Privacy Policy

This privacy and cookie policy applies to the processing of your personal data as a user of the Syncare app and the website

Syncare takes data privacy and security very seriously. We take all usual technical measures to prevent unauthorized access to your data on our servers. All data sent by users is encrypted and only readable by the device of each receiver, no other party including Syncare, can decrypt any of this data. We will never sell or provide your personal data to third parties without your consent, other than required by law.

Who controls the processing of your personal data?

Technology Hubz ltd, trading as Syncare (“us”, “we”, or “our”) is the data controller and operates the Syncare mobile application (the “Service”) and website.

We are a company registered in England and Wales with the company registration number 13498430. Our registered office is 71-75 SHELTON STREET, COVENT GARDEN, LONDON, WC2H 9JQ. 

You can contact Syncare: 

  • With the contact us form on
  • by e-mail to

Providing personal data is never compulsory. You can always decide whether or not to provide personal data. However, in order to be able to make use of a number of our services the provision of personal data is necessary. If we ask for the input of personal data, we will indicate which data are necessary to make use of the service and therefore must be provided, and which data can be provided optionally.

Which personal data do we process?

When we provide our products and services we may process your personal data. This could include the following personal data:

  • your names, date of birth, and gender 
  • your work address(es) and email address(es)
  • your profession, Speciality, Grade, and other information you provide in your profile
  • pictures (including your profile picture) uploaded by you 
  • data of people with whom you want to share information while using Syncare.
  • data about your interests and preferences as a user of our website, app, products, and services
  • financial data relating to orders and payments to us and to you
  • Data regarding your visit to our website and app, including URL, IP address, browser type, language, date, time and duration of your visit 
  • data on the status and identity of your mobile device

Message Data

We will not retain your Personal Data for longer than is necessary under the principle of data minimisation. User account details are stored for the duration of you maintaining an account. We will only retain your personal data for as long as it is required to fulfill the original purpose for which it was collected, including the purposes of satisfying any legal, accounting, or reporting requirements.

Messages are end-2-end encrypted. To prevent eavesdropping by third parties (e.g. in open wireless LANs), header information of messages (sender, recipient etc.) is protected by industry standard transport layer security for transmission to the server, and from the server to the recipient.

Although messages are securely sent and received through the Service, it is in all cases and always the user’s responsibility to determine if the receiver(s) is/are authorised to receive any possibly privacy sensitive information, like for example medical information that is reducible to a specific patient. Users are therefore responsible and liable for information they send to other users. Syncare cannot be held responsible or liable for any privacy sensitive information sent through the Service by users without the required authorization.

Purposes of processing your personal data?

Your personal data may be processed for the following purposes:

  • To provide you with access to our website and app, whether or not based on your registration as a user.
  • For the entering into and implementation of an agreement concluded with you. 
  • To provide you with, and adapt to your preferences regarding, the agreed services, products and/or information. 
  • To send you a newsletter, user information or a service message 
  • To enable you to view and share with others, including your organisation, user data in the app or on the website 
  • To enable interaction with other users, and to invite others to make use of syncare
  • To enable you to provide and exchange information on the website or in the app 
  • To improve the quality, safety and usability of our website and app and to combat fraud 
  • To comply with the rules and regulations imposed on us and for dealing with disputes.

Your personal data will not be used for purposes other than those listed above. 

Lawful basis for processing

We may process personal data because we have a legitimate interest in doing so. This means that we are allowed to process personal data if such processing is necessary for our business activities, as long as your privacy does not override that interest. We may also process personal data because it is necessary for a contract we have with you, or to comply with legal obligations. In those cases in which we need your consent for processing we will not process that personal data until we have obtained your consent, and we will discontinue processing that data in case you withdraw your consent.

Data processing

The data that is processed by us as a result of your use of our App will not be transferred outside the European Economic Area (“EEA”).

The data that we collect from you via the website may be transferred to, and stored at, a destination outside the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers for example of email marketing services. By submitting your personal data, you agree to this transfer, storing or processing.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.

Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and US. For further details, see European Commission: EU-US Privacy Shield.

Data subject rights

Under the General Data Protection Regulation (GDPR), data subjects whose data is processed by Syncare are entitled to exercise certain rights against their personal data. These rights are designed to put Data Subjects in the driving seat when it comes to how their personal data is handled by organizations.

  • The right to be informed

Syncare is obliged to ensure that any communications regarding our data processing activities between ourselves and any Data Subjects is provided is a clear and transparent manner. This is provided by this Privacy Notice.

