Privacy Policy

Privacy Policy for Hinze Tech Operations Ltd (trading as 'Xeesty')

Last Updated: 11.03.2025

Hinze Tech Operations Ltd (trading as 'Xeesty') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our website, www.xeesty.com ("Platform"), and any related services.

This Privacy Policy applies to you if you are a visitor to our Platform, a user of our services, or a healthcare provider (“Provider”) using our Platform.

1. Who We Are

Hinze Tech Operations Ltd (trading as 'Xeesty') is a company registered in England and Wales with company number [Insert Company Number]. Our registered address is 11 Bartley Court, Station Road, Hook, Rg27 9PG. We are the data controller responsible for the personal data we collect through our Platform, unless otherwise stated in this Policy.

2. What Information We Collect

We collect the following types of personal data:

  • Information You Provide Directly:
    • Account Information: Name, email address, postal address, phone number, date of birth, gender, username, and password.
    • Profile Information: Demographic information, health information, preferences, interests, and other details you choose to share in your profile.
    • Payment Information: Credit card or debit card details (processed securely by our payment processor; we do not store full card numbers), billing address.
    • Communications: Records of your communications with us (e.g., emails, chat logs, customer support inquiries).
    • Health Information: Information you provide to Providers through our Platform, such as medical history, symptoms, treatment plans, and consultation notes (see Section 5 below).
    • User Generated Content: Information you post or share on public areas of the Platform.
  • Information We Collect Automatically:
    • Usage Data: Information about how you use our Platform, such as pages you visit, features you use, time spent on the Platform, and search queries.
    • Device Information: IP address, device type, operating system, browser type, device identifiers, mobile network information.
    • Location Data: If you enable location services, we may collect your device's location.
    • Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies to collect information about your browsing activity (see Section 7 below).

3. How We Use Your Information

We use your personal data for the following purposes:

  • Providing the Platform: To operate, maintain, and improve our Platform and provide you with access to our services.
  • Facilitating Connections: To connect you with Providers and enable consultations.
  • Personalizing Your Experience: To personalize your experience on our Platform and recommend relevant services or content.
  • Communicating with You: To respond to your inquiries, send you important notices (e.g., account updates, changes to our policies), and provide you with customer support.
  • Processing Payments: To process payments for services you purchase through our Platform.
  • Marketing: With your consent, to send you promotional emails about our services or third-party offers that may be of interest to you (you can opt out at any time).
  • Analytics: To analyze how users interact with our Platform and improve our services.
  • Security: To detect and prevent fraud, protect the security of our Platform, and comply with our legal obligations.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, and government requests.

4. Legal Basis for Processing Your Information

Under the UK GDPR, we must have a legal basis for processing your personal data. Our legal bases are:

  • Consent: We rely on your consent to process certain personal data, such as for marketing communications or for processing special category data (e.g., health information). You have the right to withdraw your consent at any time.
  • Contract: We process your personal data when it is necessary to perform a contract with you, such as to provide you with access to our Platform and process your payments.
  • Legal Obligation: We process your personal data when it is necessary to comply with a legal obligation, such as to comply with tax laws or respond to a court order.
  • Legitimate Interests: We process your personal data when it is necessary for our legitimate interests, provided that those interests are not overridden by your rights and interests. Our legitimate interests include improving our services, understanding how users interact with our Platform, and preventing fraud. We will never assume legitimate interest is valid, and would seek specific legal advice if this is pursued.

5. Health Information

If you use our Platform to connect with a Provider, we may process your health information, which is considered "special category data" under the UK GDPR. We will only process your health information with your explicit consent and for the purpose of providing the Platform and Services. We have a written agreement with each provider to comply with your privacy. Your provider has there own privacy policies which you must review and make sure to understand, before allowing them access to any data.

We will implement appropriate technical and organizational measures to protect your health information, including:

  • Encryption: Encrypting health information both in transit and at rest.
  • Access Controls: Limiting access to health information to authorized personnel only.
  • Auditing: Regularly auditing access to health information.

6. How We Share Your Information

We may share your personal data with the following categories of recipients:

  • Service Providers: We share information with third-party service providers who help us operate our Platform, such as payment processors, data hosting providers, analytics providers, and marketing automation providers.
  • Healthcare Providers: With your consent, we share your health information with the Providers you connect with through our Platform.
  • Medical Groups: We may share your information with medical groups for administrative and billing purposes (where applicable).
  • Legal Authorities: We may disclose your information to legal authorities if required by law or legal process.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity.

