Health International Holdings Limited (trading as Health3).
Privacy Policy
| Document title | Patient Privacy Policy | Version | 1.0 |
| Legal entity | Health International Holdings Limited | Issue date | 4 June 2026 |
| Trading name | Health3 | Next review | May 2027 |
| ICO registration | ZC100876 (expiry 2 March 2027) | Approver | Dr Christian Gotti (CEO) |
| Data Protection Lead | Dr Christopher Leung | Status | Published |
1. Who we are and how to contact us
Health International Holdings Limited is a private healthcare company registered in Scotland, trading as Health3. We operate a preventive health clinic offering biomarker health screening, mole mapping, dermatology, and related clinical services.
| Legal entity name | Health International Holdings Limited |
| Trading name | Health3 |
| Registered address | 480 Kilmarnock Road, Glasgow, G43 2BW |
| Company registration | SC861205 (registered in Scotland) |
| ICO registration | ZC100876 (expiry: 2 March 2027) |
| Data protection contact | privacy@health3.co.uk |
| Website | health3.co.uk |
Health International Holdings Limited is the data controller for all personal data processed as described in this policy. This means we are responsible for deciding how and why your personal data is used.
If you have any questions about this policy or about how we use your personal data, please contact our Data Protection Lead at privacy@health3.co.uk.
2. What personal data we collect and why
We collect personal data from you when you register as a patient and when you attend your appointments. The data we collect falls into two main categories: standard personal data, and special category health data.
Standard personal data
We collect the following personal information to identify you, manage your appointments, and communicate with you:
- Full name, date of birth, and sex
- Ethnicity – collected from the NHS 17-option list and used solely to apply clinically appropriate reference ranges to your biomarker results
- Email address and telephone number
- Home address (address line, city, and postcode)
- A unique Health3 Patient Identifier assigned to your record — this is generated by our system and not entered by you
Special category health data
Because we provide health screening services, we also collect detailed health information. This is classified as special category data under data protection law and is given a higher level of protection. We collect:
- Current medications and dietary supplements
- Known allergies
- Existing medical conditions, including mental health conditions, autoimmune conditions, and others
- Family medical history (first-degree relatives)
- Previous surgeries and procedures
- Lifestyle data: smoking status and method, alcohol consumption, exercise habits, diet, sleep quality, and stress level
- Biomarker results: measurements from blood and urine analysis across 65 or more analytes, including haematology, biochemistry, immunoassay, and urinalysis
- Physical measurements: height, weight, waist and hip circumference, BMI, blood pressure, heart rate, oxygen saturation, respiratory rate, and temperature
- ECG data: 12-lead resting electrocardiogram (Gold and Platinum patients only)
- Mole mapping: full-body mole mapping images and AI-assisted risk stratification outputs (Silver, Gold, and Platinum patients — Glasgow clinic, launch year)
- Ultrasound findings: point-of-care bedside ultrasound results (Platinum patients only)
- Clinician consultation notes and clinical assessments
- Your personalised digital patient health report
Financial data
At present, in-clinic card payment processing is not enabled. When we introduce card payment in future, payment card data will be processed by a third-party payment provider – card data will not be stored by Health3 directly. We will update this policy when payment processing is introduced.
3. Special category health data - how and why we process it
Your health data is sensitive, and we treat it as such. All special category health data collected by Health3 is processed directly by, or under the responsibility of, our GMC-registered clinicians. Our clinicians are subject to professional secrecy obligations in accordance with GMC standards of professional conduct — this means they are legally and professionally bound to keep your health information confidential.
We process your special category health data for the following reasons:
- To carry out your health screening appointment and produce your personalised health report
- To allow our clinicians to interpret your biomarker results in the context of your personal health history
- To communicate your results to you securely
- To maintain a clinical record of your care
- To refer you to a specialist where our clinicians identify a clinical need – with your knowledge
We do not use your health data for commercial purposes, and we do not sell it to third parties. We do not use your health data for marketing purposes without your separate, explicit consent.
4. The legal bases for our processing
Data protection law requires us to have a lawful basis for processing your personal data, and a separate condition for processing special category health data. We have set out our legal bases for each purpose below.
