For patients and end users

We provide software to healthcare organisations, such as online consultation solutions. If your healthcare organisation uses one of our services, you might use it to contact them, fill in forms, or manage parts of your care online.  

When using our services, you may provide personal information about yourself (or about another person you’re helping to use the service), such as health information. The service may also generate information about you during use.  

Your information is generally used by your healthcare organisation (and, by extension, by us) to enable you to use the service and support your healthcare. Your healthcare organisation is what’s legally known as the ‘data controller’. They decide how and why your personal information is used within our services. We only follow their documented instructions and never share or use your information for our own purposes. 

We may collect information about you in a few different ways, depending on how you use our services and how your healthcare organisation uses them. 

Information you provide directly, such as when you fill in a form, send a message, or update your details within the service. 

Information provided by your healthcare organisation, such as information they share about you in the service. 

Information generated automatically, such as triage outcomes.  

We don’t use your information for our own purposes. 

We only use your personal information to provide and support the services your healthcare organisation uses. This means we process your data only for the purposes they have defined – for example, to keep the service online and working as intended, and to support your GP or healthcare team in communicating with you and delivering your care.

Your healthcare organisation decides how long your information is stored within our services, in line with their own policies and legal obligations. 

Typically, your information is deleted or anonymised at regular intervals within our services, according to the retention periods set by your healthcare organisation. 

Please note that your healthcare organisation may also store information about you outside of our services, for example, in their own patient record systems.

We are required to maintain strong security measures to protect your personal data within our services. This includes encryption, controlling who can access your data, limiting how long your data is stored, and regularly monitoring our systems for security risks.

We have completed NHS England’s thorough assurance process so our services can be used by healthcare organisations in England.

You can contact our data protection officer at: ludvig.borgvall@visibagroup.com 

Please note that we are not able to respond to requests about your personal data. If you have such questions or wish to exercise your data rights, please contact your healthcare organisation directly.

This privacy policy was last updated: 2025-10-22