Privacy Policy

Last updated: February 12, 2024

This privacy notice for Practice Works Ltd ('we', 'us', or 'our'), describes how and why we might collect, store, use, and/or share ('process') your information when you use our services ('Services'), such as when you:

  • Visit our website at practiceworks.io, or any website of ours that links to this privacy notice
  • Download and use our mobile application (Practice Works), or any other application of ours that links to this privacy notice
  • Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at hello@practiceworks.io.

Summary of Key Points

  • What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.
  • Do we process any sensitive personal information? We do not process sensitive personal information.
  • Do we receive any information from third parties? We do not receive any information from third parties.
  • How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
  • How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information.
  • What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information.

1. What Information Do We Collect?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

The personal information we collect may include the following:

  • Names
  • Email addresses
  • Usernames
  • Passwords

Sensitive Information. We do not process sensitive information.

Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is stored by Stripe.

Social Media Login Data. We may provide you with the option to register with us using your existing social media account details, like your Facebook, Twitter, or other social media account.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information.

Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Policy.

2. How Do We Process Your Information?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.

We process your personal information for a variety of reasons, including:

  • To facilitate account creation and authentication and otherwise manage user accounts.
  • To request feedback and to contact you about your use of our Services.
  • To protect our Services, including fraud monitoring and prevention.
  • To identify usage trends so we can improve our Services.
  • To save or protect an individual's vital interest, such as to prevent harm.

3. What Legal Bases Do We Rely On to Process Your Information?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law.

If you are located in the EU or UK, the General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on. These include:

  • Consent. We may process your information if you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
  • Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests.
  • Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations.
  • Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or those of a third party.

4. When and With Whom Do We Share Your Personal Information?

In Short: We may share information in specific situations and with specific categories of third parties.

We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf. These include:

  • Cloud Computing Services
  • Data Analytics Services
  • Payment Processors
  • User Account Registration & Authentication Services
  • Website Hosting Service Providers
  • Data Storage Service Providers

We may also share your information in connection with business transfers, and when we use Google Analytics to track and analyse the use of the Services.

5. What Is Our Stance on Third-Party Websites?

In Short: We are not responsible for the safety of any information that you share with third parties that we may link to or who advertise on our Services, but are not affiliated with our Services.

6. Do We Use Cookies and Other Tracking Technologies?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. For more details, please see our Cookie Policy.

7. How Do We Handle Your Social Logins?

In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.

Our Services offer you the ability to register and log in using your third-party social media account details. Where you choose to do this, we will receive certain profile information about you from your social media provider, which may include your name, email address, friends list, and profile picture.

8. Is Your Information Transferred Internationally?

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information.

If you are a resident in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we have implemented measures to protect your personal information, including by using the European Commission's Standard Contractual Clauses.

9. How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law.

10. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure.

11. Do We Collect Information from Minors?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.

12. What Are Your Privacy Rights?

In Short: In some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information.

These may include the right to request access, rectification, erasure, restriction of processing, data portability, and the right not to be subject to automated decision-making.

If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your data protection authority.

Withdrawing your consent: If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us.

Cookies and similar technologies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. For further information, please see our Cookie Policy.

If you have questions or comments about your privacy rights, you may email us at support@practiceworks.io.

13. Controls for Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track ('DNT') feature or setting. At this stage no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals.

14. Do United States Residents Have Specific Privacy Rights?

In Short: If you are a resident of California, Colorado, Connecticut, Utah or Virginia, you are granted specific rights regarding access to your personal information.

For detailed information on state-specific privacy rights, including California (CCPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and Virginia (VCDPA), please contact us at support@practiceworks.io.

15. Do We Make Updates to This Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated 'Revised' date and will be effective as soon as it is accessible.

16. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO), An Nguyen, by email at hello@practiceworks.io, or contact us by post at:

Practice Works Ltd
71-75 Shelton Street
Covent Garden, London
United Kingdom, WC2H 9JQ

17. How Can You Review, Update, or Delete the Data We Collect From You?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact us at support@practiceworks.io.