| Purpose | Article 6 basis | Article 9 condition | Notes |
|---|---|---|---|
| Delivering your health screening service and producing your health report | Art. 6(1)(b) — contract performance | Art. 9(2)(h) — healthcare provision | Core service delivery — necessary to fulfil the contract you have entered into with us |
| Clinical interpretation of your results by our clinicians | Art. 6(1)(b) — contract performance | Art. 9(2)(h) — healthcare provision | Processed under the direct responsibility of GMC registered clinicians subject to professional secrecy |
| Communicating your results via email and/or secure patient portal | Art. 6(1)(b) — contract performance | Art. 9(2)(h) — healthcare provision | You consent to receipt of results by email or portal at registration |
| Appointment reminders and administrative communications | Art. 6(1)(b) — contract performance | Art. 9(2)(h) — healthcare provision | Necessary to administer your booking and care |
| Maintaining clinical records for continuity of care and medico legal purposes | Art. 6(1)(c) — legal obligation; Art. 6(1)(f) — legitimate interests | Art. 9(2)(h) — healthcare provision | Required by GMC record keeping obligations and Scottish records management standards |
| Sharing your results with your GP, only where you explicitly request this | Art. 6(1)(a) — consent | Art. 9(2)(a) — explicit consent | You can request GP sharing at any time. You can withdraw this consent at any time. See Section 9. |
| Clinical referral to a third party specialist where clinically indicated | Art. 6(1)(b) — contract; Art. 6(1)(c) — legal obligation | Art. 9(2)(h) — healthcare provision | Only where our clinicians identify a clinical need. You will always be informed. |
| Sending marketing communications about Health3 services | Art. 6(1)(a) — consent, separate opt in | Not applicable. We do not send health related marketing without separate explicit consent. | You can opt in at registration or at any time. You can withdraw consent at any time. |
| Internal quality assurance and clinical governance | Art. 6(1)(f) — legitimate interests | Art. 9(2)(h) — healthcare provision | Necessary to maintain clinical standards and comply with Healthcare Improvement Scotland requirements |
| Compliance with legal or regulatory obligations | Art. 6(1)(c) — legal obligation | Art. 9(2)(b) — legal obligation | Including obligations to Healthcare Improvement Scotland, HMRC, and the GMC |
A note on consent
Where we rely on your consent as our legal basis (GP sharing and marketing), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we carried out before you withdrew it, and it will not affect your right to receive your health screening service.
To withdraw consent, please contact us at privacy@health3.co.uk.
5. How long we keep your data
We do not keep your personal data for longer than necessary. The table below sets out how long we retain each category of data and why.
| Data category | Retention period | Reason |
|---|---|---|
| Patient health records (results, clinical notes, health reports) | 7 years from date of last appointment | Consistent with private healthcare medico-legal retention practice and HMRC requirements. Confirmed at 7 years. |
| Financial and transaction records | 7 years | HMRC statutory requirement |
| Consent records (treatment, data processing) | Duration of relationship + 7 years | To demonstrate the lawfulness of our processing in the event of a complaint or legal claim |
| Marketing consent records | Until withdrawn, then 3 years from date of withdrawal | To demonstrate that consent was given and lawfully withdrawn |
| CCTV footage (clinic premises) | 30 days — automatic overwrite | Unless retained for the purposes of an active incident investigation |
When your data reaches the end of its retention period, it is either securely deleted from our systems or anonymised so that it can no longer be linked to you. Our Data Protection Lead – Dr Christopher Leung – is responsible for overseeing the retention and deletion schedule.
6. Who we share your data with
We do not sell your personal data. We share it only in the circumstances described below, and only with parties who are contractually required to protect it in accordance with UK GDPR.
Data processors acting on our behalf
We use a small number of trusted third-party service providers – known as data processors – to help us deliver our services. Each processor operates under a Data Processing Agreement with Health3 before any data is shared with them.
| Processor | Role | Data shared |
|---|---|---|
| Catenix (Catenix Ltd) | Patient registration platform, check-in, digital report delivery, and patient portal | All registration data and health report data submitted through the portal. Patient data (database and report PDFs) is hosted in Microsoft Azure UK South. Transactional email processing (registration and results notifications) uses Microsoft Azure West Europe (EEA). No international transfer of patient data occurs. DPA: Poctify DPA v2 (June 2026). |
| Nationwide Pathology | External laboratory — hormone panel analysis | Patient identifier, sample data, and hormone panel results — clinically triggered only, not for all patients |
| Leading Pathology Services | External laboratory — histopathology (mole mapping / lesion excision pathway) | Patient identifier, tissue sample data, and histopathology results — triggered by clinical indication following mole mapping or excision procedure |
| DeXI / Quantivision (IntelliStudio Gen3 mole mapping system) | AI-assisted mole mapping triage | Mole mapping images and AI risk stratification outputs. Note: the data controller / processor status of Quantivision is subject to legal review. This table will be updated once confirmed. |
We maintain an internal register of all data processors. If you would like details of a specific processor, please contact us at privacy@health3.co.uk.
Sharing with your GP
We will only share your results with your GP if you explicitly request this. Your results are yours – we do not share them with your GP automatically. If you request GP sharing, we rely on your explicit consent to do so. You may withdraw this consent at any time.
Sharing with your GP
We will only share your results with your GP if you explicitly request this. Your results are yours – we do not share them with your GP automatically. If you request GP sharing, we rely on your explicit consent to do so. You may withdraw this consent at any time.
Clinical referrals
Where our clinicians identify a finding that requires a specialist opinion, we may refer you to an appropriate specialist. You will always be informed before a referral is made. Referrals are made only where clinically indicated and only with the minimum information necessary for the receiving clinician to provide appropriate care.
7. International data transfers
We do not transfer your personal data outside the United Kingdom or the European Economic Area. Poctify Ltd (the operator of the Catenix platform) stores your patient data — including your biomarker results and health reports — in Microsoft Azure UK South, which is located in the United Kingdom. Transactional email notifications (such as registration confirmations and results-ready alerts) are processed in Microsoft Azure West Europe, which is within the EEA. The United Kingdom has an adequacy decision covering the EEA, meaning this processing meets UK data protection requirements without additional transfer safeguards. All Microsoft Azure processing is governed by the Microsoft Products and Services Data Protection Addendum.
8. Automated decision-making and AI tools
When we carry out total body mole mapping, the IntelliStudio Gen3 system uses DeXI — an AI programme — to analyse your mole mapping images and produce a risk stratification score. This score is reviewed by a GMC-registered clinician who makes all clinical decisions. The AI output is not shared with you directly and does not appear in your patient health report. All decisions about any further clinical action are made by your clinician.
Mole mapping - DeXI AI triage
When we carry out total body mole mapping, the IntelliStudio Gen3 system uses DeXI – an AI programme – to analyse your mole mapping images and produce a risk stratification score. This score is reviewed by a GMC-registered clinician who makes all clinical decisions. The AI output is not shared with you directly and does not appear in your patient health report. All decisions about any further clinical action are made by your clinician.
Biomarker interpretation - clinical decision support
Our clinicians may use a clinical decision support system to assist with the interpretation of your biomarker results. This system provides analysis and reference information to support clinician judgement – it does not make decisions. All outputs are reviewed by your clinician, who holds full responsibility for your care. No AI-generated content appears in your patient report.
No solely automated decisions
We do not make any decisions about your health or your care solely by automated means. A qualified, GMC-registered clinician reviews all AI-assisted outputs before any decision is communicated to you. This means Article 22 of the UK GDPR – which governs solely automated decisions with legal or similarly significant effects – does not apply to our use of these tools.
You have the right to request human review of any decision made about you and to contest any decision you believe is incorrect. Please contact us using the details in Section 1 to exercise this right.
9. Your rights
You have the following rights in relation to your personal data. To exercise any of these rights, please contact our Data Protection Lead at privacy@health3.co.uk. We will respond within one calendar month of receiving your request.
| Your right | What it means |
|---|---|
| Right of access | You can request a copy of all personal data we hold about you. This is called a Subject Access Request (SAR). We will respond within one calendar month. |
| Right to rectification | You can ask us to correct any personal data that is inaccurate or incomplete. |
| Right to erasure | You can ask us to delete your personal data. This right is not absolute for health records — we may need to retain your clinical records where we have a legal obligation to do so, to defend a legal claim, or where retention is in the public interest. We will tell you if we are unable to comply with an erasure request and explain why. |
| Right to restrict processing | In certain circumstances, you can ask us to limit how we use your data — for example, while we are verifying the accuracy of information you have contested. |
| Right to data portability | Where we process your data by automated means on the basis of your consent or a contract, you can ask us to provide it to you in a structured, commonly used, machine-readable format. |
| Right to object | You can object to processing based on our legitimate interests. You can also object to us using your data for direct marketing at any time — we will always stop immediately. |
| Rights related to automated decision-making | You have the right not to be subject to a decision made solely by automated means that has a legal or similarly significant effect on you. As explained in Section 8, we do not make such decisions — a clinician always reviews AI outputs. You also have the right to request human review of any AI-assisted output and to contest any decision. |
| Right to withdraw consent | Where we rely on your consent (e.g. GP sharing, marketing), you can withdraw it at any time. Withdrawing consent will not affect the lawfulness of any processing carried out before withdrawal, and it will not affect your right to receive your health screening service. |
10. How to make a complaint
If you have a concern about how we have handled your personal data, please contact our Data Protection Lead in the first instance:
Data Protection Lead: Dr Christopher Leung
Email: privacy@health3.co.uk
We take all complaints seriously and will respond promptly. If you are not satisfied with our response, or if you would prefer to raise your concern directly with the regulator, you can contact the Information Commissioner’s Office (ICO):
| Organisation | Information Commissioner's Office (ICO) |
| Website | ico.org.uk |
| Telephone | 0303 123 1113 |
| Address | Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF |
11. Changes to this policy
We review this policy annually and whenever there is a material change to how we process personal data – for example, when we introduce a new service or a new data processor. The current version is always available at health3.co.uk/privacy-policy
12. Date last updated
This policy was last updated on 4 June 2026.