect and process information about you resulting from, any interactions you undertake or services you request or source us.

It will be clear at the time what personal data we are requesting from you. You don’t have to provide data and can simply choose to stop using our website or our additional services.

2.     Information we collect about you and your device.

Each time you use our website we automatically collect the following information:

  1. technical information, including the type of device you use, a unique device identifier, mobile network information, your mobile operating system, and time zone setting;
  2. information either accessed through your device or stored on your device which you have explicitly consented to sharing, and the providence of that data including the device used to collect that data, time, date; and
  3. details of your use of our site and services.

3.     Information we receive from other sources.

We may receive information about you from third parties to facilitate provision of the Services. This may include information provided from your GP or other healthcare professional such as your name, NHS number and relevant contact details as well as sensitive information about you including your medical records and booked GP appointments. They provide such data to us to enable us to provide the services to you.

4.     Correspondence

If you contact us we may keep a record of that correspondence.

How do we use your personal information?

We DO NOT use your data for marketing purposes.

Any personal information you submit through our website or that is provided to us through other means is only required for the purpose of providing the services to you. Specifically, we use information held about you in the following ways:

  • To manage your account and for our own internal administrative purposes.
  • To review and enhance the quality of our services and products.
  • To ensure that our website presents the correct version and data for your device.
  • To make disclosures as required by or in compliance with reasonable requests by regulatory bodies including the General Medical Council or Care Quality Commission, or as otherwise required by law or regulation.
  • To administer our services and for internal operations, including troubleshooting, detection of fraud, log data analysis, testing, security, audit and statistical purposes.

When will we share your personal information?

We will not sell your personal information.

We may disclose your personal information:

  1. If we are under a duty to disclose or share your personal data to comply with any legal or regulatory obligation; or
  2. To enforce or apply our Terms and other agreements or to investigate potential breaches of such Terms; or
  3. To protect the rights, property or safety of iPLATO, our customers, or others.

How do we store your personal information?

We only keep your data for as long as we need to in order to use it as described above and/or for as long as we have your permission to keep it.

We will store your personal information at our secure data centre which is located within the United Kingdom. All data will be encrypted when being transferred to and from your device to us or to our data centre.

We take all steps reasonably necessary to ensure that your data is treated securely through strict procedures and security features to prevent unauthorised access to your personal information. However, we cannot guarantee the secure transmission of information via the internet due to security threats outside our control and as such, any transmission of information is at your own risk.

What about third party sites?

Our website and other Services we offer may contain links to other independent third-party websites or mobile applications (“Third-party Sites”).

These Third-party Sites are not under our control, and we are not responsible for and do not endorse their content or their privacy policies (if any). You will need to make your own independent judgement regarding your interaction with any Third-party Sites, including the purchase and use of any products or services accessible through them.

What rights do you have?

You have certain rights under relevant data protection law.

  1. To access data held about you:
    • you have the right to access personal information that we hold about you. Your right of access can be exercised in accordance with the terms of the Data Protection Act 1998 by making a ‘subject access request’;
    • if you would like to make a subject access request, then you must make that request in writing to:

iPLATO Healthcare Ltd
One King Street
1-15 King Street
W6 9HR;

any access request may be subject to a reasonable fee (as notified to you upon request) to meet our costs in providing you with details of the personal information; and

  • if we hold information about you then following a subject access request, we will:
  • describe it to you;
  • explain why we are holding it;
  • tell you who it could be disclosed to; and
  • let you have a copy of it.

To make a complaint to the ICO email or call: or 030 3123-1113

Changes to this Privacy Statement

We update our privacy statement from time to time and any changes we may make to our privacy statement in the future will be posted online and, where appropriate, notified to you . The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of our website and services.