Privacy Policy

Privacy Policy

  1. Introduction
    This Privacy Policy explains how Polygon Digital Ltd. (“Polygon Digital”, “we”, “us”, or “our”), an Ireland-based health technology company, collects, uses, shares, and secures personal information. It also describes the rights individuals have regarding their personal data.

Polygon Digital provides cloud-based practice management and digital health software solutions for healthcare providers (the “Services”). We are committed to protecting your privacy and maintaining robust technical and organisational measures to safeguard your personal information.

If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer at [email protected].

  1. What Personal Data We Collect
  • Account Data: When you register for our platform, we collect details such as your name, email address, phone number, business address, and payment information.
  • Customer Data: This is data you or your patients enter into our Services. It may include patient health records, contact details, demographic information, appointment histories, and sensitive health data.
  • Automatically Collected Data: We collect technical data when you use our platform, such as your IP address, browser type, pages visited, session duration, and device identifiers. We use system logs for security, integrity, and improvement purposes.
  • Cookies and Similar Technologies: We use these tools to understand usage, remember preferences, and improve our Services. You can manage your preferences via our Cookie Notice.
  1. How We Use Personal Data (Purposes and Legal Bases)
    We process personal data lawfully, fairly, and transparently. Under data protection laws like the EU GDPR, our legal bases include your consent, contractual necessity, compliance with legal obligations, and our legitimate interests.

We use personal data to:

  • Provide, operate, and support our Services.
  • Communicate with you, including sending essential service updates and, where you have consented, marketing information.
  • Provide customer support and improve your experience.
  • Analyse and develop our platform’s functionality, security, and reliability.
  • Process job applications and for internal HR purposes.
  • Comply with applicable laws and regulations.

You can opt out of non-essential marketing communications at any time.

  1. How and Why We Share Your Data
  • With Your Consent: We will not disclose your personal data without your consent, unless otherwise permitted or required by law.
  • With Service Providers: We engage trusted processors and sub-processors who assist in operating our business and delivering Services. They are contractually bound to protect your data and process it only on our instructions. A list of our key sub-processors is available upon request.
  • For Legal or Safety Reasons: We may disclose data if required by law, to protect vital interests (e.g., in a medical emergency), or to defend our legal rights.
  • Corporate Transactions: In the event of a merger, acquisition, or asset sale, personal data may be transferred under appropriate confidentiality and security safeguards.
  1. International Data Transfers
    As an Irish company operating globally, we may transfer personal data outside the European Economic Area (EEA). When we do, we ensure an adequate level of protection through safeguards such as the European Commission’s Standard Contractual Clauses. You can request more information about these transfers by contacting our DPO.
  2. Data Security and Retention
  • Security: We implement industry-standard technical and organisational measures to protect personal data against unauthorised access, alteration, or destruction. Our information security management system adheres to recognised standards, and we continuously review our security practices.
  • Your Responsibility: You are responsible for keeping your account credentials confidential. Please notify us immediately of any suspected unauthorised access.
  • Retention: We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law (e.g., for tax, regulatory, or clinical record-keeping obligations). Specific retention periods are detailed in our Data Processing Agreement with customers.
  1. Your Rights and How to Exercise Them
    Depending on your location, you may have rights under laws such as the GDPR, UK GDPR, or others, including the right to:
  • Access, correct, or delete your personal data.
  • Restrict or object to our processing of your data.
  • Receive your data in a portable format.
  • Withdraw your consent (where processing is based on consent).

To exercise these rights, please contact us at [email protected]. We will respond within the timeframes required by applicable law and may need to verify your identity first. If you are a patient of a clinic using our software, please contact that healthcare provider directly with any requests regarding your health data.

  1. Complaints
    If you have concerns about how we handle your data, please contact our DPO. You also have the right to lodge a complaint with your local data protection authority. For individuals in the EEA, this is the Irish Data Protection Commission.
  2. Changes to this Policy
    We may update this policy periodically. The “Last Updated” date at the top will indicate when changes were made. We will notify you of significant changes through our website or other prominent means.
  3. How to Contact Us
    For all privacy-related questions, concerns, or requests, please contact our Data Protection Officer:
    Polygon Digital Ltd.
    Dublin, Ireland
    Email: [email protected]

Regional Appendices

Appendix A: For Individuals in the UK, EEA, & Switzerland
We act as a Data Controller for Account Data and as a Data Processor for Customer Data (patient health information) on behalf of our healthcare provider clients. For transfers of personal data outside these regions, we use approved mechanisms like Standard Contractual Clauses. You have the rights outlined in Section 7, and may lodge a complaint with your national supervisory authority.

 

Contact Information

If you need help or wish to exercise your rights, please contact our Data Protection Officer (DPO) at [email protected].