Medelinked Privacy Policy

Your privacy is very important to us. Please contact us at Medelinked Ltd, Newtown House, Newtown Road, Henley On Thames, RG9 1HG, England or on +44 (0)20 8720 7340 or by email at if you have any questions or comments regarding our privacy policy or in respect of the way in which any information you send us may be used. The following sets out our information gathering practices for accessing and browsing the Medelinked website, the use of the Medelinked Card and the Medelinked Online Health Application and explains how the information is collected, used and protected.

Data Protection

This policy relates to Our compliance with (i) the Data Protection Act 1998 while it remains in effect until it is replaced by the General Data Protection Regulation ((EU) 2016/679) on 25 May 2018; or (ii) unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK; or (iii) any successor legislation to the General Data Protection Regulation ((EU) 2016/679) or the Data Protection Act 1998 (hereinafter "Data Protection Legislation"). In accordance with GDPR, we will notify you within 24 hours of a personal data breach relating to your Medelinked Health Account becoming known to us and will inform the ICO within 72 hours of any such incident. For the purpose of the Data Protection Legislation, where you add information to your Medelinked account, you are the data controller and Medelinked is the data processor.

Information Collected

Medelinked will protect the privacy of all of our registered users as described in this Privacy Policy. We collect personally identifiable information about you when you register for a Medelinked Health Account. Registration may include your name, address, email address and date of birth. Only the minimum data items necessary for the app to function are collected. We use session cookies to keep track of your password and in the case of the Medelinked Online Health Application to personalize your future visits. We use contact information for internal purposes, and to provide the services, as well as to provide updates and enhancements and information about new product features and services where you have opted in to receive these. You will be given the opportunity to opt into these services at the point of registration. Your health information and personal records are password-protected to prevent access by other users.

Data Ownership - Your Data

The Medelinked service allows you to store or share Your Data or receive data from others. We don’t claim ownership of Your Data. Your Data remains Your Data and you are responsible for it. When you share Your Data with other people, you understand that they may be able to, on a worldwide basis, use, save, record, reproduce, transmit, display Your Data. If you do not want others to have that ability, do not use the Service to share Your Data. You represent and warrant that for the duration of these Terms, you have (and will have) all the rights necessary for Your Data that is uploaded, stored, or shared on or through the Service and that the collection, use, and retention of Your Data will not violate any law or rights of others. Medelinked cannot be held responsible for Your Data or the material others upload, store or share to your account using the Service.

The terms “Personal Data”, “Data Controller”, “Data Processor”, “Data Subject” and “Sensitive Personal Data” shall be construed in accordance with their meanings set out in the Data Protection Act 2018, as updated from time to time

The Customer and the Supplier acknowledge that for the purposes of the Data Protection Act 2018, the End user is the Data Controller and Medelinked is the Data Processor of any Personal Data and Sensitive Personal Data (which forms part of the Personal Data).

Medelinked shall process the Personal Data only to the extent, and in such a manner, as is necessary for the purposes of carrying out the Services required by this Agreement and in accordance with the Customer’s instructions from time to time and shall not process the Personal Data for any other purpose. The Supplier will keep a record of any processing of Personal Data it carries out on behalf of the Customer.

Medelinked shall promptly comply with any request from the End user requiring the Medelinked to amend, transfer or delete the Personal Data.

If Medelinked receives any complaint, notice or communication which relates directly or indirectly to the processing of the Personal Data or to either party's compliance with the Data Protection Act 2018 and the data protection principles set out therein, it shall immediately notify the End user and it shall provide the End user with full co-operation and assistance in relation to any such complaint, notice or communication.

At the End user’s request, Medelinked shall provide to the End user a copy of all Personal Data held by it in the format and on the media reasonably specified by the End user.

Medelinked shall promptly inform the End user if any Personal Data is lost or destroyed or becomes damaged, corrupted, or unusable. Medelinked will restore such Personal Data at its own expense.

Use and Disclosure of Personal Information

We use the data that we collect from you for purposes, which may include:

  • providing our users with a personalised service
  • processing registrations and enquiries
  • providing you with information about enhancements and alterations to our products and services, (provided that you ask to receive such information)

We may also disclose your information to successors in title to our business or in accordance with a properly executed court order or otherwise required to do so by law.

We also use information in aggregate form (so that no individual user is identified) for example in the following ways:

  • to build up marketing profiles
  • to aid strategic development
  • to produce anonymised and randomised data (so you cannot be identified or linked to it) for the purposes of analysis, research, testing and clinical matters
  • to provide data to medical charities, (for example as to the number of individuals in a geographic region that might be suffering from diabetes)
  • audit usage of the site

All personal, identifiable information is retained by Medelinked indefinitely unless you request that the information be deleted.

Apple HealthKit

The Medelinked application, web and mobile, integrates with Apple HealthKit to enable you to synchronise your health and wellness information from your HealthKit account into your Medelinked account. Your data that is gained through the use of the HealthKit framework is used solely by Medelinked which provides you with the health and fitness services. Information can only be shared with a third party with your express permission. We explicitly do not use your information for advertising purposes and your information is not supplied to third parties such as advertising platforms, data brokers or information resellers. With your express consent there is the option for you to share your data with third party organisation engaged in medical research.


The Medelinked website may contain links to other websites. Medelinked is not responsible for the privacy practices or the content of such web sites. Please read the privacy statements of the linked web sites that you visit.


When you provide Medelinked with personal information, that information may be sent electronically to servers outside of the country where you originally entered the information, but only to jurisdictions, which have Data Protection standards equivalent to the UK. In addition, that information may be used, stored and processed outside of the country where you entered the information.

Whenever Medelinked handles personal information, regardless of where this occurs, Medelinked takes every precaution to ensure that your information is treated securely, for instance by encrypting the information and by storing the information in a secure environment. Unfortunately, no data transmission over the Internet can be guaranteed to be 100 per cent secure. As a result, while we strive to protect your personal information, Medelinked cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk.

Product Information

Registered users may, from time to time, get information from Medelinked about present or future Medelinked products and services as well as details of changes to and enhancements of our products and services. You can opt-out of receiving such information by emailing us at

Correct/Update/Remove Data

Subscribers to the Medelinked Service may remove all of the information stored about them by means of the website. Medelinked users that wish to have information held by Medelinked about them deleted, may do so by contacting Medelinked and quoting the unique Medelinked ID number allocated to them on registration. If you wish to remove your information, the process takes three business days and you will be notified via e-mail upon completion of the removal process.

Third Parties

Our platform uses Microsoft HealthBot Services such as the Symptom Checker (API-interface or any other component of the Microsoft HealthBot Services. By using our platform, you agree to the Microsoft HealthBot Services terms of use and privacy policy.

Notification of Changes

If we decide to change this Privacy Policy, we will post those changes on our website so our users may always know what information we collect, how we use it, and under what circumstances, if any, we disclose it. We will use the information in accordance with the Privacy Policy under which the information was collected.


Medelinked is committed to providing a website and app that is accessible to the widest possible audience, regardless of technology or ability. We are actively working to increase the accessibility and usability of our website and app, and in doing so adhere to many of the available standards and guidelines. The Medelinked website and app endeavours to conform to level Double-A of the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines 2.1. These guidelines explain how to make web content more accessible for people with disabilities. Conformance with these guidelines will help make the web more user friendly for all people.


You can read our full Cookies Policy here.