Last updated: June 2026

Privacy Policy

1. Introduction

This is Augmentive Ltd's Privacy Notice.

As part of the services we provide, we process personal data relating to:

  • Patients / service users
  • Parents or legal guardians (where applicable)
  • Friends or relatives (e.g. next of kin)
  • Staff and contractors
  • Job applicants
  • Website users
  • Members of the public contacting us

"Processing" includes collecting, recording, organising, storing, structuring, sharing, analysing, restricting, erasing and deleting data.

We are committed to transparency about:

  • What data we collect
  • Why we need it
  • How it is used
  • Who it is shared with
  • How long it is retained
  • Your rights

If you have questions about this notice, please contact: privacy@augmentive.io

2. Who We Are

Augmentive Ltd
Company No. 12464843
Registered Office:
Fora
1 Lyric Square
London
Greater London
W6 0NB
United Kingdom

We are the Data Controller for most processing described in this notice.

Where care is NHS-funded (including Right to Choose):

  • We may act as Controller in Common with the relevant NHS body; or
  • As a Processor where required under contract.

Clinicians delivering care via Augmentive act as:

  • Independent Data Controllers for their clinical decision-making; and
  • Joint Controllers with Augmentive for shared records held within our systems.

3. Service Users (Patients)

3.1 What Data We Collect

Basic Personal Data

  • Name
  • Date of birth
  • Address
  • Email address
  • Telephone number
  • GP details
  • NHS number
  • Emergency contact
  • Employer (if relevant)
  • Appointment history

Financial Data

  • Payment method metadata
  • Billing address
  • Subscription status
  • Stripe customer ID

We do not store full card numbers.

3.2 Special Category (Health) Data

We collect and process:

  • Referral questionnaire responses
  • Neurodevelopmental history
  • Diagnostic assessments
  • ADHD / Autism diagnostic conclusions
  • Medication history
  • Prescribing records
  • Titration logs
  • Blood pressure / pulse / weight records
  • Suicidal ideation responses
  • Risk assessment notes
  • Safeguarding notes
  • Therapy notes
  • Outcome measures
  • GP correspondence
  • Shared care documentation

This data is processed:

  • In Semble (our clinical record system), and
  • In Augmentive's secure cloud infrastructure hosted on Google Cloud Platform (United Kingdom / London region).

3.3 Lawful Bases

Under Article 6 UK GDPR

  • 6(1)(b) Contract
  • 6(1)(c) Legal obligation
  • 6(1)(e) Public task (NHS work)
  • 6(1)(f) Legitimate interests

Under Article 9 UK GDPR (Special Category Data)

  • 9(2)(h) Provision of health care
  • 9(2)(g) Substantial public interest (safeguarding)
  • 9(2)(a) Explicit consent (where applicable)

Common Law Duty of Confidentiality

We satisfy the duty because:

  • Care provision implies consent
  • Legal obligations apply
  • Public interest may override confidentiality in safeguarding cases

4. National Data Opt-Out

We review our processing annually to assess applicability of the National Data Opt-Out.

At present:

We do not use confidential patient information for planning or research purposes beyond individual care where the opt-out would apply.

If this changes, we will:

  • Apply the National Data Opt-Out
  • Use MESH where required
  • Update this notice

Further information: www.nhs.uk/your-nhs-data-matters

5. Where Data Is Processed

5.1 Clinical Records

Stored in:

  • Semble (clinical record processor), and
  • Augmentive's secure infrastructure on Google Cloud Platform (United Kingdom / London region).

5.2 Sub-Processors / Vendors

We use the following processors, grouped by purpose:

Clinical and care delivery

  • Semble — clinical record system (patient electronic health record)
  • Twilio — video consultations, in-app messaging and SMS
  • Pharmacierge — pharmacy and electronic prescribing partner
  • Heidi — AI ambient scribe for clinical documentation (clinician-reviewed; UK-hosted)
  • Zoom — occasional standalone video consultation, used only on request (not part of our integrated platform)

Communications

  • GetStream — in-app messaging
  • Customer.io — transactional and service email
  • Intercom — customer support messaging
  • bOnline — business telephony (VoIP); call metadata only (calls are not recorded)

Payments

  • Stripe — card payment processing

Platform and infrastructure

  • Google Cloud Platform — secure hosting of our platform and application data
  • Google (OAuth and Calendar API) — sign-in and calendar booking synchronisation

Analytics, monitoring and security

  • Sentry — error and performance logging
  • Mixpanel — product usage analytics
  • Google Analytics — website analytics
  • LogRocket — error tracking and session replay (on-screen personal data is masked)
  • Usercentrics — cookie consent management
  • Google reCAPTCHA — fraud and bot protection
  • Google Tag Manager — tag management

Website and marketing

  • Framer — marketing landing-page hosting

Business operations

  • Google Workspace — staff email, documents and storage
  • Slack — internal staff communication
  • Charlie HR — HR and people management
  • Calendly — appointment scheduling
  • DocuSign — electronic signatures (operational documents)
  • Linear and GitHub — internal product-development tooling
  • Zapier — workflow automation (currently inactive)

We also use AI-assistance tools (OpenAI's ChatGPT and Anthropic's Claude), Notion and Mapbox in ways that do not involve your personal data.

Some third parties we work with act as independent data controllers rather than our processors — Trustpilot (reviews), Google Ads (advertising) and YouTube (embedded video). Where these set cookies, they are disclosed and consent-gated in our cookie banner.

