Account and organisation data
Identifiers, contact details, organisation, role, authentication and security events, subscription information, and preferences used to provide and secure accounts.
Loading
The public content is loading. You can keep this page open while the route becomes available.
Draft privacy notice for owner and legal review. Production self-service acceptance remains disabled until this version is approved; deployment-specific agreements may add detail for an organisation customer.
Status and identity
This draft was prepared for review on 12 July 2026. It is not enabled as the production self-service signup notice until the contracting entity, registered office, company number, processing schedule, and legal wording have been confirmed by the accountable owner and legal reviewer.
WhiteFieldHealth Ltd is identified as the service provider and as controller for the account, commercial, support, security, and website processing it determines. The applicable order form or data-processing agreement must identify the contracting entity's registered office and company details before production use.
Privacy questions and rights requests can be sent to [email protected]. Do not include patient content, recordings, passwords, or secrets in ordinary email.
Data and purpose
Identifiers, contact details, organisation, role, authentication and security events, subscription information, and preferences used to provide and secure accounts.
Product activity, device and diagnostic information, communications, requests, and feedback used to operate, support, secure, and improve the service.
Audio, transcripts, drafts, notes, templates, and related metadata submitted under an organisation's instructions for the documentation workflow.
Legal and contractual basis
Where WhiteFieldHealth determines its own purposes, applicable bases may include contract, legal obligation, legitimate interests, or consent depending on the activity.
Where an organisation controls clinical data, WhiteFieldHealth should process it under documented instructions and the applicable data-processing terms.
Healthcare organisations must identify the lawful basis and special-category condition for their use, with any required transparency and impact assessment.
Sharing and lifecycle
Information may be handled by contracted infrastructure, processing, communications, billing, support, security, and professional-service suppliers where required to provide the service.
Customers should confirm current processing locations and any applicable transfer mechanism for the selected service and suppliers before deployment.
Retention depends on data type, purpose, contract, customer configuration, legal requirements, security needs, backup cycles, and deletion instructions.
Rights and choices
Contact WhiteFieldHealth for requests about personal data it controls, subject to identity verification and applicable exemptions.
Patients and staff may need to contact the healthcare organisation that controls the relevant clinical data; WhiteFieldHealth can support that organisation as required by contract and law.
Essential storage may support authentication, security, preferences, and service operation. Available communication choices should be respected through the relevant control or contact route.
A person can complain to the UK Information Commissioner's Office at ico.org.uk/make-a-complaint if they believe their data-protection rights have been infringed. Contacting WhiteFieldHealth first is welcome but not required.
Security and changes
WhiteFieldHealth uses technical and organisational measures intended to protect information, but no service can promise absolute security. Material policy changes should be reflected in the published version and, where appropriate, communicated through the service or customer contact route.
Continue exploring
These pages add the operational, documentation, and trust context around this topic.
Next step
Describe the request and the relevant account or organisation. Do not send clinical content, recordings, credentials, or secrets by email.