Privacy Policy
Last updated: July 9, 2026 — Version 2.1
1. Data Controller
GeraClinic is operated by Gera Systems (“we”, “us”, “our”), registered in England and Wales. We are the data controller for personal data collected through this platform.
- Website: geraclinic.com
- Data Protection contact: privacy@gera.services
This policy applies under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Where health data is concerned, it is treated as special category data under UK GDPR Article 9.
2. What Personal Data We Collect
2.1 Identity and Contact Data
Full name, date of birth, email address, phone number, home address, profile photo.
2.2 Health and Medical Data (Special Category)
Medical history, symptoms, diagnoses, prescriptions, lab test results, consultation notes, recordings (where consented), and any information you share with healthcare professionals through the platform. This is special category data under UK GDPR Article 9 and is processed only with your explicit consent or where necessary to protect vital interests.
2.3 Transaction and Payment Data
Payment method type, last four digits of cards, billing address, consultation fees paid, subscription status, and refund history. Full card numbers are not stored by us.
2.4 Usage and Technical Data
IP address, browser type, device identifiers, pages visited, session duration, crash logs, and referral URLs.
2.5 Location Data
Approximate location from IP address. Precise GPS location only when you grant permission via our mobile app (used to show nearby clinics and pharmacies).
2.6 Communications
Support messages, feedback, and correspondence. Consultation recordings only where you have given explicit prior consent.
3. Why We Collect Your Data and Legal Basis
| Purpose | Legal Basis |
|---|---|
| Account creation and management | Contract (Art. 6(1)(b)) |
| Facilitating telemedicine consultations | Contract + Explicit Consent (Art. 6(1)(b) + Art. 9(2)(a)) |
| Sharing health data with your chosen doctor | Explicit Consent (Art. 9(2)(a)) |
| Processing payments | Contract (Art. 6(1)(b)) |
| Fraud prevention and platform security | Legitimate Interests (Art. 6(1)(f)) |
| Compliance with healthcare and tax regulations | Legal Obligation (Art. 6(1)(c)) |
| Platform analytics and improvement | Legitimate Interests (Art. 6(1)(f)) |
| Marketing communications | Consent (Art. 6(1)(a)) — opt out any time |
| Doctor profile visibility to recruiter/employer subscribers (see Section 5A) | Contract (opt-in visibility toggle) + Legitimate Interests (Art. 6(1)(f)) |
4. How Long We Keep Your Data
| Data Type | Retention Period | Reason |
|---|---|---|
| Medical records and consultation notes | 8 years from last consultation (adults); until age 25 for minors | NHS Records Management Code of Practice |
| Payment and financial records | 6 years | HMRC / Taxes Management Act 1970 |
| Account data (after closure) | 2 years | Dispute resolution |
| Analytics data | 13 months rolling | ICO guidance |
| Support communications | 3 years | Legitimate interest |
5. Who We Share Your Data With
We do not sell your personal data. We share data only as necessary:
- Healthcare professionals — doctors and clinicians you book through GeraClinic, strictly with your consent and only the data required for your consultation
- Pharmacy partners — prescription details when you request dispensing (with your consent)
- Railway (backend infrastructure hosting)
- Neon (PostgreSQL database, EU region)
- Vercel (web application hosting)
- Stripe (payment processing — they do not receive health data)
- PostHog (EU Cloud — product analytics; no health data)
- Sentry (EU — error monitoring; no health data)
- Resend (transactional email)
- Legal and regulatory authorities — when required by law or court order
Health data is never shared with analytics or advertising platforms. All processors are bound by GDPR-compliant Data Processing Agreements.
5A. Doctor Profile Visibility to Recruiters and Employers
This section applies only to users who register as a doctor on GeraClinic and describes, in full, how doctor profile data is shared as part of GeraClinic's separate recruiter/employer product.
5A.1 The commercial model, stated plainly
When a doctor turns on the “Show my profile to licensed recruiters and employers” visibility toggle in account settings, selected profile fields become discoverable to paying recruiter and employer subscribers of GeraClinic's recruiter/employer product. Subscribers pay GeraClinic a subscription or per-introduction fee for this access — doctors are never charged for it(see 5A.4). The toggle is off by default and can be switched off at any time; switching it off removes the profile from all future subscriber searches.
5A.2 What is shared, and with whom (recipient categories)
- Recipient categories: licensed UK healthcare recruitment agencies; licensed GCC healthcare recruitment agencies; and healthcare employers (hospitals, clinics, telemedicine operators) that hold a paid subscription to GeraClinic's recruiter/employer product.
- Fields shared: full name, specialty, years of experience, qualification/licensing stage (for example PLAB1/2, GMC registration status, Prometric, DataFlow), country of residence, and stated work-destination preference. Contact is routed through GeraClinic's messaging system unless and until the doctor chooses to share direct contact details with a specific recruiter.
