My Medical Support

Privacy Policy

Last updated: 2 August 2025 | Version 1.1

At MyMedical.Support (“we”, “us”, or “our”), we take data protection and information security very seriously. The effective management of all personal data, including its security and confidentiality, is at the heart of our business and underpins all our practices and processes.

This privacy notice informs you about the type, scope, and purpose of the processing of personal data we collect, use, and process as part of our website and its functions and content, as well as our external online presences, such as our social media profiles (the “Services”).

This notice applies to you, the User of our Services, and us, the provider of the Services, and governs the processing of your personal data in the context of our Services and business.

 

Who We Are

We are MyMedical.Support. If you have any questions about your personal information or how we use it, you can contact us via our contact form.

We are the data “controller,” meaning we are responsible for deciding how and why your personal information is used. We’re also responsible for ensuring it is kept safe, secure, and handled legally.

 

What Is Personal Data?

Personal data refers to any information relating to an identified or identifiable natural person.

We also process special category personal data, such as health information. This is handled only with your explicit consent, or where necessary to protect your vital interests, or to enable the provision of care by medical professionals. This is done in accordance with Article 9(2)(a), (c), or (h) of the UK GDPR.

 

The Regulation

If you live in the European Economic Area, Regulation (EU) 2016/679 (General Data Protection Regulation) applies. In the UK, it is the “Data Protection Act 2018.”

The Supervisory Authority

The Information Commissioner’s Office (ICO) in the UK is the relevant authority for data protection matters. You have the right to make a complaint at any time to the ICO (www.ico.org.uk). However, we would appreciate the chance to address your concerns before you approach the ICO, so please contact us first.

 

Accuracy

It is important that the data we hold about you is accurate and current; please keep us informed of any changes to your personal data.

 

Automated Decision-Making and Profiling

We do not use automated decision-making or profiling.

 

Children’s Data

Our website is not intended for children, and we do not knowingly collect data relating to children. If you become aware that your child has provided us with personal data without parental consent, please contact us and we will remove it from our servers.

 

Cookies

We use cookies on our website. For more information about the cookies we use and how to disable them, please view our cookie policy.

 

What Personal Data Do We Collect?

We may collect personal information in the course of our business, your use of our Services, or when you purchase one of our digital solutions. This includes:

  • Name, company, or position
  • Email address, phone number(s), postal address
  • Payment and subscription data
  • Technical details from website visits or communications
  • Details provided when contacting us or creating an Emergency Identity Profile

 

Your Emergency Identity Profile may include:

  • Chronic conditions (e.g. diabetes, heart disease), prior surgeries, or implants
  • Medications and allergies
  • Pregnancy status or other health alerts
  • Emergency contacts and care providers

 

We only collect what is necessary for the purpose of providing our Services. In emergencies, your profile may be accessed without consent to protect your vital interests.

 

How Do We Obtain Personal Data?

We collect personal data directly from you when you fill out forms, communicate with us, or interact with our Services. We may also receive technical data from analytics providers.

 

Purpose for Processing

We process your data to:

  • Provide and maintain our Services
  • Fulfil contractual obligations
  • Respond to enquiries and support needs
  • Improve security and performance
  • Conduct marketing (with consent)

 

Legal Basis for Processing

We process your personal data under one or more of the following lawful bases:

  • Consent – you have given us permission
  • Contract – we need it to fulfil our agreement with you
  • Legitimate Interests – to improve our platform and user experience
  • Legal Obligation – to comply with applicable laws
  • Vital Interests – in emergency situations to protect life or health

 

Emergency Access and Logging

When your Emergency Identity Profile is accessed by a first responder or medical professional, the access is securely logged and timestamped. Users can request a log of all emergency access events. This information is never used for marketing or shared beyond its intended emergency purpose.

 

Partner & Referral Tracking

If you sign up using a partner referral code or link, we may share limited non-sensitive data (e.g. sign-up date, plan type) with our official partner to enable commission tracking and transparency. No health or sensitive data is shared.

 

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy. When it is no longer required, it will either be deleted or securely archived.

 

Who Do We Share Data With?

We may share your personal data with trusted third-party providers such as:

  • Hosting and infrastructure providers
  • Payment processors
  • Email service platforms
  • Analytics and marketing tools

In emergency situations, medical professionals may access your Emergency Identity Profile without prior consent to protect your life or health.

 

How Do We Protect Your Data?

We apply strong technical and organisational safeguards:

  • UK-based, ISO 27001-certified servers
  • Encrypted VPN tunnels
  • Two-way authentication
  • Firewalls and antivirus systems
  • Role-based internal access

 

International Transfers

Most data is processed in the UK or EEA. Where data is transferred outside these regions, we use legally recognised safeguards such as Standard Contractual Clauses (SCCs) to protect your rights.

 

Your Rights

You have the right to:

  • Request access to your data
  • Correct or delete your personal information
  • Object to or restrict processing
  • Withdraw consent at any time
  • Request data portability
  • Lodge a complaint with the ICO

 

Social Media

We manage accounts on platforms like Facebook, Instagram, and LinkedIn. When engaging with us there, your data may be processed under the platform’s privacy rules as well as ours.

 

Analytics and Market Research

We may use anonymised and aggregated data for internal analysis, marketing insights, and improving our services.

 

Changes to This Policy

This policy may be updated from time to time. Please check this page regularly for the most recent version.