Privacy Notice

Purpose of this privacy notice

This Privacy Notice (“Notice”) provides the individuals who receive our services, including but not limited to, Patients; Clients, Prospective Clients and Suppliers (collectively, “Business Partners’’) with certain important information about how the Company handles your Personal Data. UnitedHealthcare Global Medical (UK) Limited trading as UnitedHealthcare Global is the primary data controller for processing of Personal Data.

UnitedHealthcare Global Medical (UK) Limited all trading as UnitedHealthcare Global Medical, and its subsidiaries and affiliated companies (collectively, the “Company”, “We”, or “Us”) strives to properly address applicable data protection requirements. 

TYPES OF DATA Processed for Patients

Personal Data processed includes the following types of data:

  • Name
  • Date of Birth
  • Home Address
  • Assignment Address
  • Email Address
  • Telephone Number (landline and mobile)
  • Dependent/Spouse/Partner/Family
  • Employment Details
  • Work Permit
  • Visa Details
  • Passport Number
  • Gender
  • Nationality
  • Marital Status
  • Health Data


  • Name
  • Postal Address
  • Email Address
  • Telephone Number (landline and mobile)
  • Banking Data

PURPOSE OF Data Processing, legal bases, AND DISCLOSURES of personal Data

The Company will use and otherwise process Personal Data:

  • of Patients in order to assess your health as well as diagnose, provide treatment and drugs to you as well as in some cases, evacuate you from your place of work to a more appropriate medical centre to receive care for your condition. We may share your data with a third party medical provider and we may provide occupational health assessments and/ or fitness for work recommendations to your employer or a third party acting on their behalf.
  • of Business Partners to provide our Services to you or to consider doing so for you and your employees and sub-contractors. Additionally, we will use and otherwise process Personal Data to manage our relationship with you. We will process your Personal Data to deliver or request the delivery of services, and to manage and administer our contract with you.

For Patients, the Company’s legal basis to process Personal Data is necessary in order to protect the vital interests of the data subject or other natural person. For Business Partners, the Company’s legal basis to process Personal Data is necessary for the performance of a contract or prospective contract between the Company and you. Where we require to obtain explicit consent we will let you know. Any consent you provide can subsequently be withdrawn at any time by contacting us at the address listed below in the “Contact Information” section without affecting the lawfulness of processing based on consent before its withdrawal.

We may not be able to provide some of our services to you without your Personal Data. We may therefore require you to provide us with Personal Data for processing as described above as a prerequisite to entering into a contract with you. 

If we are providing services to you as a Patient we may share your personal data with authorized third party suppliers such as Service Providers, Medical clinics, hospitals and other medical facilities, Assistance Providers, Sub-Contractors and Third Party Administrators.  If we are providing services to you as a Business Partner, we may share your personal data with authorized third party suppliers such as Sub-Contractors and Third Party Administrators in order to fulfil our contractual obligations. Some of these authorized third-party supplier may be located outside of the EEA, including in countries that may not provide the same level of data protection as your home country.  The Company takes appropriate steps to ensure that such personnel and third-party suppliers are bound to duties of confidentiality and the Company implements measures such as standard data protection contractual clauses to ensure that any transferred Personal Data, remains protected and secure. A copy of these clauses can be obtained by contacting us at the address listed below in the “Contact Information” section.


Personal Data will be retained only for so long as reasonably necessary for the purposes set out above, in accordance with applicable laws. 

Data Security and Data Integrity

The Company maintains reasonable security measures to safeguard Personal Data from loss, interference, misuse, unauthorized access, disclosure, alteration or destruction. The Company also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete and current.


You may contact us, at the address listed below in the “Contact Information” section, to request access to the Personal Data we hold about you, to correct any mistakes, or to request deletion of this data or to withdraw consent to the processing of Personal Data, in accordance with applicable law.

The Company may be unable to comply with a data deletion request where doing so would place us in breach of our obligations under applicable laws, regulation or codes of practice. However, in some circumstances, you may be able to request that your data be blocked from further processing. You may also have a right to data portability to another Data Controller under certain circumstances. Where we rely on consent to process Personal Data, your consent may be withdrawn at any time, although the withdrawal may impact or disrupt the services we provide. 

If you are aware of changes or inaccuracies in your Personal Data, you should inform us of such changes so that the Personal Data may be updated or corrected.  

You may lodge a complaint with a supervisory authority if you consider that the Company’s processing of your Personal Data infringes applicable law.

Disclosures Required or Permitted By Law

Regardless of any other provisions in this Notice, the Company may disclose or otherwise process Personal Data in the context of any sale or transaction involving all or a portion of the business, or as may be required or permitted by law or required for the purposes of any regulatory audit to which the Company may be subject from time to time. 

Contact Information

You can raise any issues regarding the processing of your Personal Data by contacting: UnitedHealthcare Global Medical (UK) Limited by emailing: gmprivacy@uhcglobal.comIn addition, you can contact our Data Protection Officer at any time by emailing: