Privacy Notice
Virtual Care
Introduction
We are committed to protecting the security of your personal data and safeguarding your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our Website or use our virtual care platform. It also outlines your privacy rights and how the law protects you.
Please read this policy carefully to understand how we handle your personal data.
Background
Kensa Health Virtual Care UK Limited (“Kensa Health”, “we”, “us”, or “our”) is the data controller responsible for the personal data you provide to us.
Our registered office is located at:
Unit 17
23 Royal William Yard
Plymouth
PL1 3GW
United Kingdom
As the data controller, we determine how and why your personal data is processed and ensure that it is handled in accordance with applicable data protection laws.
How to Contact Us
If you have any questions, comments, or requests regarding this Privacy Policy, you can contact our Data Protection Officer:
Email: hello@kensahealth.com
Address:
Data Protection Officer
Kensa Health Virtual Care UK Ltd
Unit 17
23 Royal William Yard
Plymouth
PL1 3GW
United Kingdom
About Us
Kensa Health Virtual Care UK Ltd is a health technology company that primarily serves the healthcare sector.
Our virtual care platform (the “Service”) enables healthcare professionals to remotely monitor, manage, and communicate with patients in their homes or other healthcare settings.
The following definitions are used throughout this policy:
Customer
A healthcare organisation that contracts with us to use our Service.
Admin
A designated contact within a Customer organisation who has administrative access to the Service.
Patient
A registered patient of a Customer.
Clinician
A healthcare professional employed or engaged by a Customer who is responsible for managing patient care.
Visitor
Any individual who visits our Website.
Website
Our website (kensahealth.com) or any other site used to provide our Service
Purpose of this Privacy Policy
This policy explains how we collect and process your personal data when you use our Website or our Service. Our goal is to ensure transparency so that you understand how your information is used and protected.
This policy should be read together with any additional privacy notices we provide when collecting or processing personal data for specific purposes.
Please note that this policy describes how we process personal data when acting as a data controller.
In some circumstances, we act as a data processor on behalf of healthcare organisations. For example, when Patients use our Service, the relevant healthcare organisation acts as the data controller. In those cases, their privacy policy will explain how patient data is used and stored.
How We Collect Personal Data
We collect personal data using several methods, including:
User Data
Information provided when registering to use the Service, such as email address, username, password, and other account details (applicable to Admins or healthcare professionals).
Contact Data
Information provided when contacting us for support or assistance.
Correspondence Data
Information submitted through our Website or through communications between you and us.
Feedback Data
Responses to surveys, reviews, or other feedback regarding the Service.
Technical Data
Information collected automatically when you visit our Website, including IP address, browser type, and browser version.
Usage Data
Information relating to how the Service is used by Clinicians and Patients. This data may be anonymised and used for analytical purposes.
If you require further information about how we collect or use personal data, please contact us.
How We Use Your Personal Data
We will only use your personal data where permitted by law. Most commonly, we process personal data in the following circumstances:
- To perform a contract with you or take steps before entering into a contract.
- Where you have given your consent.
- To comply with legal or regulatory obligations.
- Where processing is necessary for our legitimate business interests and your rights do not override those interests.
We may process personal data under more than one lawful basis depending on the purpose of the processing.
For special categories of personal data (such as patient health records), additional legal justification is required. In most cases, this will be based on explicit consent.
Disclosure of Your Information
We may share your personal data with trusted third parties when necessary, including:
Service Providers
Companies providing services such as web hosting, IT infrastructure, analytics, or system administration.
Professional Advisers
Lawyers, accountants, auditors, insurers, and financial advisers.
Regulatory Authorities
Government bodies or regulators where reporting is required by law.
Corporate Partners
Third parties involved in investments, mergers, acquisitions, or transfers of business assets.
Research Partners
Universities or research institutions collaborating with us on healthcare research.
All third parties are required to respect the security of your personal data and process it only in accordance with our instructions and applicable laws.
Data Security
We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, alteration, or disclosure.
Access to personal data is restricted to employees, contractors, and service providers who require it to perform their duties.
All information is stored on secure servers. If you have been provided with a password to access the Service, you are responsible for keeping it confidential.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.
When determining retention periods, we consider:
- The nature and sensitivity of the data.
- The risk of harm from unauthorised disclosure.
- The purposes of processing.
- Applicable legal obligations.
Where personal data is anonymised for research or statistical purposes, it may be used indefinitely.
Patient data exchanged between Clinicians and Patients through the Service is not retained by us. We act only as a processor of this data.
Video calls conducted through the Service are not recorded. Messages exchanged between Clinicians and Patients may be retained solely for clinical review and patient care management.
Cookies
Our Website uses cookies to improve functionality and enhance user experience.
Cookies are small files stored on your device that help track how the Website is used.
Cookies cannot access files on your device or read cookies created by other websites.
You can control cookie settings through your browser and withdraw consent at any time.
Disabling cookies may affect certain Website features.
For more information, visit:
Your Rights
These include the right to:
Access Your Data
Request a copy of the personal data we hold about you.
Correct Your Data
Request correction of inaccurate or incomplete information.
Delete Your Data
Request deletion of your personal data in certain circumstances.
Object to Processing
Object to the use of your data for direct marketing or where processing is based on legitimate interests.
Restrict Processing
Request that we temporarily suspend processing of your data.
Withdraw Consent
Withdraw consent at any time where processing is based on consent.
Lodge a Complaint
You have the right to submit a complaint to the UK supervisory authority:
The Information Commissioner’s Office (ICO).
However, we encourage you to contact us first so we can address your concerns.
Exercising Your Rights
You will not normally have to pay a fee to exercise your rights.
However, we may charge a reasonable fee or refuse requests that are clearly unfounded, repetitive, or excessive.
To protect your privacy, we may request information to verify your identity before processing your request.
We aim to respond to all legitimate requests within one month, although complex requests may take longer.
Updates to This Privacy Notice
This Privacy Policy may be updated periodically
.webp)
