OmniHealth Partners Menu
Legal

Privacy Policy

How OmniHealth Partners Ltd collects, uses, and protects personal data — in line with the UK General Data Protection Regulation and the Data Protection Act 2018.

Last updated: 8 May 2026  ·  Version: 1.0

1. Introduction

This Privacy Policy explains how OmniHealth Partners Ltd ("we", "us", "our", or "OmniHealth Partners") collects, uses, and protects personal data when you visit our website, contact us, or otherwise interact with our services. We are committed to handling personal data in accordance with the United Kingdom General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

2. Who we are

OmniHealth Partners Ltd is a private limited company registered in England & Wales under company number 16928102. Our registered office is at 167-169 Great Portland Street, 5th Floor, London, W1W 5PF, United Kingdom.

For the purposes of UK data-protection law, OmniHealth Partners Ltd is the data controller of personal data collected through this website and through direct interactions with our team.

Privacy queries and requests to exercise data-subject rights should be sent to privacy@omnihealthportal.com or in writing to the registered office address above.

3. The personal data we collect

We collect personal data in the following circumstances:

3.1 When you contact us

When you submit an enquiry through our contact form or send us an email, we collect the information you choose to provide. This typically includes:

  • your name;
  • your email address;
  • the name of the organisation you represent (if any);
  • the content of your message and any subsequent correspondence.

3.2 When you visit our website

When you visit this website, our hosting provider and any analytics tools we use may automatically collect limited technical information, including your internet protocol (IP) address (typically truncated for analytics purposes), browser type and version, operating system, the pages you visit, and the date and time of your visit. Further detail is set out in our Cookie Policy.

3.3 When you engage with us as a partner or counterparty

If you represent a healthcare provider, organisation, supplier, or other counterparty, we may collect business-contact information about you and other authorised representatives — typically name, job title, business email address, business telephone number, and the relevant company details — for the purposes of operating our portal and managing the relationship.

3.4 Special category data

We do not seek to collect special category personal data (such as health data) about visitors to our website or general enquirers. Where such data is unavoidably handled in connection with our services, we do so under the lawful conditions set out in Article 9 of the UK GDPR and document the basis for each processing activity.

4. Lawful basis for processing

We rely on the following lawful bases under Article 6 of the UK GDPR:

PurposeLawful basis
Responding to enquiries you send usLegitimate interests; or, where applicable, steps taken at your request prior to entering a contract
Operating and securing our websiteLegitimate interests in maintaining a functional and secure online presence
Operating the OmniHealth Partners portal and managing relationships with listed partners and client organisationsPerformance of a contract; legitimate interests in operating our business
Complying with legal and regulatory obligationsLegal obligation
Sending optional marketing communications, where you have opted inConsent

Where we rely on legitimate interests, we have considered the impact on your rights and freedoms and concluded that those rights are not overridden by our interests. You may object to processing carried out on this basis at any time (see Section 8).

5. How we use personal data

We use personal data to:

  • respond to enquiries and provide information you have requested;
  • operate, maintain, and improve our website and the OmniHealth Partners portal;
  • establish, manage, and administer relationships with listed healthcare partners and client organisations;
  • protect the integrity and security of our systems and prevent fraud or misuse;
  • comply with our legal, regulatory, and statutory obligations, including obligations under the Companies Act 2006;
  • where you have agreed, send you information about our services that we think may be of interest. You can opt out of marketing communications at any time.

6. Sharing of personal data

We do not sell personal data. We share personal data only where it is necessary for the purposes set out above, and only with the following categories of recipient:

  • Service providers — including our website hosting provider, email and communications providers, IT-support providers, and analytics providers. These suppliers act as processors on our behalf and are bound by written terms requiring them to handle personal data securely and only on our instructions;
  • Professional advisers — including our accountants, auditors, legal advisers, and insurers, where required for the purposes of receiving professional services;
  • Regulators, law-enforcement bodies, and courts — where required to do so by law, by court order, or in response to a valid lawful request;
  • A successor entity — in the event of a merger, acquisition, restructuring, or sale of all or part of our business, in which case we will take reasonable steps to ensure continued protection of personal data.

7. International transfers

Where personal data is transferred outside the United Kingdom, we put in place appropriate safeguards as required by the UK GDPR — typically through reliance on adequacy decisions made by the United Kingdom government, on the International Data Transfer Agreement, or on the UK Addendum to the European Commission Standard Contractual Clauses, with supplementary measures where appropriate.

8. Your rights

Subject to the conditions set out in UK data-protection law, you have the following rights in relation to personal data we hold about you:

  • Right of access — to obtain a copy of the personal data we hold about you;
  • Right of rectification — to ask us to correct inaccurate or incomplete personal data;
  • Right of erasure — to ask us to delete personal data, in specified circumstances;
  • Right to restrict processing — to ask us to limit how we use your personal data, in specified circumstances;
  • Right to data portability — to receive personal data you have provided to us in a structured, commonly used, machine-readable format, and to have it transmitted to another controller, where applicable;
  • Right to object — to object to processing carried out on the basis of legitimate interests, or to direct marketing;
  • Right to withdraw consent — where we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact privacy@omnihealthportal.com. We may need to verify your identity before responding. We will respond within one calendar month, although we may extend this period by up to two further months for complex requests, in which case we will explain the reason.

9. Right to complain to the ICO

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection. We would, however, appreciate the opportunity to address your concerns first, so we encourage you to contact us before approaching the ICO.

The ICO can be contacted at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; helpline 0303 123 1113; or via the ICO website at ico.org.uk.

10. Data retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, including any periods required to satisfy legal, accounting, or reporting obligations. Specific retention periods include:

  • Enquiry correspondence: typically up to 24 months from the date of last contact, unless an ongoing relationship requires a longer period;
  • Records relating to contracts and transactions: for the duration of the contract and for at least six years after termination, in line with statutory limitation periods;
  • Tax, accounting, and regulatory records: for the period required by HM Revenue & Customs and other applicable bodies — typically six years from the end of the relevant accounting period.

Where personal data is no longer required, it is securely deleted or anonymised.

11. Security

We have implemented technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include access controls, encryption of data in transit, restricted-access systems, logging and monitoring, and contractual obligations on the suppliers who process data on our behalf. While no system can be guaranteed to be entirely secure, we keep our security measures under regular review.

12. Cookies

We use cookies and similar technologies on this website. Full details are set out in our Cookie Policy.

13. Children

This website and our services are not directed at children under the age of 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

14. Changes to this policy

We may update this Privacy Policy from time to time. The date at the top of this page indicates when it was last updated. Where changes are material, we will take reasonable steps to draw them to your attention. We encourage you to review this page periodically.

15. Contact

If you have any questions about this Privacy Policy or how we handle personal data, please contact us:

OmniHealth Partners Ltd
167-169 Great Portland Street, 5th Floor
London W1W 5PF, United Kingdom
Email: privacy@omnihealthportal.com