We’re at capacity for September... 5 spots available for October

Privacy Policy

Controller: ClickExpose Ltd trading as Your Clinic Angels (YCA), company number 14834804.

Address: Your Clinic Angels, HEC, 4 Pindar Road, Hertfordshire, EN11 0FJ, United Kingdom.

Telephone: +44 20 7072 4070

Email: support@yourclinicangels.com

This Privacy Policy explains how we collect, use, disclose and protect your personal data when you use yourclinicangels.com (the Website). It also explains your privacy rights and how the law protects you.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this policy together with our Cookie Policy and our Website Terms and Conditions.

1. Scope - who this policy covers


This policy covers personal data we collect about visitors to our Website, prospective clients, webinar or event registrants and other people who contact us about our services.

Processor work for clients. If we process personal data on behalf of our clinic clients - for example, running ad campaigns or handling assets they supply - we usually act as a processor. That processing is governed by a separate data processing agreement with the client and is not covered by this policy. This policy describes our role as an independent controller for our Website and our own business operations.

2. The personal data we collect


We may collect and use the following categories of data:

  • Identity and contact data - name, job title, clinic name, email address, telephone number.
  • Professional profile data - sector, interests, services you are interested in, budget ranges you share with us.
  • Enquiry and communication data - messages you send through forms, emails, call notes, meeting notes, testimonials and survey responses.
  • Marketing preferences - your choices about receiving marketing from us and your communication preferences.
  • Technical and usage data - IP address, device and browser information, time zone, approximate location, pages viewed, buttons clicked, referring URLs and similar diagnostics collected via cookies, pixels and server logs. See our Cookie Policy for details.
  • Content you provide - files or links you upload or share with us through the Website.
  • Recruitment data - CVs, cover letters and interview information if you apply for a role with us.

Special category data. We do not intentionally collect special category data (for example health information about patients) via the Website. Please do not send patient data or clinical photographs through our Website forms. If you are a client and need to share such data for marketing purposes, we will provide a secure channel and a written data processing agreement first.

3. How we collect your data


  • Direct interactions - when you complete a form, book a call, email us, call us, attend our events or request resources.
  • Automated technologies - when you interact with the Website, we may automatically collect technical data using cookies, pixels and similar technologies. See our Cookie Policy.
  • Third-party sources - professional networking sites, advertising platforms, public registries, industry partners and referrals, where permitted by law.

4. How we use your data and our legal bases


We will only use your personal data when the law allows. We rely on the following legal bases under UK GDPR:

  • Consent - for placing or reading non-essential cookies and for certain email or SMS marketing where required by PECR. You can withdraw consent at any time.
  • Contract - to take steps at your request before entering into a contract with you or to perform a contract we have with you.
  • Legitimate interests - to operate, grow and protect our business (for example, B2B marketing to corporate subscribers, security, fraud prevention, service improvement). We balance these interests against your rights.
  • Legal obligation - to comply with laws such as tax, accounting and regulatory reporting.

Typical purposes include:

  • Responding to enquiries - to provide proposals, demos and information you request - contract or legitimate interests.
  • Providing the Website and support - to deliver content, fix issues and communicate with you - legitimate interests.
  • Marketing and events - to send insights, invitations and offers that may be relevant to clinics - consent or legitimate interests, with PECR compliance and easy opt-out.
  • Personalising content - to tailor Website content and emails to your interests - consent where cookies or similar technologies are used, otherwise legitimate interests.
  • Analytics and performance - to understand how the Website is used and improve it - consent for analytics cookies, legitimate interests for basic aggregated reporting and server logs.
  • Security and fraud prevention - to monitor, detect and investigate suspicious activity - legitimate interests and legal obligation.
  • Legal and compliance - to keep appropriate records and comply with requests from regulators - legal obligation.

5. Marketing communications


We may send marketing to clinics and other corporate subscribers under legitimate interests and to individuals where we have your consent or where the soft opt-in applies under UK PECR. You can opt out at any time by clicking the unsubscribe link in an email or by contacting us at support@yourclinicangels.com.

Third-party marketing. We will get your express consent before we share your data with any third party for their own marketing.

6. Cookies and similar technologies


We use cookies, pixels and similar technologies to operate the Website, remember your preferences and analyse performance. Non-essential cookies are used only with your consent. For details on types, purposes and how to manage your choices, please see our Cookie Policy.

7. Disclosures of your personal data


We may share your data with trusted recipients for the purposes set out above:

  • Service providers - IT hosting, website operations, analytics, CRM, communications and marketing automation providers acting as processors under contract.
  • Professional advisers - lawyers, bankers, auditors and insurers.
  • Authorities - regulators, law enforcement and public bodies where required by law or to protect rights.
  • Corporate transactions - buyers, investors and advisers in connection with a merger, acquisition or restructuring, subject to confidentiality.

We do not sell your personal data.

8. International transfers


We are based in the United Kingdom. Some of our service providers may process data outside the UK. Where we transfer your data internationally we will ensure appropriate safeguards are in place, such as:

  • ICO-approved IDTA - the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses.
  • UK-US Data Bridge - transfers to US organisations certified to the UK Extension to the EU-US Data Privacy Framework.
  • Other safeguards - binding corporate rules or an adequacy decision where available.

You can request information about the specific safeguards that apply to your data by contacting us.

9. Data security


We use appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or loss. While we work hard to protect your information, no internet transmission or storage system can be guaranteed to be 100% secure.

10. Data retention - how long we keep your data


We keep personal data only for as long as necessary for the purposes described in this policy and to meet legal, accounting or reporting requirements. Typical periods are:

  • Enquiries and proposals - up to 6 years from last interaction.
  • Client records and contracts - 6 years from the end of the financial year in which our engagement ends.
  • Marketing preferences and suppression - retained indefinitely to respect opt-out requests.
  • Technical logs - up to 6 years.
  • Analytics data - typically up to 36 months, depending on the tool configuration.
  • Recruitment data - up to 36 months from decision unless hired.

We may keep data longer in the event of a complaint, dispute or where we are required by law.

11. Your rights


Under UK GDPR you may have the right to:

  • Request access to your personal data and receive a copy.
  • Request correction of incomplete or inaccurate data.
  • Request erasure where there is no good reason for us continuing to process it.
  • Object to processing where we rely on legitimate interests and you feel it impacts your rights - including the right to object to direct marketing at any time.
  • Request restriction of processing in certain circumstances.
  • Request portability of your data to you or to a third party in a structured, commonly used, machine-readable format.
  • Withdraw consent where we rely on consent. This does not affect the lawfulness of processing before withdrawal.
  • Not be subject to decisions based solely on automated processing that produce legal or similarly significant effects, unless permitted by law.

How to exercise your rights. Email support@yourclinicangels.com. We may need to verify your identity. We aim to respond within one month.

Complaints. You can complain to the UK Information Commissioner's Office (ICO) at ico.org.uk or by phone on 0303 123 1113. We would appreciate the chance to deal with your concerns before you approach the ICO.

12. Children


The Website is intended for users aged 18 and over. We do not knowingly collect data relating to children.

14. Changes to this policy


We may update this Privacy Policy from time to time. The updated version will be indicated by an updated effective date and will be effective as soon as it is accessible. We recommend that you review this page regularly.

15. How to contact us


If you have questions about this policy or our data practices, contact us at support@yourclinicangels.com, by phone on +44 20 7072 4070 or by post to Your Clinic Angels, HEC, 4 Pindar Road, Hertfordshire, EN11 0FJ, United Kingdom.

Important notice


This policy is intended to provide transparent information about our processing. It does not create a contractual relationship and should be read together with our Terms, Cookie Policy and any service agreement we may sign with you.