PRIVACY POLICY

Introduction to the tapGP Privacy Policy

Welcome to the TAP GP Privacy Policy. Your personal data is extremely important to us. We want you to know how we gather and use your data, how we share it, how we keep it secure and what rights you have over it so that you have the best patient experience when using our services.

  1. Who are we?
    • We are TAP GP Limited. For privacy queries, you can contact us at info@tapgp.co.uk. Other contact details are on our website.
  1. What’s the point of this policy?
    • It tells you what to expect when we collect personal information from users of our website/app/services.
  • Generally, the policy covers only information provided to us. If you give personal information to other people, such as payment providers or other websites, please check their privacy policies.
  1. Might the policy change?
    • We will take reasonable steps to give you notice of the new version.
  1. What do we collect?
    • Information which you upload to our service or otherwise give us such as:
      • your name and contact details (and those of your parent/guardian if applicable);
      • other information you provide on registration or otherwise such as reason for booking, gender, dob, identification documents, selfies, photos of body parts, health information;
      • account information such as your username and password;
      • details about your transactions on our service;
      • your medical information;
      • information that you include in communications with us including surveys and feedback; and
      • contact or other information which you give or allow us to use for newsletters or other marketing.
  • Some of this information will be “special category data”, such as details relating to your health.
  • Automated information about your use of our service such as: the internet protocol (IP) address used to connect your device to the internet, connection information such as browser type and version, information about your device including device-type and device identifier, operating system and platform, mobile network data, a unique reference number linked to the data you enter on our system, login details, the site from which you arrived at our service, details of your activity with date / time stamps including pages you visited and your searches / transactions.
  • Information about your location. You will be asked to consent to this. You can withdraw your consent at any time as explained in our service.
  • The following information about you may be provided to us by other people:
    • Limited billing information sent to us by our payment provider or the relevant app store for verification purposes e.g., your name, email address and billing address.
    • If you log in via social media or other websites: Information from those companies potentially including your name, email address, profile photo and date of birth.
  1. What’s our reason / legal basis for collecting the information?
    • Because it’s necessary to take steps at your request to enter into a contract with you and/or to perform such a contract. This applies to information such as initial enquiries and to account, contact, transaction, location and profile information.
  • Because it’s necessary for the supply of health services by health professionals. This applies to health information.
  • Because it’s in our “legitimate interests”, g., sending marketing communications to customers about our similar products/services, managing and improving our service including tracking usage patterns and preventing or detecting fraud or abuse. This applies to information such as contact details, automated usage data and to surveys and feedback.
  • Because you’ve specifically agreed on our service (e.g., by selecting a consent box). This may apply to contact or other information that you specifically agree to us using for certain kinds of marketing. You can withdraw permission at any time as explained on our service or by emailing us at the above email address.
  1. How long do we keep personal information?
    • Until you ask us to delete it or our contract with you has ended. You can end the contract as explained in our terms and conditions.
  • We may nonetheless hold on to some (or all) of your information for longer if reasonably needed for legal, regulatory or tax reasons, deal with disputes, prevent fraud or abuse and/or enforce our terms and conditions (typically up to six years). We hold health information for 10 years after death.
  • We will keep your information which we use only for newsletters or other marketing until you tell us to stop sending you such messages.
  • We will generally keep automated browsing information for up to 26 months.  
  1. To whom do we send or make available your personal information?
  • To pharmacies, secondary care services and medical investigation providers where relevant.
  • To other people who supply us with services, e.g., website hosting and management, app admin, payment, customer service, email distribution, e-commerce, online advertising, analytics, social media etc.
  • To regulators, the police and other law enforcement or official authorities to help deal with fraud and abuse and/or comply with legal requirements and/or to protect us or others.
  • To insurers and professional advisers in connection with our insurance cover or to deal with legal claims.
  • To potential buyers so far as reasonably necessary, in the case of an actual or proposed (including negotiations for a) sale or merger or business combination involving all or the relevant part of our business.
  1. Do we send your information outside the UK?
    • Your personal information which we collect is stored within the UK and is not transferred to any other countries except as follows. 
  • Your personal information (e.g., name, contact details, IP address, browsing information) may be transferred outside the UK (generally to the US) by companies that provide us with hosting, e-commerce, analytics, advertising, app admin, email distribution, social media and other services. If so, we will ensure that there is a legal basis to do so, for example under contracts with standard contractual clauses sanctioned by the Information Commissioner that are designed to provide adequate safeguards for your personal information. 
  1. What rights do you have?
    • If the legal requirements are met: To ask us for access to your personal information, to rectify it if there are mistakes, to delete it or restrict its use in certain circumstances or to “data portability” or to withdraw any consent you’ve given (e.g., marketing).
  • You may also have the right to object to use of your personal information in certain circumstances.
  • If you have a complaint about how we are dealing with your personal information, please contact us via the email address above. If you are not happy with our response or think we are not handling your personal information in accordance with the law, you have the right to complain to the Information Commissioner’s Office (ICO).
  • For more information about your rights, visit the ICO’s website: ico.org.uk.