Login
Login
Get Started

Privacy Policy

Effective Date: 23 February 2026

This privacy notice explains how Treat-It Clinic (“Treat It”, “we”, “us”, “our”) collects, uses, and protects your personal data when you use our website at https://treat-it.clinic and associated services through our mobile and web applications (together, the “Treat It System”).

Please read this notice carefully to understand how we handle your personal information, your rights, and how to contact us with questions or concerns.

1. Who We Are

Treat It is a brand under Kanabo Group PLC and operates as part of The GP Service (UK) Limited, registered in England and Wales (Company No. 338440891). We are the data controller responsible for your personal information when using our services.

Contact Information:

ICO Registration Number: ZA194910

2. Our Commitment to Data Privacy and Security

We are committed to handling your personal data in line with the UK GDPR, the Data Protection Act 2018, and relevant privacy regulations. Treat-It Clinic may operate with support from remote staff outside the UK or EEA (e.g., Sri Lanka). In such cases, we ensure:

  • Data access is strictly controlled, encrypted, and role-based.
  • All staff operate using company-issued devices under security and usage policies.
  • Adequate safeguards, such as Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs), are in place to ensure lawful international transfers of personal data.

If our publicly available privacy policy has not sufficiently explained these safeguards, we are updating it now to reflect this more clearly.

3. Types of Personal Data We Collect

We collect and process the following categories of data:

a. During Registration

  • Name, contact details, postal address 
  • Date of birth (to confirm age and verify identity) 
  • NHS GP information 
  • Mobile device and login details 

b. When Using Our Services

  • Medical history, prescriptions, consultations 
  • Payment details (processed securely by Stripe) 
  • Summary Care Record (SCR) and NHS Number 
  • Any other information submitted through consultations or forms 

c. From Third Parties

  • Payment providers (e.g. Stripe) 
  • Analytics and marketing partners 
  • Pharmacy partners and prescribers 
  • NHS services or GP practices (if applicable)

4. How We Use Your Data

We use your personal data for:

  • Providing medical consultations, prescriptions, and referrals
  • Processing payments
  • Delivering prescriptions or test kits
  • Communicating service updates or responses to queries
  • Legal, compliance, and regulatory purposes
  • Research and service improvement (anonymised or with your consent)

5. Sharing Your Data

We may share your personal data with:

  • Clinicians and pharmacy partners providing care 
  • NHS GP (as required by GMC guidance) 
  • Third-party service providers (e.g., IT support, payment processors) 
  • Law enforcement or regulators when required by law 

We do not sell your personal data.

6. Data Storage, Transfers & Security

Your data is stored securely on servers located in the UK (e.g., AWS and Redcentric). In some cases, support staff located outside the UK/EEA (e.g., Sri Lanka) may access your data. In these cases:

  • Access is encrypted and through secure company-managed systems.
  • Only essential data is made available on a need-to-know basis.
  • We ensure adequate safeguards as per UK GDPR for all international data transfers.

We maintain strict internal controls and security protocols including:

  • End-to-end encryption
  • HTTPS across all web and mobile systems
  • Staff confidentiality and cybersecurity training
  • Data protection agreements with all partners

7. How Long We Keep Your Data

Patient records are retained for at least 11 years, or as required by law and regulatory guidance. Other data may be retained for service, billing, or compliance purposes. Data is securely deleted once no longer required.

8. Your Rights

You have the right to:

  • Access your data
  • Correct inaccuracies
  • Delete your account (subject to legal retention)
  • Object to processing for marketing
  • Withdraw consent at any time

To exercise your rights, contact us at:
 📧 support@treat-it.clinic

9. Cookies and Analytics

Our website uses cookies to:

  • Improve user experience
  • Enable secure login
  • Analyze traffic and usage patterns

You can disable cookies in your browser settings. For more details, please see our Cookie Policy (coming soon).

10. Updates to This Privacy Notice

We regularly review this policy to ensure it reflects our current data processing activities and compliance standards. We will notify users of any significant changes via email or prominent notice on our website.

11. Contact Us

If you have any concerns or complaints, contact our Privacy Officer at:

📧 privacy@treat-it.clinic
 📬 The Technocentre, Coventry University Technology Park, Puma Way, Coventry, West Midlands, CV1 2TT
 ☎️ 0247 509 8777

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.