Privacy Notice

How Chronicle Health Handles Your Health Data

Full details of how your health data is processed are in the Data Processing Terms in the Client Contract. In summary:

  • You are the data controller. Your health data belongs to you. Chronicle Health processes it on your instructions as a data processor
  • Processing is temporary. Your health data, including any identity documents provided for SARs, is deleted at the next scheduled fortnightly deletion sweep on or after delivery plus 14 days; the effective maximum delay is 28 days. Right-to-erasure requests are actioned the same day they are received
  • Health data processors:
    • Proton AG (Switzerland): Encrypted storage and email services for raw identifiable health data
    • Amazon Web Services (UK): AI processing of pseudonymised (direct identifiers removed) health data only, in the London region. Used for identifier removal, document classification, transcription of handwritten medical notes, and generation of the narrative deliverables (record summary, health timeline, plain-English documents). Zero data retention by AWS (evidence for this is available on request).

For full technical detail on encryption, pseudonymisation, device security, and deletion procedures, see How Your Data Is Protected.

Family Medical History Form (Coming Soon)

If you use our optional family medical history form, the following applies:

  • Data collected: Family medical history you choose to provide (special category data under UK GDPR)
  • Legal basis: Explicit consent - you are actively submitting this information, having already signed the Client Contract
  • Transmission: Your submission is sent over HTTPS to our email infrastructure and delivered to our encrypted Protonmail inbox
  • Storage: Protonmail (end-to-end encrypted at rest). No health data is stored in transit; only the final email is retained in the inbox
  • Retention: Deleted at the same time as other client data at the next scheduled fortnightly deletion sweep following completion of the engagement (effective maximum 28 days from delivery)
  • No client-side storage: The form does not use cookies, localStorage, or any browser storage for health data

Gift Purchases

If someone buys the service as a gift:

  • At purchase, only the purchaser’s data is processed. Their name, email address, and payment details, plus an optional recipient first name, are processed to take payment and to issue and email the certificate. The lawful basis is contract and pre-contract steps. No health data, and no other recipient personal data, is involved at this stage
  • The recipient’s data is only processed later, and only if they choose to redeem. When the recipient independently redeems the certificate and authorises the request for their own record, their health data is processed under the same basis and terms as any other client, set out in the Client Contract. The purchaser has no role in, and no access to, that data relationship
  • What we keep: A voucher record (the code, the purchaser’s name and email, the optional recipient first name, purchase date, and redemption status) is retained to administer and account for the purchase, alongside our other administrative records
  • Payment processor: Payment is handled by Stripe as an independent controller (see Sharing below). Card details are entered with Stripe, not with Chronicle Health

Cookies and Analytics

This website does not use cookies. We use Cloudflare Web Analytics to count pageviews and referrers in aggregate: it is cookieless, does not collect personal data, and does not use fingerprinting or cross-site identifiers. No advertising, no third-party trackers, no profiling.

How Chronicle Health Uses Your Administrative Information

This notice also covers how Chronicle Health handles your contact and billing information.

Data We Collect

  • Client contact details (name, email, phone, address)
  • Billing and invoicing information
  • Contract records

Purpose

We use this information for:

  • Administrative communication
  • Service provision
  • Invoicing
  • Legal record-keeping
  • Contract: Necessary to provide the service you’ve requested
  • Legitimate interests: Business administration and legal compliance

Retention

Contact and billing information retained for up to six years for HMRC obligations.

Sharing

Independent Controllers (who determine their own purposes for processing):

  • Our UK clearing bank: Processes payment transactions as an independent data controller under its own privacy policy. Your name and payment details (no health data) are processed when you make payments to Chronicle Health.
  • Stripe (our payment processor for gift purchases): When you buy the service as a gift, Stripe processes your name, email address, and card or payment details to take the payment, as an independent data controller under its own privacy policy. No health data is shared with Stripe. Stripe is used only for gift purchases and is not part of the chain that processes any health data.
  • HMRC: Financial records (no health data) may be shared as legally required for tax purposes.

Our Data Processors (who process data on our instructions):

  • A UK accounting software provider: Stores client names, contact details, and billing information for bookkeeping and tax compliance (no health data).
  • Amazon Web Services (UK / EU): Email delivery in the London region. Transmits contact form submissions and family medical history form submissions to our inbox. Data is transient: delivered and not retained long-term. Covered by the existing AWS GDPR DPA.

We have data processing agreements in place with each processor listed above.

No other sharing: Your administrative data is not shared with any other third parties beyond those listed above.

Your Rights

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion (subject to legal retention requirements)
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a portable format
  • Objection: Object to processing based on legitimate interests

Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

  • Website: ico.org.uk
  • Helpline: 0303 123 1113

Data Protection Officer

We are not required to appoint a Data Protection Officer under UK GDPR Article 37, as we do not process special category data on a large scale. For data protection queries, contact us at the details above.

Automated Decision-Making

We do not use automated decision-making or profiling.

Where we process your data based on consent, you have the right to withdraw that consent at any time by contacting us. This will not affect the lawfulness of processing before withdrawal.

Legal/Contractual Requirement

Providing your contact and billing information is necessary for us to perform our contract with you. Without this information, we cannot provide our services. You are not obliged to provide this data by law.

Contact Information

Chronicle Health Ltd

  • Representative: Thomas Millross
  • Email: [email protected]
  • Companies House No: 16934023
  • ICO Registration: ZC084723