Get Started

Privacy Policy

How we collect, use and protect your personal data.

Last updated: January 2025

1. Introduction

ClinicMGMT, operated by Elevated Software Ltd ("we", "our", "us"), is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal data when you use our clinic management software and visit our website.

We are registered in England and Wales. For the purposes of data protection legislation, we are the data controller.

2. Information We Collect

Information you provide to us:

  • Account information: Name, email address, phone number, clinic name, and billing information when you register for our services.
  • Contact information: Details you provide when you contact us, book a demo, or submit enquiries.
  • Usage data: Information about how you use our software, including features accessed and actions taken.

Information collected automatically:

  • Technical data: IP address, browser type and version, time zone, operating system, and device information.
  • Cookies: We use cookies and similar technologies to enhance your experience. See our Cookie Policy section below for more details.

Patient Data

When you use ClinicMGMT to manage patient information, you act as the data controller for that patient data, and we act as a data processor on your behalf. We process this data solely according to your instructions and in compliance with our Data Processing Agreement.

3. How We Use Your Information

We use your personal data for the following purposes:

  • To provide and maintain our services
  • To process your subscription and payments
  • To communicate with you about your account and our services
  • To provide customer support
  • To send you marketing communications (with your consent)
  • To improve and develop our services
  • To comply with legal obligations
  • To protect against fraud and ensure security

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: Processing necessary to perform our contract with you.
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services and marketing.
  • Consent: Where you have given consent for specific processing activities.
  • Legal obligation: Processing necessary to comply with our legal obligations.

5. Data Sharing

We may share your personal data with:

  • Service providers: Third parties who provide services on our behalf, such as hosting, payment processing, and analytics.
  • Professional advisers: Lawyers, accountants, and auditors where necessary.
  • Law enforcement: When required by law or to protect our rights.

We do not sell your personal data to third parties.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication measures
  • Staff training on data protection
  • Incident response procedures

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When determining retention periods, we consider the amount and sensitivity of the data, the potential risk of harm from unauthorised use, and applicable legal requirements.

8. Your Rights

Under data protection legislation, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data in certain circumstances.
  • Restriction: Request restriction of processing in certain circumstances.
  • Portability: Request transfer of your data to another provider.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, please contact us at info@clinicmgmt.co.uk.

9. Cookies

Our website uses cookies to distinguish you from other users and to provide a better experience. Cookies are small text files stored on your device.

Types of cookies we use:

  • Essential cookies: Required for the website to function properly.
  • Analytics cookies: Help us understand how visitors interact with our website.
  • Preference cookies: Remember your settings and preferences.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

10. International Transfers

Your data may be transferred to and processed in countries outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the UK Information Commissioner's Office.

11. Children's Privacy

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. Visit ico.org.uk for more information.