← Back to Home

Privacy Policy

Last Updated: October 26, 2025

1. Introduction

HeAIth ("we", "our", or "us") is committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, and protect your information when you visit our website or engage with our services.

We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: HeAIth
Contact: maximus.smith@heaith.co.uk

Note: For privacy-specific inquiries, please email maximus.smith@heaith.co.uk with "Privacy" in the subject line.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when you:

  • Submit forms on our website (demo requests, advisory board applications)
  • Contact us via email
  • Subscribe to our newsletter (when available)

This may include:

  • Name
  • Email address
  • Professional title and role
  • Organization name
  • Specialty or department
  • UK location or practice details
  • Professional motivations and interests

2.2 Information Automatically Collected

When you visit our website, we automatically collect:

  • IP address (anonymized)
  • Browser type and version
  • Operating system
  • Pages visited and time spent
  • Referring website
  • Device information

2.3 Cookies and Tracking Technologies

We use essential cookies to ensure our website functions properly. We also use analytics cookies (Google Analytics) to understand how visitors use our site. You can control cookie preferences in your browser settings.

3. Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Consent: When you submit forms or contact us, you provide explicit consent for us to process your information
  • Legitimate Interests: To respond to inquiries, evaluate advisory board applications, and improve our website
  • Contractual Necessity: To fulfill requests for demonstrations or advisory board participation

4. How We Use Your Information

We use your personal data for the following purposes:

  • Responding to inquiries: To answer your questions and provide requested information
  • Advisory board evaluation: To assess applications and communicate with potential advisors
  • Demo requests: To schedule and provide product demonstrations
  • Communications: To send updates, newsletters (with consent), and relevant information
  • Website improvement: To analyze usage patterns and improve user experience
  • Compliance: To meet legal and regulatory requirements

5. How Long We Keep Your Data

We retain your personal data only for as long as necessary:

  • Form submissions: Up to 2 years from submission, or until you request deletion
  • Advisory board applicants: Until advisory board formation complete, or until you withdraw
  • Newsletter subscribers: Until you unsubscribe
  • Analytics data: Anonymized after 26 months (Google Analytics default)

You may request deletion of your data at any time by contacting maximus.smith@heaith.co.uk.

6. Third-Party Services

We use the following third-party services that may process your data:

6.1 Netlify Forms

We use Netlify to host our website and process form submissions. Netlify is UK GDPR compliant and stores data securely.

Netlify Privacy Policy: https://www.netlify.com/privacy/

6.2 Google reCAPTCHA

We use Google reCAPTCHA on our advisory board form to prevent spam and abuse. This service collects browser and device information.

Google Privacy Policy: https://policies.google.com/privacy

6.3 Google Analytics

We use Google Analytics to understand website usage. We have enabled IP anonymization and do not track personally identifiable information.

Google Analytics Opt-out: Browser Add-on

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption in transit (HTTPS/TLS)
  • Secure form submission processing
  • Access controls and authentication
  • Regular security reviews
  • Data minimization practices

While we take security seriously, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

8.1 Right to Access

You can request a copy of the personal data we hold about you.

8.2 Right to Rectification

You can request that we correct inaccurate or incomplete data.

8.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances.

8.4 Right to Restrict Processing

You can request that we limit how we use your data.

8.5 Right to Data Portability

You can request your data in a machine-readable format to transfer to another service.

8.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing.

8.7 Rights Related to Automated Decision-Making

You have the right not to be subject to solely automated decisions with significant effects. We do not currently use automated decision-making on our website.

To exercise any of these rights, contact us at: maximus.smith@heaith.co.uk (subject: "Privacy Request")

We will respond to your request within 30 days.

9. International Data Transfers

Your data is primarily stored within the United Kingdom. Some third-party services (Google Analytics, Netlify) may transfer data outside the UK. These services maintain UK GDPR compliance through appropriate safeguards.

10. Children's Privacy

Our website is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting a notice on our website or sending an email to registered users. The "Last Updated" date at the top indicates when changes were last made.

12. ICO Registration

We will register with the Information Commissioner's Office (ICO) as required under UK data protection law. Our registration details will be updated here once complete.

13. Contact Us

If you have questions about this privacy policy or how we handle your data, please contact us:

  • Email: maximus.smith@heaith.co.uk
  • Privacy inquiries: Include "Privacy" in the subject line
  • Company: HeAIth, registered in England and Wales

14. Complaints

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Tel: 0303 123 1113
Website: https://ico.org.uk