Privacy Policy

• We ask for your first name, your email, and your answers about your symptoms and history.
• We use them only to build your pack and email it to you.
• We do not keep your answers in a database, and we delete any copies held by our processors within 30 days.
• We never sell your information, and your payment details never touch your health information.
• This is a preparation service, not medical advice, and not a crisis service.

DearGP ([your legal entity or trading name]) is the data controller for the information described here. If you have any question about your data, contact us at [your contact email].

To provide the service you buy, we process:

• Your first name, used only to personalise your pack.
• Your email address, used only to deliver your pack and, if you ask, to handle a refund.
• Your intake answers, including information about your symptoms and health that you choose to provide. This is special category data under UK data protection law.
• Payment information, handled entirely by Stripe. We never see or store your full card details.

We process your name, email, and payment information to perform the contract you enter into when you buy a pack. We process the health-related information in your intake on the basis of your explicit consent, given when you submit the intake, for the single purpose of generating your pack. You can withdraw that consent at any time by contacting us, though we may not be able to provide the service without it.

We do not store your intake answers in a database. They are processed to create and send your pack and are not retained on our own systems beyond that. Where any copy exists temporarily with the processors below, it is deleted within 30 days. We keep basic payment and refund records for as long as the law requires us to.

We use a small number of trusted providers to run the service:

• Stripe: Payment processing (EU / US).
• Anthropic: Generating your pack from your answers (US).
• Resend: Delivering your pack by email (US).
• Vercel: Hosting the website (EU / US).

Some of these providers are based outside the UK. Where information is transferred internationally, it is protected by appropriate safeguards such as standard contractual clauses. Our AI provider does not use the information sent through its API to train its models under its commercial terms.

• We never sell your information.
• We never mix your payment details with your health information.
• We never use your information for advertising profiling.

Under UK data protection law you have the right to access, correct, or delete your information, to restrict or object to its processing, to data portability, and to withdraw consent. To exercise any of these, email [your contact email]. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

We keep the information we handle to a minimum and protect it with reasonable technical and organisational measures. Your connection to this site is encrypted, and payment is handled by Stripe over its own secure systems.

This service is for adults. It is not intended for anyone under 18, and our intake stops if it indicates someone is under 18.

If we change this policy, we will update the date at the top of this page. Material changes will be made clear on this page.