0800 917 9330

Privacy Notice

At Teladoc Health UK LTD we are committed to protecting and respecting your privacy.
This privacy notice describes how Personal Identifiable Information (PII) and Personal Healthcare Information (PHI) about you may be collected, used, and disclosed, and how you can get access to this information. Please review it carefully.

The data controller is Teladoc Health UK LTD (hereinafter "Teladoc") with offices in 18 King William Street, London EC4N 7BP. Therefore, Teladoc will be the entity who will collect personal identifiable and personal protected health information.

Teladoc mainly collects your PII and PHIin order to provide you with the Service. We will never share your personal data for any purpose other than as defined in this Privacy Policy,but strictly for the purpose of rendering the Service for the benefit of the person identified by the data collected. We will permanently anonymise your personal data when you are no longer eligible for the Service.

1. Scope

Teladoc operates globally and is committed to full compliance with all applicable laws and regulations of any jurisdiction.

2. Fundamental Principles

Teladoc's privacy practices comply with the General Data Protection Regulation (EU) 2016/679 which include the following protections:

  • Your personal data will be processed lawfully, transparently and fairly
  • Limiting personal data use to a legitimate purpose
  • Limiting the processing and storage of your personal data to the minimum necessary
  • Making sure the privacy notice is accurate and sufficient
  • Maintaining open and transparent privacy policies
  • Being accountable to you for processing your personal data
  • Making sure your consent is informed and easy to withdraw.
  • Defining and protecting your sensitive/special categories of data
  • Ensuring third parties apply similar or equivalent standards of privacy controls where they process your personal data on our behalf
  • Not transferring your personal data outside of the EU and the USA unless otherwise
    required by law.In the event your personal data is required to be transferred outside of the EU and the USA (for any purpose other than by way of legal requirement), Teladoc shall procure prior consent from both you and Canada Life before any personal data is transferred.
  • Giving you the right to concise, timely, comprehensive information regarding our processing of your personal data.
  • Giving you have the right to rectify incomplete, inaccurate, unnecessary or excessive personal data.
  • Giving you have the right to object (where applicable).
  • Making sure we have procedures to support your exercising of any data subject rights.
  • Applying security measures, including technical and procedural support for integrity, confidentiality and availability must be provided.
  • Maintaining the confidentiality of your personal data even after our relationship with you has terminated.

3. International Transfers

In order to better protect your data and provide you with the service, Teladoc uses in the framework of the provision of the Second Medical Opinion, data centres based in the EU and in the USA, that comply with all the privacy, security and contingency measures and regulations.

4. Contact Information & Data Protection Officer & Data Protection Authority

You may request information, file a complaint and exercise your rights data protection rights as set out below by emailing dataprotectionofficer@teladochealth.com, indicating your name, what service was used and your telephone number, and attaching your Identification Card or any other document that permits us to identify you.

  • Right of access: right to ask Teladoc for copies of your Personal Data.
  • Right to rectification - you have the right to ask Teladoc to rectify Personal Data you think is inaccurate. You also have the right to ask Teladoc to complete information you think is incomplete.
  • Right to withdraw Your consent at any time to the processing of Your Health Data
  • Right to erasure: right to ask Teladoc to erase your Personal Data in certain circumstances.
  • Right to restriction of processing: right to ask Teladoc to restrict the processing of your Personal Data in certain circumstances.
  • Right to object to processing: the right to object to the processing of your Personal Data in certain circumstances.
  • Right to data portability: the right to ask that Teladoc transfers the information you gave to another organisation, or to you, in certain circumstances.

If you have any questions or would like a copy of this Privacy Policy, or you believe your privacy rights have been violated, you may contact the Data Protection Officer at dataprotectionofficer@teladochealth.com. There will be no retaliation for filing any complaint or exercising any subject rights.

You may also address to the English Data Protection Authority (the Information Commissioner's Office – www.ico.org.uk-) any query, claim or issue related to data protection.

5. What Data is Collected

  • Personal Identifiable Information (PII) is information or data that directly identifies you or when used in combination with information available publicly or in the possession of Teladoc, may provide a high probability of identifying you.
  • Personal Healthcare Information (PHI) is PII that in addition contains health data about the individual identified by the data.

6. How data is used

  • Teladoc collects and processes PII and PHI for the purposes of providing you with the Service, on the basis of and as necessary for the performance of the contract between you and us. With regard to the health data in particular, note that processing is necessary for the purposes of preventive or occupational medicine, medical diagnosis, the provision of health or social care or treatment, subject to the obligation of professional secrecy under Union or Member.
  • Teladoc does not share your PHI unless you expressly consent, for any purpose not both defined in this Privacy Policy and required for providing the Service.
  • Teladoc also may use your PII and/or PHI to review or evaluate the performance of our systems in providing the Service to you, and to improve the quality or timeliness of our service. Teladoc also may create de-identified information (anonymous data). De-identified information is information that does not include your name, address, birth date, or other information that could be used to identify you. This de-identified information could be used for quality improvement, research and other purposes. For example, Teladoc could use this de-identified information to demonstrate the reliability of our information management systems or to generate medical research information.

7. Disclosure of personal data

Teladoc does not share your PII and PHI unless you expressly consent, for any purpose not defined in this Privacy Policy or necessary for the provision of the Service.

However, Teladoc may be called upon to disclose information by a duly empowered branch of Government or Court in any country in which our patients are citizen, in order to comply with EU or Union Member's legal obligations.

8. Data Retention

Teladoc will retain your PHI as long as it is needed for providing the Service to you and for the relevant statutory periods (including, for the avoidance of doubt, those in respect of any claims or disputesas may be brought by a user of the Service.

After that, and, in any case, when you are no longer eligible for the Service then your PII and PHI are securely destroyed or permanently de-identified in accordance with applicable laws. Any and all codes, links, or other data that could be used to relate the de-identified data to you are permanently destroyed.

Such permanently de-identified data is no longer PII or PHI and is retained by Teladoc indefinitely. Note that it is not possible to identify you from this de-identified data, and therefore data subject rights would not be applicable to this data.

We insist that the vendors, including doctors under contract to Teladoc that we retain to provide support services to Teladoc, adhere to our Privacy Policy and Principles as well as their roles and responsibilities in complying with them.

9. Security Enforcement

We safeguard your personal data with tested and certified technical and organisational security controls. We educate our staff and service providers on our Privacy Policy and principles as well as their roles and responsibilities in complying with them.

10. Access to and keeping up to date your personal data

We strive to keep your personal data accurate and current; and we will update or disclose it to you whenever you request us to do so. You are responsible for communicating modifications, rectifications or additions to your personal information in order that Teladoc may change it accordingly and keep it current.

You are able to access information held about you and can correct or delete it if it is inaccurate.

11. Access to our services

Access to Teladoc sites are accesses controlled and restricted to registered adult patients, parents or guardians of minor patients; and our own staff of Health Professionals. Teladoc has implemented manual and technical, physical and electronic security controls to best ensure that our systems and data are secure. These controls are continuously monitored and upgraded as required by changing business processes, new data security threats and as better security controls become available.

12. Payment Data

Teladoc does not use PII or PHI for payments.