top

Privacy Policy

Medentee platform (Platform) and website available at https://medentee.com (Site), hereinafter collectively referred to as "Products", belongs to a company Medentee Limited (Company, we, our, us). The Company shall act in compliance with the legislation of England and Wales and is registered at the following address: 71-75 Shelton Street, Covent Garden, London.

This Privacy Policy explains how our Company uses and stores various personal data that we collect about you when you register and use Products and what your legal rights are.

The purpose of this Privacy Policy is to explain what kind of personal data might we ask you to provide, for what purposes, how we use this personal data, and what we do to protect it.

We hope you’ll take some time to read this document; we’ve tried to keep it all as simple as possible and we will keep you informed if there are any changes to the way we process your personal data in the future, before making them.

As far as you use Products as an individual person, we are the controller of your personal data. We are responsible for and control the processing of your personal data.

As far as you use Products as an organization, we are acting as the processor of personal data on behalf of the Controller. For the purpose of this clause, the term “Controller” shall mean you as an organization, establishment, company or any other legal entity that is authorized to use Products and has accepted Terms of Service and Privacy Policy.

By using Products, you acknowledge that you have read, understood and agree to the collection, storage, use and transferring of your personal data as further described in this Privacy Policy. Unless otherwise, all of the terms defined in this Privacy Policy have the same meaning as in Terms of Service and vice-versa.

1. What kind of personal data might we ask you to provide?

Company will only ever ask for personal data when you register on the Products, express an interest in obtaining information about us or Products and our services, when you participate in activities on Products, or otherwise when you contact us. We may also collect your personal data that is collected automatically such as through the use of cookies and other technologies as described below in this Privacy Policy.

The personal data that we collect depends on the context of your interactions with Products, the choices you make and the services you use.

Company will only ever ask for personal data if it is required for a specific purpose; with that in mind we have created a full list of all the kinds of personal data that we may ask you to provide in order to achieve those purposes. The kinds of personal data we may collect are outlined below:

  • User Data (name, date of birth, sex, gender, address, contact phone number, education, profession and specialization, medical registration number (License number), height, weight, blood group, and other information you provide in your profile (the other information is optional), email, usernames, passwords, contact or authentication data). This refers to personal data collected about Products users. Company is a data controller of user data. In this case, Products users are the data subjects.

  • User Generated Data  (message data, Patient ID, Health Information, images and audio, video or call recordings created in connection with our business activities).This refers to all data collected by our Products users while using Products. This data is largely sensitive patient information and personal information of the patients being discussed (data subjects). In this case, Company a data processor of User Generated Data. Products users are the controllers of User Generated Data.

  • Payment data.  We use Stripe (https://stripe.com/gb) as the third-party payment processor to process card payments for the services. We do not store and cannot use your credit card information or other payment details. Your credit card details are encrypted and securely stored by your payment operator to enable us to automatically bill you. When you make a purchase of the Products, any credit card information, including card holder name and zip code, you provide as a part of your payment Information is collected and processed directly by Stripe as our payment processor through their Stripe Checkout service. We at no time receive or store your full credit card information. Stripe commits to complying with the Payment Card Industry Data Security Standard (PCI-DSS) and using industry-standard security. Stripe may use your payment Information in accordance with their own Privacy Policy here: https://stripe.com/checkout/legal.

2. What data is collected automatically?

We automatically collect the certain information about you and the device you use to visit the Site. For example, when you use our Site, we will log your IP address, operating system type, browser type, referring website, the page you viewed, and the dates/times when you accessed the Site. We may also collect information about the actions you take when using our Site, such as links clicked.

Browser local storage is a file created by a website in your device. You may erase Browser Local Storage collected on our Site by deleting your browser’s history. However, you will not be able to erase the Browser local storage files collected during your usage of the Products as this may disable us to provide you with the Products. We collect “Session Files” information in order to enable you to log in the session and “Intercom-state Files” to enable the communication session.

Cookies files. Cookies are text files that are placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our Site, we may automatically collect information about you using cookies or similar technology. For more information on cookies please visit the website www.allaboutcookies.org.

How do we use cookies?

Our company uses cookies in a variety of ways to improve your use of our website, including:

  • keeping you signed in

  • understanding how you use our Site

What types of cookies do we use?


