Accurx Privacy Policy

Who are we?

We are Accurx Limited. We provide software to enable health and social care teams to communicate with each other and with patients. Our company details and our registration with the UK’s Data Protection Regulator (the ICO) can be found here.

Your trust in our data security and privacy is at the heart of what we do. It's not enough to ask you to trust us, we have to show that we are trustworthy. Being transparent about what we do with any personal data needed to provide our software is key to that.

This page tells you what we do. Please see the following groups below  to see how we use data about you:

  • Health and Care Professionals
  • Patients
  • Prospective buyers from healthcare organisations
  • User/ Market Research Participants

This notice may change periodically and will be published on the Accurx website.

Roles

Health and Care Professionals

Accurx is a communication software provider for healthcare organisations like your employer - perhaps a GP practice, hospital Trust or pharmacy. If you’re a member of staff here that uses Accurx, we receive information about you in three ways:

  • Accurx account registration - when you sign up, or are signed up for, an Accurx account
  • ongoing use of the Accurx platform 
  • if you contact us directly, for example through our email or chat platform

Accurx registration

Upon creating an Accurx account using our sign up page, we collect the following information about you and link this to a unique identifier in our system:

  • Full name
  • Email 
  • Organisation
  • Telephone number

Why: We collect this information on the basis of legitimate interest to be ready to link your profile to your organisation (after which, we process your data as a data processor). If you are a user of our products, we may also contact you from time to time to let you know about our products, services, events, and to also ask for your feedback. In cases where we contact you for marketing purposes, we rely on our legitimate interests to help our user base connect with each other, grow our business, improve multidisciplinary team communication and have a positive impact on patient care to do this. You can also ask us to remove or update your contact details at any time, by contacting us at support@accurx.com.

Ongoing use for your work in a healthcare organisation

We provide software products to healthcare organisations. These healthcare organisations are responsible for how your information is used in our platform - in legal language, they are the “Data Controller”. They provide us with information and instruct us how to use it. This means we’re acting as a “Data Processor”. When your registration (above) is linked to an organisation, we link the data to other information about you, provided by yourself or your organisation, including your job role, and actions you’ve taken in Accurx software. We have a very clear agreement with your healthcare provider that sets out what we do with the data, and how we keep it safe. We also passively monitor use of our platform to ensure we remain compliant with the agreements in place with our healthcare providers, and our acceptable use policy. You can read the full agreement here.

Switch App users

When you sign up to use the Switch application, we will collect the following registration information about you:

  • Name
  • Email address
  • Organisation

The Switch App enables you to find contact details for your colleagues via a crowd-sourced directory, and communicate with each other. If you add someone else's contact details to our crowd-sourced directory, it's important you make sure they wouldn't object to their details being added.

Accurx is the controller over your registration information and the crowd-sourced directory in our App. The healthcare organisation is the Controller of any personal data, including patient data, processed within the App, or in other Accurx suite of products that can be accessed via the App.

Why: We rely on your consent to process your information when you sign up and use the App, which you can revoke at any time by deleting the app or by contacting us at support@accurx.com. If you are a user of the App, we may also contact you from time to time to ask for your feedback, and let you know about our other products, services, events, and to also ask for your feedback. If your data is stored in our directory or we contact you for marketing purposes, we rely on our legitimate interests to help our user base connect with each other, grow our business, improve multidisciplinary team communication and have a positive impact on patient care to do this. You can also ask for us to remove or update your data stored in our directory at any time, by contacting us at support@accurx.com.

Email, social media or telephone engagement with us as an actual or prospective Accurx user

When you contact us over social media, email, or via live chat on our website, we may collect the following information about you:

  • Name
  • Email
  • Telephone number
  • Social media handles
  • Anything else you share with us in our engagement

Why: We collect this information on the basis of our legitimate interest to respond to you and discuss with you about our products, services, events and to also ask for your feedback.

Patients

Accurx is a communication software provider for healthcare organisations like your GP practice, hospital Trust or pharmacy. If you’re a patient, we receive information about you in two ways:

  • Via healthcare organisations who use Accurx software 
  • If you contact us directly, for example through our email or chat platform

Via healthcare organisations who use Accurx software

We provide software products to healthcare organisations involved in your care. These healthcare organisations are responsible for how your information is used - in legal language, they are the “Data Controller”. When they want to use our software to communicate with or about you, they provide us with information and instruct us how to use it.

This means we’re acting as a “Data Processor” and this falls outside the scope of a Privacy Policy. We have a very clear agreement with your healthcare provider that sets out what we do with the data, and how we keep it safe. You can read the full agreement here and more information about our role and how we protect data here.

Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “Processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS England's Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.

Via direct correspondence with you

If we correspond with you directly, we’ll collect information about you. The exact information we collect about you will depend on the way you contact us.

By email or social media

  • Name
  • Email
  • Telephone number
  • Social media handles
  • Anything else you share with us over the correspondence

Why: We collect this information on the basis of our legitimate interest to ensure we deal with your queries quickly and efficiently and understand how you interact with us.

Via the support chat on our website

  • Name
  • Email
  • Anything else you share with us over the correspondence 

Why: We collect this information on the basis of our legitimate interest to ensure we deal with your queries quickly and efficiently and understand how you interact with us. 

In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We will be using this anonymised information to improve our services.

Prospective buyers from healthcare organisations

If you work for a commissioner in the NHS or someone who buys software for healthcare providers. 

When we speak to you about prospective deals for our software services, we will collect the following information about you:

  • Full name
  • Age
  • Email
  • Content of email communications with you and metadata (including delivery status)
  • Any additional information you provide to us through our communications with you

Why: wwe collect this information on the basis of our legitimate interests to discuss procurement and purchasing decisions of our products by your organisation. 

