1. Who We Are
Docwise is a clinical practice management platform built for independent medical consultants. We are operated by Ambeego LLP.
For privacy matters, contact us at: salman@docwise.org privacy@docwise.co.uk
2. What Information We Collect
From Consultants (our direct customers):
- Name, email address, and professional details (GMC number, specialty, practice locations)
- Billing and payment information
- Calendar and appointment data
- Documents, letters, and clinical correspondence uploaded to the platform
From Patients (via consultant-managed features):
- Name, date of birth, contact details
- Appointment and booking information
- Any documents or records shared through the platform by the consultant
Automatically:
- Device type, browser, IP address
- Usage logs and session activity
3. How We Use Your Information
We use the data we collect to:
- Deliver and operate the Docwise platform
- Process appointments and practice workflows
- Send notifications related to your account or appointments
- Provide customer support
- Improve the platform based on usage patterns
- Meet our legal and regulatory obligations
We do not sell your data. We do not use patient data for advertising.
4. Legal Basis for Processing (UK GDPR)
We process personal data on the following grounds:
- Contract: to provide the services you’ve signed up for
- Legitimate interests: to improve our product, maintain security, and prevent fraud
- Legal obligation: where required by law
- Consent: where you have explicitly opted in (e.g. marketing emails)
For special category data (health information), we process this under Article 9(2)(h) – healthcare provision and management.
5. Who We Share Data With
We share data only where necessary:
- Subprocessors: cloud hosting, payment processors, email delivery, calendar integrations — all bound by data processing agreements
- Your patients: consultants control what information is shared with their patients through the platform
- Regulators or legal authorities: only when required by law
We do not share your data with third parties for their own marketing purposes.
6. Data Retention
We retain your account data for as long as your subscription is active, plus 7 years after termination (in line with NHS records guidance and UK legal requirements). You may request deletion of non-legally-required data at any time.
7. Your Rights
Under UK GDPR, you have the right to:
- Access the data we hold about you
- Correct inaccurate data
- Request deletion (“right to be forgotten”)
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
To exercise any of these rights, email: privacy@docwise.co.uk
We will respond within 30 days. If you are unsatisfied, you may contact the ICO at ico.org.uk.
8. Security
We take security seriously. Docwise uses:
- Encryption in transit (TLS) and at rest
- Role-based access controls
- Regular security reviews
No system is 100% secure. If a breach occurs that affects your rights or freedoms, we will notify you and the ICO as required by law.
9. Cookies
We use essential cookies to keep you logged in and the platform functioning. We may use analytics cookies to understand usage — you can opt out of these in your account settings or browser.
We do not use advertising cookies.
10. Changes to This Policy
We may update this policy from time to time. We’ll notify you by email or in-platform notice if changes are material. The “last updated” date at the top reflects the most recent version.