HealthCentreApp Empowering Citizens, Supporting Health

Privacy Policy

This Privacy Policy explains how HealthCentreApp uses personal data when you use our website and services (together, the Service). It also explains your rights and how to contact us.

UK GDPR and Data Protection Act 2018 Last updated: 18/02/2026 Contact: privacy@healthCentreApp.com

On this page

1. Who we are 2. Data we collect 3. How we use your data 4. Lawful bases 5. Sharing and third parties 6. International transfers 7. Retention and security 8. Your rights 9. Cookies and similar technologies 10. Changes

1. Who we are

HealthCentreApp is a UK based healthTech startup founded by ex NHS digital health leaders, with a combined experience of over 40 years.

Data Controller
HealthCentreApp
Privacy contact
privacy@healthCentreApp.com

Note: We are not listing a postal address on this MVP site. If you need a postal contact address, email us and we will provide it.

2. Data we collect

A. Data you provide

  • Account and profile data such as name, email, phone, country and region.
  • Support messages and enquiries you submit to us.
  • Subscription choices and transaction references. Card details are usually handled by a payment provider, not stored by us.

B. Health data (special category data)

If you choose to use health features, we may process health information you enter or upload. Health data is special category data and receives extra protection under UK GDPR.

C. Location and device data

  • Approximate or precise location if you allow it, including last known location used to complete a search.
  • Device and usage data such as browser type, pages viewed, timestamps, and basic security logs.

3. How we use your data

We use personal data to:

  • Provide and operate the Service, including account management and subscriptions.
  • Enable digital health tools, including records, monitoring, and AI features where available.
  • Help you search for care providers using location and Google Maps search links.
  • Respond to enquiries and provide support.
  • Improve safety, security, and performance of the Service.
  • Meet legal, regulatory, and tax obligations.

AI outputs: Some features may use AI to support understanding. They do not replace professional medical advice. If you have an urgent medical concern, seek local medical help.

4. Lawful bases

A. Personal data (UK GDPR Article 6)

  • Contract to provide the Service you request.
  • Legitimate interests to secure, maintain, and improve the Service, and prevent misuse.
  • Legal obligation where we must comply with law, for example accounting requirements.
  • Consent where you opt in, for example certain cookies and marketing.

B. Health data (UK GDPR Article 9)

When we process health data, we rely on an Article 9 condition. In most cases this is your explicit consent. You can withdraw consent at any time. Withdrawal does not affect processing already carried out.

5. Sharing and third parties

We do not sell your personal data.

We may share data with:

  • Service providers who help us run the Service (hosting, security, email, forms).
  • Google when you open a Google Maps search link. Google processes your query under its own policies.
  • Community support participants where you choose to share information and grant access inside the Service.
  • Authorities where required by law or to protect rights and safety.

If you use a Contact Us form, your message may be processed by our form provider (for example, Formspree) and anti spam provider (for example, hCaptcha) to deliver your enquiry and prevent abuse.

6. International transfers

We may transfer personal data outside the UK, for example if we use global service providers or support users in low and middle income countries. Where required, we use appropriate safeguards such as the UK International Data Transfer Agreement or UK Addendum and carry out transfer risk assessments.

7. Retention and security

Retention

We keep personal data only as long as needed for the purposes described in this policy, including while you maintain an account and as required by law.

Security

We use appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit, and security monitoring. No system is 100 percent secure, but we work to protect your information.

8. Your rights

Under UK GDPR you have rights including access, correction, deletion in certain circumstances, restriction, data portability (where applicable), objection, and withdrawal of consent.

To exercise your rights, email privacy@healthCentreApp.com.

You can also complain to the UK Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data.

9. Cookies and similar technologies

We may use essential cookies or local storage for core functions such as security and session management. If we use non essential cookies (for example analytics or marketing), we will ask for your consent first.

Cookie consent: Consent must be an affirmative choice. A privacy policy alone is not a consent mechanism. You should see a cookie banner if non essential cookies are used.

10. Changes to this policy

We may update this policy from time to time. We will update the date at the top and, where appropriate, provide additional notice in the Service.

For privacy questions, contact privacy@healthCentreApp.com.