- Never shared for this purpose: health data, payment data, or any other Article 9 special category data.
5A.3 Destination countries
Recruiter and employer subscribers operate in, and may be located in, the United Kingdom, United Arab Emirates, Kingdom of Saudi Arabia, and Qatar. Where a subscriber is located outside the UK, the transfer is protected by a UK International Data Transfer Agreement (IDTA) or equivalent safeguard signed with that subscriber before any profile data is shared with them (see Section 6, International Data Transfers).
5A.4 The legal lines we do not cross
- We never charge doctors a fee to find them work. Charging a work-seeker for finding them employment is a criminal offence under the Employment Agencies Act 1973, section 6. Revenue from this product comes only from recruiter and employer subscribers, never from doctors.
- We do not provide, and do not charge for, immigration advice. Advising an individual on their own immigration case for a fee is a regulated activity under the Immigration and Asylum Act 1999 that requires OISC (or equivalent) authorisation, which we do not hold. Any GeraClinic content about visa routes, licensing exams, or relocation pathways is general information only, never advice on your individual case.
- Paid services are never conditional on introductions, and introductions are never conditional on paid services. Access to GeraClinic's paid education, exam-prep, or profile tools is never a condition of being introduced to a recruiter or employer, and being introduced to a recruiter or employer is never conditional on buying a paid GeraClinic product.
5A.5 If you are resident in Pakistan or Bangladesh
Pakistan and Bangladesh are on the UK/WHO Code of Practice “red list” for international recruitment of health and social care personnel. This is based on country of residence, not nationality. If your registered country of residence is Pakistan or Bangladesh:
- Your profile may be shown to GCC-registered recruiter and employer subscribers on the same basis as any other doctor.
- Your profile is not actively referred, matched, or introduced to a specific UK vacancy for a fee — that is the Code's own definition of prohibited “active recruitment” of red-list residents. Any content shown to UK-based subscribers about your profile is limited to general pathway information (licensing routes, exam stages, general market context) so that you — and only you — can choose to make a direct application to a specific advertised UK vacancy on your own behalf. GeraClinic does not act as a third party in that application.
5A.6 Retention for this purpose
Visible profile fields are retained for as long as the visibility toggle remains on. Turning the toggle off, or deleting your account, removes your profile from future subscriber searches within 24 hours. Any record a subscriber already holds of a profile they viewed while it was visible is subject to that subscriber's Data Processing Agreement with us, which requires deletion within 30 days of your withdrawal.
5A.7 Your right to object
Your right to object to this specific processing is exercised directly through the visibility toggle in your account settings — turning it off is immediate and complete withdrawal. You may also email privacy@gera.services with “Recruiter Visibility Objection” in the subject line.
6. International Data Transfers
Data may be processed in the UK, EEA, and US. Transfers outside the UK use UK International Data Transfer Agreements (IDTAs) or Standard Contractual Clauses. Health data is processed only in UK/EEA regions. Doctor profile data shared with recruiter/employer subscribers based in the UAE, Saudi Arabia, or Qatar is covered by an IDTA specific to that transfer — see Section 5A.3.
7. Your Rights Under UK GDPR
You have the right to: access your data (including your full medical record held by us), rectify inaccuracies, request erasure (subject to medical record retention obligations), restrict processing, receive a portable copy, object to processing, and withdraw consent. For doctor profile visibility to recruiters and employers specifically, the objection and withdrawal mechanism is the visibility toggle described in Section 5A.7.
To exercise any right, email privacy@gera.services with “Data Rights Request” in the subject line. We respond within one calendar month.
You may also complain to the Information Commissioner's Office (ICO) at ico.org.uk or 0303 123 1113.
8. Cookies
We use strictly necessary cookies (session, security), functional cookies (language, preferences), and — with your consent — analytics cookies (PostHog). We do not use advertising cookies on GeraClinic. See our Cookie Policy for full details.
9. Children's Privacy
GeraClinic is intended for users aged 18 and over. Users aged 16–17 may access the platform with verifiable parental or guardian consent. Gillick competence applies for healthcare decisions for users under 16 in exceptional circumstances. We do not knowingly collect data from children under 13.
10. Security
We apply TLS 1.2+ encryption in transit, AES-256 encryption at rest, role-based access controls, multi-factor authentication on all admin systems, continuous monitoring via Sentry, and regular OWASP Top 10 audits. In the event of a data breach, we notify the ICO within 72 hours and affected users without undue delay.
11. Changes to This Policy
Material changes will be communicated by email and platform notice at least 30 days before taking effect. The “Last updated” date above shows when this version was published.
12. Contact Us
- Data Protection: privacy@gera.services
- Support: support@geraclinic.com
- Website: geraclinic.com