Privacy & Cookie
Policy

BioHealthcare Group Ltd is the data controller for personal information collected through our websites and services. We are a UK-registered company operating across the UK, USA, EU, UAE, and India.

• Respond to enquiries and deliver requested services
• Provide, manage, and improve our platforms
• Process payments and manage transactions
• Send marketing communications (where consented)
• Maintain platform security and prevent fraud
• Comply with legal and regulatory obligations
• Conduct analytics and business intelligence
• Facilitate investment and partnership discussions
• Deliver healthcare intelligence to members and partners (with consent)

• Service Providers - vendors bound by data processing agreements (hosting, payments, analytics, email delivery)
• Group Companies - within BioHealthcare Group for integrated service delivery
• Clinical & Research Partners - under strict confidentiality agreements, with your consent
• Professional Advisers - lawyers, accountants, auditors under confidentiality
• Regulatory & Legal Authorities - where required by law
• Business Transfers - in connection with mergers or acquisitions

Your data may be processed in the UK, USA, EU, UAE, and India. All international transfers are protected by:

• Adequacy decisions from the UK Secretary of State or European Commission
• UK International Data Transfer Agreements (IDTAs) or EU Standard Contractual Clauses (SCCs)
• UAE PDPL-compliant contractual safeguards
• India DPDPA-compliant transfer mechanisms

You have the following rights over your personal data. To exercise any right, contact privacy@biohealthcare.group. We respond within 30 days.

We use cookies and similar technologies (pixels, local storage) to enhance your experience and measure performance. You can manage preferences via our Cookie Preference Centre.

Manage preferences: Cookie Preference Centre (banner on first visit) or browser settings. US residents may use Global Privacy Control (GPC) to opt out of data sharing for advertising.

• Only collected with your explicit, specific, freely given consent
• Stored on encrypted, access-controlled systems with full audit logging
• Accessible only to clinical professionals and authorised personnel on a need-to-know basis
• Never used for insurance profiling, employment decisions, or discriminatory purposes
• Never shared with third parties for commercial purposes
• Subject to Data Protection Impact Assessments (DPIAs)
• Separate consent notices provided before any health data collection

Our services are not directed at children under 18. We do not knowingly collect data from under-18s without verifiable parental consent. Contact privacy@biohealthcare.group if you believe we hold a child's data inadvertently.

• Encryption in transit (TLS/SSL) and at rest (AES-256)
• Role-based access controls and multi-factor authentication
• Regular penetration testing and vulnerability assessments
• Staff data protection training
• Documented incident response and breach notification procedures

We update this policy periodically. Material changes are flagged on our homepage and notified to registered users by email. The effective date at the top of this page is always current.