Privacy Policy

Our contact details 

Company name: Digital Health Global Solutions Limited

UK registration number:14633638

Website: https://askmedi.com

Product name: AskMedi.com   

Disclaimer: Service Development and Testing

AskMedi, a product of Digital Health Global Solutions Ltd, is currently in an active testing and evaluation phase during 2025. Features, content, and functionality may change as part of development, safety validation, and regulatory compliance processes. We plan for full deployment of the service in 2026, subject to completion of testing and any necessary approvals.

During the testing phase, the service may contain limitations or errors, and some features may be unavailable. By using the service during this period, you acknowledge that it is under development and agree to its use on this basis.

The type of personal information we collect 

We currently collect and process the following information:

Contact Data: where required, data we use to contact you including your billing address, delivery address, email address and contact number.

Financial Data: where a payment is made directly to Askmedi, payment methods and card association used to process your payments is collected. We do not store or process your card details ourselves, they are processed and stored via one of our contracted third-party service providers. We encrypt your payment card details in your browser and securely transfer this data to our relevant third-party payment provider to process a payment.

Transaction Data: where a transaction is made directly with Askmedi , details about transactions you have made in connection with the Service, including the payments to and from you along with other details of products or services you have purchased from us.

Profile Data: including your username, email address and log-in data, details of any purchases or orders made by you, and your interests, preferences, feedback and survey or questionnaire responses

Health Data: including necessary information on your health:

Which clinic you are engaged with – refers to the clinic who referred our solution to you (where applicable) – we need to know this to identify the program you are part of and clinician monitoring you will receive

• Clinical Categorisation – we use this information to build up a record of current practices and ideal practices so that we can improve the software 

• Activity Data – like frequency of use, range of motion or duration of use is collected on the users training and assessment outcomes and this can be used to project improvement metrics in a graphical format and used by trainers to understand user progress.

• Usage Data: includes information about how you use our platform and services, such as chat interactions (metadata only), login times, feature usage, and device interaction patterns. This does not include the content of any health conversations unless required for service delivery or you give explicit consent.

• Marketing and Communications Data, which includes your preferences with regards to receiving marketing from us and your other communication preferences.

• Other Information relevant to services, customer surveys, questionnaires and/or offers.

Sensitive or Special Category Personal Information - Due to the nature of the Service we provide you may be asked to provide Sensitive Personal Information. We follow ISO 27001-aligned information security practices to protect personal information, including encryption in transit and at rest, access controls, and regular security audits. We will always ask for explicit consent from you in respect of the collection and sharing of any Sensitive Personal Information. 

How we get the personal information and why we have it

Most of the personal information we process is provided to us directly by you. We also receive personal information indirectly, from your healthcare provider upon receipt of your consent.

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time. You can do this by contacting info@askmedi.com 

(b) We have a contractual obligation: We may have to share limited non-identifiable Information with partners solely to enable our services, or obligations arising out of any such services.

(c) We have a legal obligation: We may disclose your Personal Information where we are legally required to do so in order to comply with applicable laws, governmental requests, judicial proceedings, court orders, or legal processes, such as in response to a court order or a subpoena (including in response to requests from public authorities in order to meet national security or law enforcement requirements).

(d) We have a vital interest: We may disclose your Personal Information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, illegal activities or situations involving potential threats to the safety of any person, or where we believe it is necessary for the purpose of providing evidence in connection with litigation proceedings in which we are involved.

For Special Category Data such as health information, we process this data under Article 9(2)(a) of the UK GDPR, based on your explicit consent, or under Article 9(2)(h) where processing is necessary for the provision of health or social care.

(e) Third parties:

We may share your Personal Information with third party vendors, service providers, credit reference agencies, trade associations of which we are a member, credit card associations, contractors or agents who perform services and require access to such Information to carry out that work. Such third parties will only have access to your Personal Information to the extent that they need to perform those services. They are required to keep your Personal Information confidential and may not use it other than as we ask them to and always in accordance with this Privacy Policy.

Business Transfers. We may share or transfer your Personal Information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

Health Care Providers. Provided you have given us Consent to do so we may share your Personal Information with your health care provider.

With your Consent. We may disclose your Personal Information for any other purpose with your Consent, including with any person who you have named as a person we can contact to discuss your account and any agent or representative of yours.

We may disclose aggregated, anonymous information (i.e., information from which you cannot be personally identified), or insights based on such anonymous Information, to selected third parties, including (without limitation) analytics and search engine providers to assist us in the improvement and optimisation of the Platform. In such circumstances we will not disclose any Information which can identify you personally.

We also collect Information through cookies and similar technologies.

How we store your personal information 

Your information is securely stored. 

We will only keep your Personal Information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax law, accounting requirements or other legal or regulatory requirements).

When we have no ongoing Business Purpose to justify the processing of your Personal Information, we will either delete or anonymise it, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

Security

We implement appropriate technical and organisational measures to protect your Personal Information against accidental or unlawful destruction, loss, change or damage. All Personal Information we collect will be stored on secure servers. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, credit or debit card information or national identification numbers.

De-identification

If we use your content, we only do so in a way that does not directly identify you. We will only re-identify you in exceptional circumstances, such as if we are required to do so by applicable law.

International Transfers of your Personal Information

The Personal Information we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations. If you are located in the European Economic Area (“EEA”) or the United Kingdom, your Personal Information will not be processed outside of the EEA or the United Kingdom.

We use Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office for transfers outside the UK/EEA to countries without an adequacy decision.

In the instance of such a transfer, we ensure that the Personal Information is transferred to ountries recognised as offering an equivalent level of protection and using the appropriate safeguards required by applicable data protection law.

If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of this Privacy Policy.

Your data protection rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information. 

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances. 

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances. 

Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at info@askmedi.com 

How to complain

Please contact us at info@askmedi.com

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:            

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

 

Right What it Means When You Can Use It How to Exercise

Access You can ask for a copy of the personal information we hold about you. Anytime. Contact us using the details in this policy.

Rectification You can request corrections to inaccurate or incomplete personal information. When you believe your data is wrong or incomplete. Contact us with the details to update.

Erasure (“Right to be Forgotten”) You can ask us to delete your personal information. When it’s no longer needed, consent is withdrawn, or processing is unlawful. Submit a deletion request to our contact email.

Restriction of Processing You can ask us to limit how we use your personal information. When you dispute accuracy, object to processing, or prefer storage over deletion. Contact us with your restriction request.

Object to Processing You can object to certain types of processing, including direct marketing. Anytime, for marketing; in other cases, where we rely on legitimate interests. Send us your objection in writing or by email.

Data Portability You can request a copy of your personal information in a structured, machine-readable format, and have it transferred to another organisation. When processing is based on consent or contract and done electronically. Submit a portability request to our contact email.