Platform Privacy Policy

This Policy is about the Digital Practice Platform.

YOUR PRIVACY

The Digital Practice Platform is operated by Digital Practice Ltd (part of Digital Petcare Ltd) on behalf of your Practice. To allow the system to operate, Digital Practice needs to collect, handle and process certain data from your Practice, you, and your clients. This handling is done by Digital Practice as a Data Processor under the authority of your Practice as the Data Controller, under the authority of our Service Agreement - see the relevant Schedule in your Practice’s Agreement with us for further details.

WHAT IS THE PURPOSE OF THIS PRIVACY POLICY?

We need to tell you about how we use the personal information that comes from use of the platform. 

If you have any queries about this Privacy Policy or how Digital Practice use your personal information, please contact compliance@digitalpractice.vet.

This Privacy Policy relates to your use of the Digital Practice platform and tells you:

  • What personal information we collect about you when you use the Website

  • How we collect your personal information in the Website

  • How we use your personal information

  • Who we may share your personal information with

  • Any transfer of personal information outside of the EEA

  • How long we keep your personal information

  • What we do to protect your personal information

  • What choices you have in relation to your personal information

We last updated this Privacy Statement on 3rd September 2024

INFORMATION WE PROCESS:

Information that you give us:

  • your name and practice name

  • the name of any pets

  • any other information you provide in the chat

We may collect and process the following information about you:

  • technical information logs about the device you use to access the Platform

  • logs of your use of the Platform, including a record of your chats with clients and notes

Note that: as your Practice is the Data Controller, all information collected is done so under your Practice’s Privacy Notice; this section is included for your information only.

 Any personal information that you give to us may be used in the following ways:

  • to provide you with the messaging service (as set out in the Service Agreement)

  • to allow you to integrate information from the Platform into the practice’s Practice Management System

  • to administer the Digital Practice Platform (such as troubleshooting, data analysis, research)

To be clear: We do not use your personal information for marketing purposes or provide it to third parties.

If you fail to provide personal information

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (providing you with the service), or we may be prevented from complying with our legal obligations.

SHARING YOUR PERSONAL INFORMATION

We may from time to time share this information, but only to the extent necessary to provide the service.

Practice clients

We will share your name with your practice.

Practice staff

We will share the name you give us with the client you are chatting with.

Your Practice

All the data is owned by your Practice and is available to them as the Data Controller 

Our staff

Our staff will have access to the data on a need-to-know basis for the purposes of troubleshooting and system operations. This data will not routinely be accessed and then only by a minimum number of trained and accredited personnel.

Our Business Partners

We may share your information with:

  • Our suppliers for the performance of any contract we enter into with them or you solely for the purpose of providing and supporting the service (360Dialog, Amazon Web Services, Atlassian, Functional Software T/A Sentry, Google LLC, Intercom Software UK Ltd, International Support Solutions, Linear, OneSignal, Stripe and Twilio);

  • Our professional contractors (e.g. legal, technical, or professional services) who are bound by a duty of confidentiality; and

  • Analytics providers (Google Analytics and Amplitude) who analyse information about your use of the Digital Practice Platform to help us to tailor the product.

LEGAL REQUIREMENTS AND LAW ENFORCEMENT

We may also disclose your personal information to third parties:

  • If we sell our business in which case the personal information that we hold will be part of the transferred assets.

  • If we are required by law, or in order to enforce our terms of use. This includes exchanging information with other organisations for the purposes of fraud protection and credit risk reduction and also law enforcement agencies.

European Representative under Article 27 of GDPR

We have appointed Connect Inflow Limitada as our Representative under Article 27 of the EU General Data Protection Regulation (“GDPR”). All GDPR queries from EU Data Subjects or Data Protection authorities should be addressed to Connect Inflow Limitada, Av 25 de Abril, 36 – 2º Dto, 3830-044 Ilhavo, Portugal, Company number 510431437. You may also contact us directly at compliance@digitalpractice.vet

KEEPING THE PERSONAL AND CONFIDENTIAL INFORMATION

The security of your personal and confidential information is important to us.

We use appropriate technical and organisational measures to safeguard personal information. We use encryption technology in transit and at rest to enhance privacy and help prevent information security breaches.

We use industry-standard measures and processes for detecting and responding to inappropriate attempts to breach our systems.

We may transfer personal information from the UK to a country outside of the EEA. If we do, we will ensure that we enter into a data transfer agreement which gives you enforceable rights and legal remedies and provides adequate levels of protection for any personal information that is transferred outside of the EEA.

All third parties who provide services to the platform are required to sign contracts requiring them to have appropriate technical, administrative and physical procedures in place to ensure that your information is protected against loss or misuse.

All information you provide to us is stored on our secure servers or on secure servers operated by a third party. Information on our third-party providers can be found above.

Data from the client (name, animal name, PMS reference) is transmitted securely through these systems to the practice PMS and is linked to payment information (if payment is made through the service) for reconciliation purposes.  Practice users' personal information is not linked to client payment details or reconciliation records.

Retention of information

We only hold your personal information for as long as necessary for the purposes for which we collected your information. In accordance with the legal limitation period we will keep your information until the end of the contract with the veterinary practice after which time it will be deleted, unless senior clinical staff at the practice direct us to erase it sooner.

Emails

If you choose to send us information via email, we cannot guarantee the security of this information until it is delivered to us.

YOUR RIGHTS

You have certain rights in relation to your personal information.

Access to information

You have the right to access information that we hold about you. If you wish to receive a copy of the information held, please contact the data protection officer or equivalent in your Practice, who will liaise with our data protection team to get you access to the information.

Changing or deleting your information

You can ask at any time to change, amend or delete the information that we hold about you. You can also ask us to restrict the information that we process about you, by contacting the data protection officer or equivalent in your Practice, who will liaise with our data protection team to action your request.

Right to prevent Automated decision making

You have a right to ask us to stop any automated decision making. However, we do not carry out such activities in the Digital Practice Platform.

COMPLAINTS

If you make a request to us under this Privacy Statement and you are unhappy with the response, you can ask for the request to be reviewed under our internal complaints procedure. Our internal complaints procedure allows your request to be reviewed by the CEO who will do their best to try and resolve the issue.

If you have been through the internal complaints procedure and are still not happy with the result, then you have the right to complain to the Information Commissioner’s Office. They can be contacted as follows:

Website: www.ico.org.uk

Telephone: 03031231113

Address: Information Commissioners Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Changes to our Privacy Statement

We review our Privacy Statement on a frequent basis to check that it accurately reflects how we deal with your information and may amend it if necessary. You should check this page regularly to see the most up to date information.

How to Contact us

We welcome questions, comments and requests regarding this Privacy Statement which can be sent to our Data Protection Officer, David Harris, at compliance@digitalpractice.vet