Contact Us

Privacy Notice

1. Who we are

This Privacy Notice explains how we collect, use and protect your personal data when you use our website, applications and services.

It applies to:

My Doctor Digital Health Limited
trading as MyDoctor
Website: https://www.my-doctor.ie

Registered office and principal place of business:
The Black Church
St. Mary’s Place
Dublin 7
Ireland
D07 P4AX

Email: support@my-doctor.ie

My Doctor Digital Health Limited is the data controller for the purposes of data protection law.

We are committed to protecting your privacy and handling your personal data lawfully, transparently and securely.

2. Our approach to privacy

We will not collect or use your personal data unless we have a lawful basis to do so.
When we collect information, we do so only where it is necessary to provide our services, comply with legal and regulatory obligations, or improve patient safety and care.

If anything in this Privacy Notice is unclear, please contact us using the details above.

3. Personal data we collect

a) Information you provide to us

We collect personal data when you:

  • register for an account
  • request or receive a medical consultation
  • complete an online questionnaire or follow‑up questions
  • participate in a video or telephone consultation
  • contact us by secure message, web chat, email, telephone or post

This may include:

  • name, date of birth and contact details
  • medical history, symptoms and other health information
  • responses to clinical questionnaires
  • details needed to issue medical documentation, prescriptions or referrals
  • address details (for correspondence or where relevant to the service provided)

Because we provide healthcare services, we must collect special category data, including medical and health information, so that clinicians can determine whether treatment or advice is safe and appropriate.

b) Payment information

When you purchase a service, payment details are processed securely by our third‑party payment provider (currently Stripe).

  • We do not receive or store your full card details on our servers
  • Stripe processes payments in accordance with PCI‑DSS standards

You can review Stripe’s privacy information at: https://stripe.com/privacy

c) Information from third parties involved in your care

If you are referred for further care, investigations or diagnostics (such as laboratory tests or imaging), we may receive reports or results from those providers.

These records form part of your secure medical record and are made available to you where appropriate.

d) Device and technical information

When you use our website or applications, we may collect limited technical data such as:

  • IP address
  • browser type and version
  • device type and operating system
  • application version
  • referral URLs and timestamps
  • error logs and performance data

This information helps us maintain system security, reliability and performance.

4. How we use your personal data

We use your personal data for the purposes set out below, based on appropriate lawful grounds under GDPR.

a) Providing medical services

We use your information to:

  • assess whether an online consultation is clinically appropriate
  • support medical decision‑making
  • provide advice, diagnosis or treatment where suitable
  • maintain accurate medical records

Clinical decisions are always made by registered medical practitioners. Any clinical decision support tools used support, but do not replace, professional judgement.

b) Communicating with you

We may use your contact details to:

  • notify you of messages from your clinician
  • provide important service or safety‑related updates
  • contact you if urgent follow‑up is required

Medical information is shared via our secure platform. Emails are used only to notify you that a message is available.

c) Service administration and support

Where you contact us, we may retain correspondence to:

  • respond to queries or complaints
  • improve customer support
  • maintain service continuity

d) Marketing communications (optional)

Where you have given consent, we may occasionally contact you with:

  • service updates
  • new product launches
  • health‑related information
  • promotional offers

You can withdraw your consent at any time through your account settings or by contacting us.

We do not send marketing communications without consent.

e) Research, quality and service improvement

We may analyse data to:

  • improve patient safety
  • enhance clinical quality
  • identify service improvements

Any research or analysis published externally is fully anonymised so that individuals cannot be identified.

5. How long we keep your data

We retain personal data only for as long as necessary to provide services and meet legal and regulatory obligations.

Where medical care has been provided, minimum retention periods generally apply:

  • Adults (18+): at least 8 years after the last contact or death
  • Children and young people: until age 25 (or 26 if aged 17 at end of treatment)
  • Maternity records: 25 years after birth
  • Mental health records: typically 20 years after last contact or 8 years after death

Retention periods may be extended where required for legal, regulatory or safeguarding reasons.

6. Who can access your information

a) Our team

Your information is accessed only by authorised members of the MyDoctor team involved in your care or service delivery.

Access is role‑based and strictly limited to what is necessary.

All staff are bound by confidentiality obligations and professional standards.

b) Sharing with third parties

We do not share your identifiable personal data except where:

  • required to deliver services (e.g. labs, pharmacies, IT providers)
  • required by law or a regulatory authority
  • you have given explicit consent

All service providers are bound by contractual data protection obligations.

c) Disclosure without consent

In limited circumstances, disclosure may occur without consent where:

  • required by law (court order, statutory obligation)
  • necessary in the public interest (e.g. serious risk to you or others, infectious disease reporting)

7. How we protect your data

We use appropriate technical and organisational measures to protect your information, including:

  • encryption
  • secure access controls
  • audit logging
  • staff training

While we take steps to protect electronic communications, standard email is not guaranteed to be secure. Please avoid sending sensitive medical information by email.

8. Telephone recordings

Telephone calls may be recorded for training, quality assurance and verification purposes. Where required, callers will be informed.

9. Your data protection rights

Under GDPR, you have the right to:

  • access your personal data
  • receive a portable copy of your data
  • correct inaccurate information
  • request restriction or deletion (subject to medical record retention rules)
  • withdraw consent (where processing is based on consent)

Requests should be made in writing and may require proof of identity for security reasons.

We respond to valid requests within one month.

10. Account deletion and deactivation

  • If you have not used medical services, deleting your account will permanently remove your data.
  • If you have received medical care, your account will be deactivated and records retained in line with legal retention obligations.

11. Changes to this Privacy Notice

We may update this Privacy Notice from time to time. The latest version will always be available on our website.

Continued use of our services indicates acceptance of any updates.

12. Contact and Data Protection Officer

For data protection queries or to exercise your rights, contact:

Data Protection Officer
My Doctor Digital Health Limited
The Black Church
St. Mary’s Place
Dublin 7
Ireland
D07 P4AX

Email: support@my-doctor.ie
(Subject line: FAO Data Protection Officer)

Last updated at 22/04/2026 at 09:00am