Privacy Policy

1. Introduction

MiCode Ltd. (“MiCode”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy. MiCode is a UK-based technology company specializing in innovative digital health solutions, including the MiCode digital health passport, which is designed to help individuals securely manage and share their health information. This Privacy Policy explains how we collect, use, and protect your personal data when you use our services, including our website and digital health solutions, and outlines your privacy rights under UK law, including the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR).

2. Information We Collect

We collect various types of information to provide and improve our services:

2.1. Personal Information

• Identity Data: This includes your name, username, and other identifiers. For example, when you create an account for the MiCode digital health passport, you provide personal details that help us securely link your identity to your medical records.
• Contact Data: This includes your email address and telephone number, which we use to communicate with you about important updates or issues related to your health data.
• Financial Data: This includes payment card details, which are necessary for processing transactions such as subscription fees for advanced features in the MiCode platform.
• Health Data: With your explicit consent, we collect health-related information vital for the functionality of our services, such as your medical history, prescriptions, emergency contacts, and other relevant health data.
• Technical Data: This includes your IP address, browser type, device details, and usage data collected through cookies and other tracking technologies. This data helps us improve the functionality and security of our services.

2.2. Non-Personal Information

This includes aggregated data that does not directly identify you. For example, we may collect data on how users interact with our services to improve user experience and service performance. This data is typically anonymised and used for analytical purposes.

3. How We Use Your Information

We use your personal data for the following purposes:

3.1. Service Delivery

We use your information to create and manage your account, process transactions, and deliver the services you request. For instance, the MiCode digital health passport allows users to store and manage their health information, which can be accessed by authorised healthcare providers in case of emergencies.

3.2. Communication

We use your contact data to send you service-related communications, such as updates, security alerts, and customer support messages. For example, if there's an urgent update about your account, we'll use your provided contact information to reach out.

3.3. Legal Compliance

We process your information to comply with our legal obligations, such as maintaining financial records and ensuring data protection compliance in accordance with the UK GDPR.

3.4. Improvement and Personalisation

We analyse usage data to improve our services and personalise your experience. For example, by understanding how you interact with the MiCode platform, we can suggest features that may be of interest to you or enhance the overall user experience.

4. Sharing Your Information

We do not sell your personal information. However, we may share your information with third parties under the following circumstances:

4.1. Service Providers

We may share data with trusted third-party service providers who assist us in delivering our services, such as payment processors, cloud storage providers, and data hosting companies. These providers are contractually obligated to protect your data and use it only for the purpose of providing their services to MiCode.

4.2. Legal Obligations

We may disclose your information if required by law or in response to legal requests, such as court orders or governmental regulations. For example, if a law enforcement agency requests access to your data for a legitimate purpose, we are obligated to comply.

4.3. Business Transfers

If MiCode is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5. Data Security

We take the security of your personal data seriously. MiCode employs a variety of security measures, including encryption, access controls, and regular security audits, to protect your data from unauthorised access, alteration, disclosure, or destruction. For example, all sensitive health data stored in the MiCode digital health passport is encrypted both at rest and in transit to ensure it remains secure.

6. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements under UK law. When your data is no longer needed, we will securely delete or anonymise it. For example, if you decide to delete your MiCode account, all associated data will be removed from our systems within 30 days, except where retention is required for legal purposes.

7. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

• Access: You have the right to request access to the personal data we hold about you. You can request a copy of your data by contacting us at the email address provided below.
• Rectification: You can request correction of any inaccurate or incomplete data we hold about you. For example, if your contact information changes, you can update it in your account settings or by contacting us directly.
• Erasure: You have the right to request the deletion of your data, subject to certain conditions. This is also known as the “right to be forgotten.” If you no longer wish to use our services, you can request that we delete your account and all associated data.
• Restriction: You can ask us to restrict the processing of your data in certain circumstances, such as if you contest the accuracy of the data or if the processing is unlawful.
• Data Portability: You have the right to request the transfer of your data to another service provider. We will provide your data in a structured, commonly used, and machine-readable format.
• Objection: You can object to the processing of your data where we rely on legitimate interests as the legal basis for processing.

To exercise any of these rights, please contact us at privacy@micode.uk. We will respond to your request within one month, in accordance with the UK GDPR.

8. Children's Privacy

We do not knowingly collect data from children without parental consent. If you believe we have collected such information, please contact us, and we will take steps to delete it.

9. International Data Transfers

While our operations are based in the UK, some of our service providers may process data outside the United Kingdom. We ensure that any data transferred outside the UK is protected through appropriate safeguards, such as Standard Contractual Clauses approved by the UK's Information Commissioner's Office (ICO). For example, if we use a cloud storage provider based in the United States, we ensure that they adhere to UK GDPR standards for data protection.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of any significant changes by posting the new policy on our website and updating the effective date at the top of this policy. For instance, if we introduce a new feature that requires additional data collection, we will update the policy accordingly and inform you of the change.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

This policy is tailored to comply with UK laws, including the Data Protection Act 2018 and the UK GDPR. It emphasizes the protection of user data and the rights of individuals under UK law.