  • The right of access
    You are entitled to request a copy of the all personal data currently held on you as well as the following information about your data:
    1. The purpose of processing;
    2. The categories of personal data concerned;
    3. The recipients to whom the personal data has been disclosed;
    4. The retention/envisioned retention period for that personal data;
    5. The source of the personal data if it has been collected from a third-party.
  • The right to rectification
    If you believe the personal data we hold on you is either inaccurate or incomplete, you may exercise this right to correct or complete this data. This right can be used with the right to restrict processing to ensure that any inaccurate or incomplete data is not processed until corrected.
  • The right to erasure (right to be forgotten)
    You may request erasure of any personal data we hold on you without undue delay where one of the following grounds apply:
    1. The personal data are no longer necessary in relation to the purposes they were collected or otherwise processed;
    2. The data subject withdraws consent and no other legal ground for processing exists;
    3. The data subject exercises the right to object and no overriding legitimate grounds for processing exist;
    4. The personal data has been unlawfully processed;
    5. The personal data has to be erased for compliance with an overriding legal obligation;
    6. The personal data have been collected in relation to the offer of information society services.
  • The right to restrict processing
    As an alternative to the right to erasure, you may ask us to cease processing your data, but not erase it entirely where one of the following grounds apply:
    1. The accuracy of the personal data is contested;
    2. Processing of the personal data is unlawful;
    3. Personal data is no longer needed for processing, but is still required as part of a legal process;
    4. The right to object has been successfully exercised and processing is temporarily halted pending a decision on the status of the processing.
  • The right to data portability
    You may request your personal data be transferred to another controller or processor in a commonly used, machine-readable format. This right can only be exercised when all of the following grounds apply:
    1. The processing was on the basis of consent
    2. The processing is by automated means
    3. The processing if for the fulfilment of a contractual obligation
  • The right to object
    You may exercise the right to object in instances where:
  1. Processing is based on either the performance of a public task or legitimate interest;
  2. Processing is for direct marketing purposes;
  3. Processing is for the purposes of scientific or historical research;
  4. Processing involves automated decision-making, including profiling.

Information Governance and Security

As per GMC requirements for doctors and  other health professionals  that patient records should be clear, accurate and legible. Syncare users are responsible for ensuring that patient demographics are correct to avoid misidentification of patients. Syncare is not designed as a replacement for written or electronic patient records and any information recorded on the platform should therefore be duplicated in the official patient record.

Syncare functionality allows  sharing photographs. Consent should always be sought and confirmed before taking a photograph of a patient, and the health professional should explain its purpose and with whom it will be shared. This consent, and the intended use of the photograph should be obtained and formally documented in line with the clinician’s local guidance. Users must note that the quality of photographs taken within Syncare will depend upon the device, and will not necessarily meet required quality for diagnostic imaging or medical photography. Photographs taken within Syncare should not be used as a substitute for these, but as an adjunct to clinical discussion only.

Where possible, we have tried to ensure that users will not breach guidelines around Information Governance by using Syncare. These precautions include disabling some copy and screenshot functionalities and storing data on secure cloud based servers. Users themselves have a responsibility to understand the need to not attempt to copy or store Patient Identifiable Data on their personal devices.

It is assumed that Syncare users will have completed basic Information Governance training in accordance with mandatory training requirements in healthcare. It is the responsibility of the individual and of the organisation to ensure this is valid and up to date.

Third Party Websites

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites


In as far as we engage the services of a third party for the purposes mentioned in this privacy- and cookie policy, and this third party in performing these services has access to your personal data, we have taken the necessary contractual and organisational measures to ensure that your data will only be processed for the purposes described here.


Cookies are small text files that are stored by your browser. Below we briefly explain what cookies we use and do not use for our website, and what their purpose is. 

Functional cookies store simple anonymised data to allow functions such as login on the website to work properly. 

Analytical cookies collect statistics of the users of the website, to enable us to constantly improve your user experience. These cookies do not directly impact the user experience and many browsers provide a mechanism to opt out of them. If you want to block cookies, adjust your browser settings. 

Cross Site/Domain cookies are used for identifying a user across multiple websites for tracking purposes. Syncare may receive these cookies from third party websites to determine how users arrived on our website. 

However, our website does not place these types of cookies on the computer of users to track them after they have left the Syncare website.

You can delete cookies that are already installed. How to adjust your settings varies by browser. Please consult the help function of your browser.

Security and retention

We have taken appropriate technical and organisational measures to protect your personal data against loss or any form of unlawful processing. We will not retain or keep your data longer than allowed by law, required by law and/or necessary for the purposes for which the data are processed. The retention period therefore depends on the nature of the data and the purposes for which the data is processed. Retention periods may vary accordingly.

Inspection, correction and deletion

You have the right to know which personal data we keep regarding you, to inspect such data, and to request rectification or erasure. You also have the right to request restriction of processing or to object to processing, as well as the right to data portability. You can send an email or a letter to our Data Protection Officer with your name and contact information to or to Syncare, Privacy Department, 71-75 SHELTON STREET, COVENT GARDEN, LONDON, WC2H 9JQ. In your request, please specify as much as possible which personal data you refer to. In general, we will respond within four weeks to a request for inspection or correction. In case of a deletion request we will delete the personal data as soon as possible, unless and to the extent that the law requires us to keep the personal data or if there are other compelling reasons to oppose removal. After the execution of a deletion request we will send you a message of confirmation. If the personal data is (partially) not deleted, we will send you a message in which we explain why your request could not (fully) be met. If we cannot identify which personal data are meant by a request for inspection, correction or deletion, we may ask you to specify your request in more detail. We suspend the execution of the request until you have provided us with such detailed specification. 

You always have the right to lodge a complaint with the supervisory privacy authority in your country of residence or in the United kingdom. 

Amendment and version

We may amend this privacy and cookie policy. We recommend that you check regularly for changes. This privacy and cookie policy was last amended on 

3rd October 2021