This is Augmentive Ltd's Privacy Notice.

As part of the services we provide, we process personal data relating to:

• Patients / service users
• Parents or legal guardians (where applicable)
• Friends or relatives (e.g. next of kin)
• Staff and contractors
• Job applicants
• Website users
• Members of the public contacting us

"Processing" includes collecting, recording, organising, storing, structuring, sharing, analysing, restricting, erasing and deleting data.

We are committed to transparency about:

• What data we collect
• Why we need it
• How it is used
• Who it is shared with
• How long it is retained
• Your rights

If you have questions about this notice, please contact: privacy@augmentive.io

Augmentive Ltd
Company No. 10845473
Registered Office:
Fora
1 Lyric Square
London
Greater London
W6 0NB
United Kingdom

We are the Data Controller for most processing described in this notice.

Where care is NHS-funded (including Right to Choose):

• We may act as Controller in Common with the relevant NHS body; or
• As a Processor where required under contract.

Clinicians delivering care via Augmentive act as:

• Independent Data Controllers for their clinical decision-making; and
• Joint Controllers with Augmentive for shared records held within our systems.

3.1 What Data We Collect

Basic Personal Data

• Name
• Date of birth
• Address
• Email address
• Telephone number
• GP details
• NHS number
• Emergency contact
• Employer (if relevant)
• Appointment history

Financial Data

• Payment method metadata
• Billing address
• Subscription status
• Stripe customer ID

We do not store full card numbers.

3.2 Special Category (Health) Data

We collect and process:

• Referral questionnaire responses
• Neurodevelopmental history
• Diagnostic assessments
• ADHD / Autism diagnostic conclusions
• Medication history
• Prescribing records
• Titration logs
• Blood pressure / pulse / weight records
• Suicidal ideation responses
• Risk assessment notes
• Safeguarding notes
• Therapy notes
• Outcome measures
• GP correspondence
• Shared care documentation

This data is processed:

• In Semble (clinical record system)
• In Augmentive's secure AWS-hosted infrastructure

3.3 Lawful Bases

Under Article 6 UK GDPR

• 6(1)(b) Contract
• 6(1)(c) Legal obligation
• 6(1)(e) Public task (NHS work)
• 6(1)(f) Legitimate interests

Under Article 9 UK GDPR (Special Category Data)

• 9(2)(h) Provision of health care
• 9(2)(g) Substantial public interest (safeguarding)
• 9(2)(a) Explicit consent (where applicable)

Common Law Duty of Confidentiality

We satisfy the duty because:

• Care provision implies consent
• Legal obligations apply
• Public interest may override confidentiality in safeguarding cases

We review our processing annually to assess applicability of the National Data Opt-Out.

At present:

We do not use confidential patient information for planning or research purposes beyond individual care where the opt-out would apply.

If this changes, we will:

• Apply the National Data Opt-Out
• Use MESH where required
• Update this notice

Further information: www.nhs.uk/your-nhs-data-matters

5.1 Clinical Records

Stored in:

• Semble (clinical record processor)
• Augmentive secure AWS infrastructure

5.2 Sub-Processors / Vendors

We use:

• Stripe – payments
• Twilio – SMS
• GetStream / Stream Chat – messaging
• Semble – clinical records
• Customer.io – transactional messaging
• Sentry – error logging
• Intercom – support messaging
• Mixpanel – product analytics
• Google Analytics – web analytics
• Google Tag Manager – tag management
• Snowplow – behavioural analytics
• LogRocket – session replay
• Trustpilot – reviews
• Rewardful – affiliate tracking
• Algolia – search
• Mapbox – mapping
• Google OAuth + Calendar API – login/calendar sync
• Slack – internal communication
• Notion – documentation
• OpenAI – limited AI-assisted support tooling
• Zoom – telehealth + webhook integrations
• AWS S3 / CloudFront – asset hosting

Each vendor operates under:

• Data Processing Agreements
• Standard Contractual Clauses (where applicable)
• UK International Data Transfer Addendum (where applicable)
• Appropriate technical and organisational security controls

Where vendors process data outside the UK, we conduct transfer risk assessments to ensure equivalent levels of protection in accordance with UK GDPR.

We collect:

• IP address
• User agent
• Browser type
• Device diagnostics
• Referrer URL
• Page views
• Interaction timestamps
• Error logs
• Session replay data (where enabled)

Purpose:

• Security
• Fraud detection
• Platform performance
• Product improvement

We use:

• Strictly Necessary
  Authentication, security, session management
• Analytics
  Google Analytics, Snowplow, Mixpanel
• Product Analytics / Session Replay
  LogRocket
• Marketing
  Customer.io, Rewardful, Trustpilot

Consent is managed via a cookie banner.

Where you connect Google, we store:

• OAuth access token
• Refresh token
• Expiry metadata

Used solely for:

• Calendar booking synchronisation
• Appointment reminders

Tokens can be revoked at any time via Google account settings and are deleted upon disconnection.

Stripe processes:

• Card numbers
• Expiry
• CVC

Augmentive stores:

• Stripe customer ID
• Payment status
• Billing metadata

We do not store full card details.

Where sharing is consent-based:

• Consent is captured via secure form
• Timestamp recorded
• Status tracked in system
• Withdrawal logged and enforced

Where a service user provides details of:

• Parent or legal guardian
• Next of kin
• Emergency contact
• Lasting Power of Attorney
• Authorised family contact

We process limited personal data:

• Name
• Relationship
• Telephone number
• Email address
• Address (where relevant)

Lawful Basis

• Article 6(1)(f) Legitimate interests – to ensure safe and effective clinical care
• Article 6(1)(c) Legal obligation – where safeguarding duties apply

Where communication is consent-based, consent is recorded and may be withdrawn.

We do not use this data for marketing.

We process personal data relating to staff, contractors and job applicants.

Personal Data

• Name
• Address
• Email
• Telephone
• National Insurance number
• Date of birth
• Next of kin
• Payroll information
• Pension information
• Tax details
• Bank details (for salary payments)
• Training records
• Employment history
• DBS check confirmation

Special Category Data

• Sick leave data
• Occupational health data
• Maternity / paternity information
• Reasonable adjustments
• Diversity data (voluntarily provided)

Criminal Records

Where required, DBS checks are conducted.

We do not retain criminal record certificates.

We record confirmation that checks have been completed.

Lawful Bases

Article 6:

• 6(1)(b) Contract
• 6(1)(c) Legal obligation
• 6(1)(f) Legitimate interests

Article 9:

• 9(2)(b) Employment law
• 9(2)(h) Occupational health
• 9(2)(a) Explicit consent (where applicable)

Sharing

Staff data may be shared with:

• HMRC
• Pension providers
• Payroll providers
• Benefits administrators
• Occupational health providers
• DBS service providers
• Regulators (e.g. CQC)
• Law enforcement (where required)

• Clinical records – 8 years (adults)
• Children – until age 25/26
• Account data – 6 years after closure
• Support tickets – 3 years
• Security logs – 12 months
• Analytics data – 24 months
• Consent records – duration of relationship + 6 years
• OAuth tokens – deleted on disconnection
• Payment metadata – 6 years (HMRC requirement)

Retention periods are aligned with the NHS Records Management Code of Practice where applicable.

When retention periods expire:

• Clinical records are securely deleted or archived in accordance with NHS guidance
• Logs are anonymised
• Analytics data aggregated
• OAuth tokens revoked
• Backups overwritten in cycle

Vendors may process data in:

• UK
• EU
• US

Safeguards include:

• UK IDTA
• EU Standard Contractual Clauses
• Adequacy decisions
• Encryption in transit and at rest
• Transfer risk assessments

Where under 18:

• Parent/guardian consent required
• Identity verification conducted
• Records retained per NHS retention rules

We do not knowingly process data of children under 13 without parental consent.

You have the right to:

• Access your data
• Rectify inaccuracies
• Erase data (where legally permissible)
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent

We do not charge for access requests unless manifestly unfounded or excessive.

We respond within one month.

You may complain to:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
https://ico.org.uk/global/contact-us/