7. Cookies and Similar Technologies

We use cookies and similar technologies to collect information about your browsing activity on our Platform.

  • What are cookies? Cookies are small text files that are stored on your device when you visit a website.
  • How do we use cookies? We use cookies to personalize your experience, analyze how users interact with our Platform, and provide targeted advertising.
  • Your choices: You can manage your cookie preferences through your browser settings. You can block or delete cookies, but this may affect your ability to use certain features of our Platform.

We use the following types of cookies:

  • Strictly Necessary Cookies: These cookies are essential for the operation of our Platform.
  • Performance Cookies: These cookies collect information about how you use our Platform, such as which pages you visit and how long you spend on each page.
  • Functionality Cookies: These cookies allow us to remember your preferences and provide enhanced features.
  • Targeting Cookies: These cookies are used to deliver advertisements that are relevant to your interests.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UK and the European Economic Area (EEA) that may not have equivalent data protection laws. Where we transfer your data outside the UK and EEA, we will ensure that appropriate safeguards are in place to protect your data, such as:

  • Transferring to countries that have been deemed to provide an adequate level of protection by the UK or the European Commission.
  • Using Standard Contractual Clauses approved by the UK ICO or the European Commission.
  • Implementing other legally recognized transfer mechanisms.

9. Data Retention

We will retain your personal data for as long as is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account Information: We will retain your account information for as long as your account is active. If you delete your account, we may retain your information for a limited period to comply with our legal obligations.
  • Health Information: We will retain your health information in accordance with our legal and regulatory obligations and the requirements of our Providers.

10. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
  • Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including for direct marketing purposes.
  • Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.
  • Right to Complain: You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe that we have infringed your data protection rights.

To exercise any of these rights, please contact us using the contact information below.

11. Marketing Communications

If you have consented to receive marketing communications from us, you can opt out at any time by clicking the unsubscribe link in the email or by contacting us directly.

12. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

  • Encryption: Encrypting sensitive data both in transit and at rest.
  • Access Controls: Limiting access to personal data to authorized personnel only.
  • Regular Security Assessments: Conducting regular security assessments to identify and address vulnerabilities.
  • Employee Training: Providing data protection training to our employees.

13. Children's Privacy

Our Platform is not intended for children under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child under 18 without parental consent, we will take steps to delete that information.

14. Links to Other Websites

Our Platform may contain links to other websites. We are not responsible for the privacy practices of those websites. We encourage you to review the privacy policies of any websites you visit.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post any changes on this page and, where appropriate, notify you by email. The date of the last update will be indicated at the top of this page. Your continued use of our Platform after any changes constitutes your acceptance of the revised Privacy Policy.

16. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data protection practices, please contact us at:

Hinze Tech Operations Ltd
11 Bartley Court
Station Road
Hook
Rg27 9PG
Telephone: (+44) 7824449282
Email: support@Xeesty.com

You also have the right to contact the Information Commissioner's Office (ICO) directly:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Website: www.ico.org.uk

Important Notes:

  • Legal Review: This revised Privacy Policy is for informational purposes only and should not be considered legal advice. It is essential to have it reviewed by a qualified data protection solicitor in the UK to ensure full compliance with all applicable laws and regulations, including the UK GDPR and the Data Protection Act 2018, and to ensure it accurately reflects your specific data processing activities.
  • Customization: You will need to customize this template to accurately reflect your specific data processing practices.
  • Data Protection Impact Assessment (DPIA): You should conduct a Data Protection Impact Assessment (DPIA) for any high-risk processing activities, such as the processing of health data.
  • Cookies and Tracking: Ensure your cookie banner and cookie policy are compliant with the UK GDPR and the Privacy and Electronic Communications Regulations 2003 (PECR). Obtain valid consent for non-essential cookies.
  • Contracts with Processors: You must have written contracts in place with any third-party data processors you use, outlining their obligations to protect personal data.
  • Ongoing Compliance: Data protection law is constantly evolving, so you must regularly review and update your Privacy Policy and data protection practices to ensure ongoing compliance.

By taking these steps, you can create a Privacy Policy that is better aligned with UK data protection law and that helps to protect the privacy of your users.

The Zest to be Your Best

Now Recruiting Practitioners for our Network

Contact Us
Contact Us
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures
AI For Healthcare: Shaping Bold Futures