There are several different types of cookies however, our Website uses:

  • Functionality - Company uses these cookies so that we can recognize you on our Site and remember your previously selected settings. These may include what language you prefer and the location you are in. For this, a mix of first and third party cookies are used.

  • Advertising - Company uses these cookies to collect information about your visit to the Site, the content viewed, the links you followed, as well as information about your browser, device, and your IP address.

Under HIPAA, Company is a Business Associate who processes, stores or transmits Protected Health Information (PHI) on behalf of the Covered Entities (healthcare providers) who use Products.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

If you use our application, we also may collect the following information (Application Data) if you choose to provide us with access or permission:

  • Geolocation Information. We may request access or permission to track location-based information from your mobile device, either continuously or while you are using our mobile application(s), to provide certain location-based services. If you wish to change our access or permissions, you may do so in your device's settings.

  • Device Access. We may request access or permission to certain features from your mobile device, including your mobile device's microphone, contacts, camera, calendar, reminders, sensors, sms messages, social media accounts, storage, and other features. If you wish to change our access or permissions, you may do so in your device's settings.

  • Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access Products. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.

  • Push Notifications. We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.

This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.

3. For what purpose do we collect personal data?

We will use personal data firstly to fulfill any contractual obligations that exist between us and yourself; where we request personal data be provided to meet the terms of any such contract you will be required to provide the relevant personal data or we will not be able to provide the services you want. In such cases, the lawful basis of us processing the personal data is that it is necessary for the performance of a contract.

We may also process your personal data in accordance with our legitimate business interests; this is on the considered measure that we need the personal data to achieve the various purposes and that it could be reasonable for an individual to expect their data to be used for those purposes.You may choose to opt-out of Products using any of your user data. However, if you choose to do so, your experience of Products may be sub-optimal.

We collect your personal data to:

  • provide you with access to Products and our services;

  • contact you, if necessary;

  • notify you of any changes to the services we provide or have provided, that may affect you;

  • allow us to understand the scale and range of our customer base; for statistical analysis and market research;

  • recognise when customers re-engage with Products;

  • allow us to support and maintain our Products in active service;

  • Improve Products so you can get better services;

  • enhance the security measures in place that protect data we are responsible for;

  • protect the company’s assets;

  • inform you about special offers in Products that, in our opinion, may be of interest to you.

4. What legal basis for the processing of your personal data?

The legal basis for the processing of your personal data is your consent. You are not required to provide us with your personal data. However, if you do not provide us with your personal information, we will not be able to provide you with our Products, which require online registration. Your personal data will be processed in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation).

We may also process your personal data in order for Company to comply with our various legal obligations; this might include:

  • Providing for financial commitments between us and yourself, or to relevant financial authorities,

  • Complying with industry regulatory requirements and any self-regulatory schemes,Complying with industry regulatory requirements and any self-regulatory schemes,

  • Cooperating with relevant authorities for reporting criminal activity, or to detect and prevent fraud

Under HIPAA, Company is permitted to use or disclose Protected Health Information (PHI) for treatment, payment or healthcare operations, which includes quality assessment and improvement, business planning and general administrative activities, activities related to compliance with HIPAA and HITECH and other similar purposes described in 45 CFR § 164.502(a).described in 45 CFR § 164.502(a).

5. Where did we obtain your personal data?

  • We collect personal data directly from you;

  • We source personal data from some publicly accessible sources such as: Medical Registration data,
    Workplace websites (e.g NHS Trust Websites) and other professional healthcare registration bodies in the regions we operate;

  • We may gather personal data from sources including:

  • technical sources that gather data over time when you use our Products;
    from third party organizations, which can mean your personal data has been

  • provided directly by another company for a specific purpose, or where you may have accessed our Products through a third-party online service;

  • local or national authorities provided for specific purposes.

6. Who might we share your personal data with?

We may share your personal data with the other members of our group of companies, which includes any subsidiary or the holding company of Medentee.

In order to achieve the above-stated purposes for which we process your personal data, we may need to share your personal data with various third-party service providers who act as data processors.

We may share your personal data with third party organizations acting as data controllers or with specific individuals, groups or other organizations who act as neither data controllers nor data processors, but only where we are either legally required to do so by law or where doing so is necessary to achieve the intended stated purpose of processing the data.The categories of third parties we may share personal information with are as follows:

  • Data Analytics Services

  • Communication & Collaboration Tools

  • Data Storage Service Providers

  • Finance & Accounting Tools

  • Social Networks

  • Ad Networks

  • Cloud Computing Services and ect.

