top of page

Privacy Notice

Last updated: 1st September 2025

Healthcare Innovation Consultancy Ltd is committed to protecting your personal information. This notice explains how we collect, use, and safeguard your data.

What This Notice Covers

  • Contact details

  • What information we collect and why

  • Lawful bases and your data protection rights

  • Sources of personal information

  • How long we keep information

  • Who we share information with

  • International data transfers

  • How to make a complaint

 

Contact Details

Email: privacy@healthcareinnovationconsultancy.com

What Information We Collect and Why

We collect and use personal data to provide and improve services:

 

For service delivery: - Name and contact details - Occupation - Payment details (bank or card information) - Transaction data (payments, services purchased) - Audio recordings (e.g., calls) - Records of meetings and decisions - Website user data

For account management: - Name and contact details - Address - Service history - Registration details

 

Lawful Bases and Your Rights

Under UK GDPR, we rely on the following lawful bases:

Consent: When you’ve given clear permission. You may withdraw this at any time.

Contract: When processing is necessary to fulfil a contract.

Legal Obligation: When required by law (e.g. tax compliance).

Your Rights Include: - Access your data - Request correction or deletion - Limit or object to processing - Data portability - Withdraw consent (if applicable)

To exercise your rights, contact us at the email above. We’ll respond within one month.

 

Where We Get Information

  • Directly from you

  • Publicly available sources

 

Data Retention

We retain data according to the following schedule:

Client Account Records
- What: Contracts, contact info, service history
- Retention: 6 years after relationship ends
- Why: Legal limitation period (Limitation Act 1980)

 

Financial Data
- What: Invoices, bank details
- Retention: 6 years post financial year
- Why: HMRC compliance

 

Project Data
- What: Reports, analysis, communication
- Retention: Deleted within 90 days of project completion & final payment
- Why: Limit risk and protect confidentiality

 

General Enquiries
- What: Emails, audio recordings
- Retention: 12 months from last contact
- Why: Follow-up and enquiry resolution

 

Website User Data
- What: Analytics, form submissions
- Retention: 12 months
- Why: Monitoring and analysis

 

Consent Records
- What: Records of given consent
- Retention: 6 years after relationship ends or consent withdrawn
- Why: GDPR compliance

 

Who We Share Information With

Data Processors: - Google Workspace for Business (hosts emails and documents)

Other Recipients: - Legal or regulatory bodies (as required by law)

International Data Transfers

Some data is stored or processed outside the UK: - Provider: Google - Location: Europe and UK - Safeguard: EU Standard Contractual Clauses (SCCs) + UK Addendum

For details on safeguards, contact us via email.

How to Complain

If you’re concerned about how we handle your data:

  1. Contact us at privacy@healthcareinnovationconsultancy.com

  2. If unresolved, contact the Information Commissioner’s Office (ICO):

    • Website: www.ico.org.uk/make-a-complaint

    • Phone: 0303 123 1113

    • Address: Information Commissioner’s Office
      Wycliffe House
      Water Lane
      Wilmslow
      Cheshire, SK9 5AF

 

We keep this notice under regular review.

bottom of page