Privacy Policy

1. Introduction

1.1. Welcome to Journey Health ("we," "us," or "our"). Your privacy is important to us, and we are dedicated to safeguarding your personal data. This Privacy Policy ("the Policy") explains who we are, how we collect, use, and share your personal data, and your rights regarding the information we hold about you.

1.2. Journey Health complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable UK data protection laws. For data protection purposes, Journey Health is the 'data controller,' responsible for processing your personal information.

Data Protection Officer: Mohammed Uddin

2. Key Terms

  • We, Us, Our: Refers to Journey Health, operating at www.journeyhealth.uk.
  • Personal Data: Information that identifies or could identify an individual.
  • Special Category Personal Data: Sensitive data such as health information, racial or ethnic origin, or religious beliefs.

3. Personal Data We Collect

3.1. We may collect and use the following types of personal information:

  • Name, address, email, and phone number.
  • Valid photographic identification issued by a recognised authority.
  • Health information relevant to our services, such as medical records or consultation details.
  • Billing information, including payment details and transaction history.
  • Usage data from interactions with our website.
  • Feedback, surveys, and correspondence with us.

3.2. We collect data directly when you interact with us, such as by:

  • Registering for our services.
  • Booking appointments or consultations.
  • Completing surveys or forms on our website.

3.3. Cookies and tracking technologies may collect data on your website usage, including pages visited, duration of visits, and IP addresses. See our Cookie Policy for more details.

3.4. We may also receive additional data from third-party providers, such as analytics services or credit reference agencies, to enhance our understanding of your preferences and improve our services.

4. How We Use Your Personal Data

4.1. We process your personal data only when we have a lawful basis, such as:

  • To fulfill contractual obligations (e.g., providing consultations or delivering services).
  • To comply with legal or regulatory requirements.
  • To protect your vital interests or provide healthcare services.
  • With your consent (e.g., for marketing purposes).
  • For legitimate business purposes (e.g., improving our services).

4.2. Examples of purposes for which we process your data include:

  • Providing healthcare consultations and treatment.
  • Responding to inquiries or complaints.
  • Billing and payment processing.
  • Ensuring compliance with legal and regulatory obligations.
  • Conducting analytics to improve our website and services.

5. Promotional Communications

5.1. With your consent or where permitted by law, we may send you updates about our services, offers, or promotions via email, SMS, or phone.

5.2. You can opt out of receiving promotional communications at any time by:

  • Using the "unsubscribe" link in our emails.
  • Replying "STOP" to promotional SMS messages.
  • Contacting us directly at [insert contact email].

6. Sharing Your Personal Data

6.1. We may share your personal data with the following parties:

  • Service providers assisting us with operations (e.g., IT support, payment processors).
  • Regulatory bodies or law enforcement agencies as required by law.
  • Third parties authorized by you (e.g., for referrals).

6.2. We ensure any third-party processing your data does so in compliance with this Policy and implements appropriate security measures.

7. International Transfers

7.1. Your data may be transferred outside the European Economic Area (EEA) to countries with different data protection standards. When this occurs, we ensure safeguards, such as standard contractual clauses, to protect your data.

8. Data Retention

8.1. We retain your personal data only as long as necessary for:

  • Providing services.
  • Complying with legal obligations.
  • Addressing disputes or claims.

8.2. Once retention periods expire, we securely delete or anonymize your data.

9. Data Security

9.1. We implement security measures, such as encryption and access controls, to protect your data against unauthorized access, loss, or misuse.

9.2. While we strive to ensure the security of your data, internet-based communications are not entirely risk-free. Please take precautions to safeguard your information online.