7. Is your personal data transferring outside of Europe?

We comply with Regulation (EU) 2016/679 (GDPR). Under this rule, residents of the European Economic Area (EEA) can expect their data to be properly protected when transferred outside the EEA. When we provide our services to you, the personal data which you give to us may be transferred to countries outside the European Union. We will only transfer your personal data in this way if we have mechanisms in place to protect it. These mechanisms may include transfers to countries where an adequate level of protection has been established, or to organizations with appropriate safeguards, such as a data processing agreement or compliance with the European Commission's Standard Contractual Clauses (Decisions 2001/497 / EU, 2004/915 / EU, 2010/87 / EU). By submitting your personal data, you agree to such transfer, storage, or processing.

If we transfer your data to our partners/providers located in states that do not provide an adequate level of data protection, we commit ourselves to take all necessary measures to ensure that those partners/providers comply with the terms and conditions established in this Policy. These measures may also include the implementation of data protection standards (e.g., ISO 27001), standard contractual clauses adopted by the EU Commission, as well as direct control systems for these mechanisms.

8. Specific privacy rights for California residents?

California Civil Code Section 1798.83, also known as the 'Shine The Light' law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

The California Code of Regulations defines a 'resident' as:

  • every individual who is in the State of California for other than a temporary or transitory purpose and

  • every individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose

All other individuals are defined as 'non-residents'.

If this definition of 'resident' applies to you, we must adhere to certain rights and obligations regarding your personal information.

9. Where is my data going to be stored?

We use Wasabi cloud storage and data centers which are located around the world for our different customers. Whenever we transfer personal information to other jurisdictions, we will ensure that the information is transferred in accordance with this Privacy Policy and as permitted by applicable data protection laws.

10. How long will we keep your data for?

We will keep your personal data only for as long as required in order to achieve the purposes for which it was gathered, in line with this privacy notice.

For determining when personal data should be erased we shall take into consideration the amount of and sensitivity of the personal data we have, the amount of harm that could be caused by a data breach, the benefits of the purposes the data is being used for and any legal requirements that we are bound to.

11. How do we keep your personal data safe?

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from Products is at your own risk. You should only access Products within a secure environment.

12. Do we collect personal data from minors?

We do not knowingly solicit data from or market to children under 18 years of age. By using Products, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use Products. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at dpo@medentee.com.

13. What are your personal data protection rights?

Our Company wants to make sure that you are fully aware of all of your data protection rights. You have the following rights:

  • Access to your personal data. You may request a copy of the information that we hold about you.

  • Right to rectification. You have the right to request that the Company correct any information that you believe is inaccurate. You also have the right to require the Company to complete information that you consider incomplete.

  • Right to be forgotten. You have the right to request that the Company delete your personal data.

  • Right to restrict processing. You have the right to request that the Company restrict the use of your personal data.

  • Right to object to processing. You have the right to object to the use of your personal data by our Company.

  • Right to data portability. You have the right to request that the Company transfer your personal data collected by us to another organization or directly to you.

  • Right to withdraw consent. You have the right to withdraw your consent to the processing of your personal data, at any time, without affecting the legality of the processing that was done before, based on the consent.

  • Right to Complain. We will always try to maintain the highest standards and encourage the confidence our customers have in us as an organization. In order that we can achieve this we do request that any complaints be first brought to our attention so we can properly investigate matters.

14. Do we make updates to this Privacy Policy?

We may update Privacy Policy from time to time. The updated version will be indicated by an updated date and the updated version will be effective as soon as it is accessible. If we make material changes to Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review Privacy Policy frequently to be informed of how we are protecting your information.

15. How to contact us?

If you have any questions about the Privacy Policy of our Company, the data we hold about you, or you want to exercise one of your data protection rights, you can contact us:

Our Data Protection Officer: Mr. Tahir Latif, address:71-75 Shelton Street,Covent Garden, London, United Kingdom, WC2H 9JQ, email: dpo@medentee.com.

Medentee Limited: Company number: 12458045, address: 71-75 Shelton Street,Covent Garden, London, United Kingdom, WC2H 9JQ, email: support@medentee.com.

16. How to contact the relevant authority?

If you wish to make a complaint or believe that the Company did not satisfy your request properly, you can contact: