BACK
Summary of changes to these Privacy Notices:
Effective date: 14th May 2025
ieso ("We")are committed to protecting and respecting your personal data and privacy.
These Privacy Notices cover personal data processing of data collected via this Site (iesogroup.com) and/ or direct marketing/business development emails and conference exchanges, and reflect legal requirements and regulations.
[N.B. There are separate, different, more detailed Privacy Notices on our UK therapy site relevant to the collection and use of personal data in connection with receiving our online therapy services, and on the app for our digital products.]
These Privacy Notices describe how the Ieso Digital Health group of companies (including Ieso Digital Health Limited and Ieso Digital Health, Inc.) (collectively, “ieso”, “we”, “us”, or“our”) handle your personal data that we collect through the use of this site. For UK data, we are data controllers of your personal data and are registered with the Information Commissioner (registration numbers ZA239229 and Z5383093).
Ifyou require further information on anything below, please contact our Privacy team: info@iesohealth.com
Here we explain what personal data we collect, how it is used, shared, secured, stored, and how you can exercise choices and manage your personal data.
In person:
We do not collect any personal information from you on this site if you click on ‘Care eropportunities’ or ‘Become an ieso therapist’. In these instances, you are delivered to our recruitment site which has its own set of privacy notices and your personal details are collected there.
For the purposes of direct marketing in a business context if relevant, we may collect your identity and contact data including title, name, job title/ function, the organisation you work for or are engaged by, email address, telephone numbers, address from:
We use your Personal Data only as permitted by law, for the purposes for which we collected it. Under the UK General Data Protection Regulations the different purposes of processing your data are legally permitted under Article 6 (1) (a) consent or Article 6 (1) (f) legitimate interests. Where the legal basis of the processing is Legitimate Interests, a legitimate interests assessment has been carried out and the legitimate interests identified as being able to inform existing customers about changes in the service, our attendance at conferences etc, or to make potential new customers aware that services/ opportunities to meet us exist (including within the NHS where there is public interest in individuals having access to services that support them with their mental health needs), to provide answers to questions posed by website visitors), or information to potential investors, business partners and/ or collaborators.
ieso takes care to ensure that only the right people have access to your personal data. We have internal procedures in place to safeguard your privacy and anyone within ieso receiving information about you will be under an equal legal duty to keep it confidential.
If you require information that is best answered by our PR agency (with whom we have appropriate confidentiality and data protection agreements), your contact details will be passed to them to respond.
We will always seek your permission ahead of disclosing any information that identifies you directly to any other person ororganisation or for any other reason than those set out in this policy without your knowledge or permission unless we have an overriding legal duty to do so.
If you are an individual representing an organisation for whom our company or services may be, or already are, of interest and are added to our customer relationship management system and or marketing automation system, then we may contact you in line with our marketing and business development communications protocols and Legitimate Interests Assessment for purposes such as informing you about ieso services or attendance at conferences etc, and where we offer you the option of opting out of such communications.
In the event that we undergo re-organisation or all or a part of our business is sold to a third party, you agree that any personal information we hold about you may be transferred to that re-organisedentity or third party, whether such acquisition is by way of merger, consolidation, or purchase of all or a portion of our assets, or in connection with any bankruptcy or reorganization proceeding brought by or against us.
We may disclose aggregate statistics about visitors to the Site in order to describe our services to prospective partners and other reputable third parties and for other lawful purposes, but the sestatistics will include no personally identifiable information.
We place great importance on the security of personal information. We have put controls in place to safeguard your personal information, applying physical, technical and procedural measures against unauthorised access, loss, misuse and alteration of personal information under our control.
We limit access to yourpersonal data to those who have a genuine business need to know it. Thoseprocessing your information will do so only in an authorised manner and aresubject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Ieso information security is managed in the UK where our processes etc are externally audited inpart annually, and fully every 3 years, to maintain the International Standard certification for Information Security (ISO 27001), and annually for our CyberEssentials Plus certification.
We use a small number of well-known Software as a Service (SaaS) providers to store your information enabling the use of information described in these notices. We have rigorous 3rd party supplier processes in place to ensure your data is secure and your data protection rights are upheld.
We retain your account data for specific durations based on the type of data and its use. We follow a criteria-based approach, retaining information as long as necessary to fulfil the purposes for which it was collected and comply with legal obligations. When your data is no longer needed, we will securely delete it.
We seek where possible to prevent any transfers of your personal information to countries which do not have adequate data protection standards.
The European Commission makes decisions on the adequacy of the protection of personal data in third countries and have decided that personal data can flow safely between countries in the European Union, the European Economic Area (EEA), and other listed territories without any further safeguards being necessary. Post UK departure from the EU, the UK has been granted adequacy by the EU, and the UK has accepted the European Commission’s adequacy decisions for the UK too, and also included Gibraltar.
If we transfer your Personal Data out of the EEA and the UK to a country not deemed by the relevant regulatory authority to provide an adequate level of personal information protection, the transfer will be performed (i) pursuant to the recipient’s compliance with standard contractual clauses or Binding Corporate Rules; (ii) pursuant to your consent; or (iii) as otherwise permittedby applicable data protection requirements.
Data protection law provides you with rights that ieso is committed to supporting you with. These rights may be available to you:
PLEASE NOTE that these rights are not absolute in all situations, and may be subject to conditions and provisions set out in data protection laws. For more detailed information on these rights in the UK, visit https://ico.org.uk/for-the-public/.
A cookie is a small data file stored by your browser on your device's hard disk for record-keeping purposes and typically includes a unique reference code that relates to, or is accessed from, a user's device and that enables that device to be remembered when next visiting the same site.
We use cookies to enable smooth navigation across the Site, and to enable users to resume from where they left off (e.g. mid-way through a form).
Cookies that are necessary for functionality, security and accessibility, are set and cannot be turned off by you.
You can ‘manage preferences’ via our cookie banner regarding analytics and targeting cookies. We rely on consent as our UK lawful basis for processing the information collected for the optional cookies we use.
You can read more about how weuse cookies, and how to change your preferences, by visiting our cookie policy.
You can also change your browser settings to prevent any automatic acceptance of cookies, or to notify you each time a cookie is set. You can learn more about cookies by visiting www.allaboutcookies.org which includes additional information on cookies and how to block them using different types of browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the site.
Questions, comments and requests regarding these privacy notices or data protection should be addressed to our Privacy Team: info@iesohealth.com
We reserve the right to change these privacy notices from time to time by changing it on the Site and we may provide you notice of these changes by any reasonable means, including by providing notice through the Site. By continuing to access, browse or use the Site, you confirm your acceptance of the revised privacy policy. We strongly recommend that you periodically visit this page of the Site to review this privacy policy.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Our site may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.