Each processor operates under:

  • Data Processing Agreements
  • Standard Contractual Clauses (where applicable)
  • the UK International Data Transfer Addendum (where applicable)
  • appropriate technical and organisational security controls

Where vendors process data outside the UK, we conduct transfer risk assessments to ensure equivalent levels of protection in accordance with UK GDPR.

6. Technical Data & Telemetry

We collect:

  • IP address
  • User agent
  • Browser type
  • Device diagnostics
  • Referrer URL
  • Page views
  • Interaction timestamps
  • Error logs
  • Session replay data (where enabled)

Purpose:

  • Security
  • Fraud detection
  • Platform performance
  • Product improvement

7. Cookies

We use:

  • Strictly Necessary — authentication, security, session management
  • Analytics — Google Analytics, Mixpanel
  • Product Analytics / Session Replay — LogRocket
  • Other / Marketing — Customer.io

Third-party tools that set cookies and act as independent controllers — Trustpilot, Google Ads and YouTube — are disclosed and consent-gated here.

Consent is managed via our cookie banner (Usercentrics).

8. OAuth & Calendar Integrations

Where you connect Google, we store:

  • OAuth access token
  • Refresh token
  • Expiry metadata

Used solely for:

  • Calendar booking synchronisation
  • Appointment reminders

Tokens can be revoked at any time via Google account settings and are deleted upon disconnection.

9. Payments

Stripe processes:

  • Card numbers
  • Expiry
  • CVC

Augmentive stores:

  • Stripe customer ID
  • Payment status
  • Billing metadata

We do not store full card details.

10. Consent-Based Sharing

Where sharing is consent-based:

  • Consent is captured via secure form
  • Timestamp recorded
  • Status tracked in system
  • Withdrawal logged and enforced

11. Friends, Relatives and Emergency Contacts

Where a service user provides details of:

  • Parent or legal guardian
  • Next of kin
  • Emergency contact
  • Lasting Power of Attorney
  • Authorised family contact

We process limited personal data:

  • Name
  • Relationship
  • Telephone number
  • Email address
  • Address (where relevant)

Lawful Basis

  • Article 6(1)(f) Legitimate interests – to ensure safe and effective clinical care
  • Article 6(1)(c) Legal obligation – where safeguarding duties apply

Where communication is consent-based, consent is recorded and may be withdrawn.

We do not use this data for marketing.

12. Staff Data

We process personal data relating to staff, contractors and job applicants.

Personal Data

  • Name
  • Address
  • Email
  • Telephone
  • National Insurance number
  • Date of birth
  • Next of kin
  • Payroll information
  • Pension information
  • Tax details
  • Bank details (for salary payments)
  • Training records
  • Employment history
  • DBS check confirmation

Special Category Data

  • Sick leave data
  • Occupational health data
  • Maternity / paternity information
  • Reasonable adjustments
  • Diversity data (voluntarily provided)

Criminal Records

Where required, DBS checks are conducted.

We do not retain criminal record certificates.

We record confirmation that checks have been completed.

Lawful Bases

Article 6:

  • 6(1)(b) Contract
  • 6(1)(c) Legal obligation
  • 6(1)(f) Legitimate interests

Article 9:

  • 9(2)(b) Employment law
  • 9(2)(h) Occupational health
  • 9(2)(a) Explicit consent (where applicable)

Sharing

Staff data may be shared with:

  • HMRC
  • Pension providers
  • Payroll providers
  • Benefits administrators
  • Occupational health providers
  • DBS service providers
  • Regulators (e.g. CQC)
  • Law enforcement (where required)

13. Retention Periods

  • Clinical records – 8 years (adults)
  • Children – until age 25/26
  • Account data – 6 years after closure
  • Support tickets – 3 years
  • Security logs – 12 months
  • Analytics data – 24 months
  • Consent records – duration of relationship + 6 years
  • OAuth tokens – deleted on disconnection
  • Payment metadata – 6 years (HMRC requirement)

Retention periods are aligned with the NHS Records Management Code of Practice where applicable.

14. Deletion & Anonymisation

When retention periods expire:

  • Clinical records are securely deleted or archived in accordance with NHS guidance
  • Logs are anonymised
  • Analytics data aggregated
  • OAuth tokens revoked
  • Backups overwritten in cycle

15. International Transfers

Most personal and clinical data is stored and processed in the United Kingdom and the European Economic Area (EEA): our platform hosting (Google Cloud Platform) is in the UK; the clinical record (Semble) is in the UK; clinical documentation (Heidi) is UK-hosted; and several providers are EEA-hosted (for example Twilio in Ireland, Customer.io and Mixpanel in the EU, and Sentry in Germany). UK-to-EEA transfers rely on the UK's adequacy regulations for the EEA.

Some providers process data in the United States (for example Intercom, LogRocket, Stripe and certain Google services). Where data is transferred outside the UK we rely on one or more of:

  • UK adequacy regulations
  • the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses
  • the UK Extension to the EU-US Data Privacy Framework (where the provider is certified)

supported by encryption in transit and at rest and a transfer risk assessment.

16. Children / Minors

Where under 18:

  • Parent/guardian consent required
  • Identity verification conducted
  • Records retained per NHS retention rules

We do not knowingly process data of children under 13 without parental consent.

17. Your Rights

You have the right to:

  • Access your data
  • Rectify inaccuracies
  • Erase data (where legally permissible)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent

We do not charge for access requests unless manifestly unfounded or excessive.

We respond within one month.

You may complain to:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
https://ico.org.uk/global/contact-us/