Patient Pass Privacy Policy

Last modified: 8th Jan 2022


Patient Pass is strongly committed to ensuring data privacy and security. Our registered office is at Tomorrow, MediaCityUK, Salford M50 2AB. This policy describes the information we collect, how it is used and shared, and your choices.

What personal information we collect

Personal information is data that can be used to identify or contact a single person. We may collect, store and use the following kinds of personal information:

  • Subscriber Information – If you request a demonstration of Patient Pass on our website we will collect Name, Hospital, Email Address and Telephone Number.
  • Website Information – When you browse our website, we may collect information about your web browsing and use of the site. This may include details of your operating system, location, IP address, browser ID, browsing activity, and other information about how you interacted. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. We use this information to help improve the website.
  • Platform Information – We collect personal information from your use of the Patient Pass platform. We receive information about how you use the Patient Pass platform and store it in log files or other types of files associated to your account and link it to other information we hold about you. This information might include the date and date of any activity, your browser and IP address as well as actions you have taken within the Patient Pass platform. This information helps us to improve the Patient Pass platform for you for all users of the platform.
  • Information you volunteer – In the course of signing up for and using Patient Pass services, consulting with our support teams, sending us an email or communicating with us in any way, you are voluntarily giving us information that we collect. That information may include either your or your end-users’ name, email address, IP address, phone number, postal address, in addition to other details that may include gender, location, occupation or other information of a demographic nature. In supplying this information, you consent to this information being collected, used, disclosed, and stored by us, as described in our Terms and this Privacy Policy.

How is this personal information used?

We may use and disclose personal information to:

  • Confirm your identity when using the Patient Pass platform
  • Supply, improve and support the services we provide (this includes using the data you provide to use the Patient Pass platform to contact end-users, aggregating information from your use of the platform or our website and sharing this with third parties to improve the services that we provide)
  • Administer the website
  • Improve your browsing experience by personalising the website
  • Send you email notifications which you have specifically requested
  • Deal with enquiries and complaints made by or about you relating to the website.

Legal basis for collecting and using your personal information

If you are a client of Patient Pass, the lawful basis for which we rely on to collect and process your data is typically performance of our contractual obligations.

If you are not a client of Patient Pass but represent a business, we rely on legitimate interest as the lawful basis on which we collect and use your personal data in relation to contacting you further in certain situations. Our legitimate interests are usually to provide you with details of our products or services through B2B direct marketing.

If you are an individual and not a client of Patient Pass, the basis on which we collect and use your personal data to contact you is often consent.


A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website. We only use this information for statistical analysis purposes and then the data is removed from the system.

We gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system and date/time stamp. We use this information to understand and analyse trends and administer and improve the site.

Disclosure to Third Parties

At times it may be necessary to use third party suppliers to help us process your data but only for the purposes identified in this policy.

Our website and communications may include links to third parties. We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy. We accept no responsibility or liability for such other websites. You should exercise caution when entering personal information online and look at the privacy statement applicable to the website in question.

Protection of Personal Information

We take the security of your personal information very seriously. We will store all the personal information you provide on our secure (password protected and firewall protected) servers. This website and the Patient Pass platform protect your personal information during transit using encryption such as Transport Layer Security (TLS). We take appropriate organisational and technical security measures to protect your data against unauthorised disclosure or processing. Some of the safeguards we use are firewalls and data encryption and physical access controls to our data centres.

Retention of Personal Information

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

We remove most information provided to us by clients within 90 days of the service being ceased. If an account becomes inactive then the information may be deleted after 90 days.

Your Rights

We want to ensure you remain in control of your personal data. Under the General Data Protection Regulation, you have a number of legal rights which are as follows:

  • the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of it (this is known as a subject access request);
  • the right to have inaccurate data rectified; and
  • the right to object to your data being used for marketing or profiling.

If you would like further information on your rights or wish to exercise them, please write to: The Data Protection Officer, Patient Pass Ltd, Tomorrow, MediaCityUK, Manchester M50 2AB.


If you have any requests or questions regarding your personal information, please contact us:

The Data Protection Officer
Patient Pass Ltd
Salford Quays
M50 2AB

+ 44 (0)161 817 2929


The information controller responsible for our website is Patient Pass Ltd. Our information protection registration number is ZA664072.