User/Market Research Participants

We try to build software that our users love. To achieve this, we spend a lot of time speaking to healthcare professionals and to patients to understand their needs and what they’re looking for. We may conduct this research to improve existing products or inform the development of new products.

When you participate in our research, we will collect the following information about you:

  • Full name
  • Age
  • Email
  • Any additional information you provide to us through surveys, interviews or other communications with us

Why: we collect this information either on the basis of our legitimate interest to ensure our products are fit for purpose and match your expectations as a healthcare professional or patient, or on the basis of your explicit consent which we will obtain from you at the beginning of the research project. 

In some circumstances we may carefully anonymise your personal data so that it can no longer be associated with you, and we may use this anonymised information indefinitely without notifying you. We use this anonymised information to analyse our programmes and to  improve our services.

Job Applicants, Event guests, and Prospects

When you apply for a role with us: 

If you apply for a role at Accurx, we will collect the following information about you: 

  • Name 
  • Telephone number 
  • Email address 
  • Employment history and other data in your CV or otherwise submitted to us
  • Assessments completed by you as part of the application process 
  • Feedback about you from our staff and your referees

Why: We collect this information on the basis of our legitimate interest to assess job applications and to take steps necessary to enter into an employment contract with you. We also collect it because we have a legal obligation to ensure applicants have the right to work.

When you’ve signed up for information about events and job opportunities:

If you sign up for events or job opportunities updates, we gather the following information:

  • Name
  • Email address
  • Any other information,for example about roles that you are interested in, that you may provide when you sign up for job opportunities, or any other details required as part of the event registration process.

Why: To send you the event, hiring information or to process your booking in relation to an event we are organising. We process this on the basis of your consent and you may opt out at any time.

Email or social media contact

If you contact us over email or social media about a job application, we will also collect the following information about you:

  • Name
  • Email
  • Telephone number
  • Login information
  • Time-zone setting
  • Browser plug-in types and versions
  • Operating system
  • Platform
  • IP addresses
  • MAC addresses and social media handles

Why: We retain information about you as a prospective employee for a maximum of 24 months, so we can use it to improve our hiring process, or to inform you of other opportunities. 

If we reach out to you via social media about a job opportunity we think you are a good match for, we will collect your name and social media URL, and will retain this information for up to 24 months. This is to help us build a prospective candidate list that we can contact for any new opportunities and track how well our recruitment processes are working. We use your data in this way as it's in our legitimate interest to find great people to work for us, and to improve our hiring practices.

General Questions

How do we collect information?

We may collect information about you from a variety of sources: 

  • Email, telephone, social media and in-person interactions we have with you ● From other organisations within the health system 
  • Via the chat function on our website 
  • Cookies on our website and pixels in our emails (see our Cookie Policy)
  • Publicly accessible sources including your employer’s website or your social media profile

How long do we retain your personal data?

Our data retention periods for different groups are set out below. If you have questions about any categories of data not provided below, please contact support@accurx.com.

Type of Data

Retention Period

Health Care and Professional

As long as necessary for the purpose of selling or providing our service, subject to your rights.If you are a user of our Switch App, we retain your data until you revoke your consent. If you are listed in our directory but don't use our App, you can delete your data at any time by contacting us at support@accurx.com.

Communications from patients who contact us directly

For up to 24 months after any direct contact with us.

Prospective buyers

Up to 48 months after last contact with your organisation.

User/Market Research Participants

For up to 48 months after research has been concluded, unless otherwise stated in the project’s information and consent material.

Job Applicants, Event guests, and Prospects

For prospects, we will retain your information for up to 24 months. For job applicants, we retain your application information for up to 24 months after any hiring process you are directly involved in has been completed.

Which third parties are involved in processing your data?

The parties we may share different groups’ data with are set out below. If you have questions beyond this, please contact support@accurx.com.

Group

Parties your information may be shared with

Health Care and Professional

We have contractual agreements in place with hospitals and GP practices, which govern and protect the data about you when you use our software.

If you contact us directly or use our Switch App, your data may be securely stored in the software service providers of our data storage, email, office, live chat support, and social media systems.

We may share your data with regulators, authorities and enforcement agencies if we’re under a duty to comply with any legal obligation or enforce our terms and conditions.

Patients

We have contractual agreements in place with hospitals and GP practices, which protect your data when they work with you.

If you contact us directly, your data may be securely stored in the software service providers of our email, office, and live chat support systems.

We may also share your data with regulators, authorities and enforcement agencies if we’re under a duty to comply with any legal obligation or enforce our terms and conditions.

Prospective buyers from healthcare organisations

Your data may be stored by our email, CRM software, and storage providers.

User/Market Research Participants

Your data may be stored by our email, productivity, design, communication and storage providers.

Job Applicants and prospects

Your data may be stored in our recruitment platform provider well as in our email, productivity, design, communication and storage providers.

What rights do you have under data protection laws?

You have various rights under data protection law in relation to the data that we control about you.Please note that if you are a patient or a member of staff in an organisation that uses Accurx, you should contact the organisation concerned (the data controller) to understand your rights and exercise any that you have. If you wish to exercise any of these rights or have any questions, please contact support@accurx.com.

  • Access: You can request access to and obtain a copy of your personal data 
  • Rectification: You can correct incomplete or inaccurate data we hold about you
  • Erasure: You can ask to erase personal data we hold about you 
  • Restrict: You can ask us to restrict how we handle your personal data 
  • Portability: You can ask us to transfer your personal data to a third party ● Object: you can object to how we’re using your personal data

You also have the right to lodge a complaint with us or the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales.