Logo

Privacy Policy

Privacy Policy

Last updated: 21 February 2026

1. Who We Are

This website is operated by Knobel Health Limited, a company registered in the United Kingdom. Knobel Health Limited acts as the Data Controller for the purposes of UK data protection law.

MedicalCert operates as a digital platform facilitating independent clinical assessment by UK General Medical Council (GMC) registered doctors.

2. What Information We Collect

We may collect the following categories of personal data:

  • Identity information (name, date of birth)
  • Contact information (email address, postal address)
  • Medical information provided during assessment
  • Technical data (IP address, browser type, usage data)
  • Payment information (processed securely via Stripe)

Medical information constitutes special category health data under UK GDPR and is handled with enhanced confidentiality safeguards.

3. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Performance of a contract (to provide clinical assessment services)
  • Legal obligations (regulatory and professional requirements)
  • Legitimate interests (service improvement and security)

Health data is processed under Article 9(2)(h) UK GDPR (provision of health care and medical assessment).

4. How Your Information Is Used

Your information is used to:

  • Conduct independent clinical assessment
  • Issue medical documentation where appropriate
  • Process payments securely
  • Maintain service security and integrity
  • Comply with legal and regulatory obligations

5. Clinical Confidentiality

Medical information is accessed only by authorised GMC-registered clinicians through secure authentication systems. Clinicians are subject to professional confidentiality obligations and UK regulatory standards.

6. Payment Processing

Payments are processed securely via Stripe. We do not store full payment card details on our servers.

Payment processing is administered through a United States limited liability company responsible solely for platform administration and payment handling. Clinical decision-making remains independent.

7. Data Hosting & International Transfers

Data is hosted within the Asia/Pacific region through our hosting provider. Where personal data is transferred outside the UK, appropriate safeguards are implemented in accordance with UK GDPR requirements.

8. Data Retention

Personal and medical information is retained only for as long as necessary to fulfil clinical, regulatory, and legal obligations. Retention periods are determined in accordance with professional and legal standards.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate information
  • Request erasure (subject to legal limitations)
  • Restrict or object to processing
  • Data portability (where applicable)

To exercise your rights, please contact us using the details below.

10. Security

We implement appropriate technical and organisational measures to protect personal data. While no system can guarantee absolute security, we apply commercially reasonable safeguards to minimise risk.

11. Complaints

If you believe your data protection rights have been breached, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the United Kingdom: https://ico.org.uk

12. Contact

For privacy enquiries or data requests, please contact:

Knobel Health Limited
Email: support@medicalcert.co.uk

Terms and Conditions - Privacy Policy