Privacy notice

Last updated: Mar 2025

At 33n, we are committed to protecting your personal data and respecting your privacy. This notice explains how we collect, use, and protect your information when you use CLEARnotes. This privacy notice gives you information where 33n (hereafter “we”, “us”, or “our”) is the Controller of your Personal Data. Please see the end of this privacy notice for a statement concerning where 33n is a Processor.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements other notices and privacy policies and is not intended to override them.

If you have any questions about this notice or how we handle your data, you can contact us at dpo@33n.co.uk.

 

What personal data we collect

Personal data we may collect include:

  • Identity Data, such as your name, the company you work for, the department you work in, your title or position, and your professional registration number.
  • Contact Data includes your email address.
  • Performance Data includes ratings and scores you provide about how your experience of the service/website.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website, products, and services.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

 

How your personal data is collected

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity, Contact Data, and Performance Data when you use the website or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • sign up to our services;
    • log in or otherwise verify a user account associated with access to a service provided by 33n;
    • enter a scores, ratings, or comments using features available on the website; or
    • otherwise give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our website/service, we automatically collect data about your usage and device information. This includes:
    • Usage Data: information about your interactions with our website, such as pages visited, time spent on each page, clicks, and navigation paths.
    • Technical Data: information regarding the device you use to access our website, including browser type, operating system, and device type.

This personal data is collected through cookies, server logs, and other similar technologies. Additionally, we may receive similar data about you when you visit other websites that use our cookies. For more details, please refer to our cookie policy.

Third parties or publicly available sources. We will receive Technical Data from analytics providers such as Google based outside the EU and other personal data about you from public sources.

 

How we use your personal data

Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract, we are about to enter into with you or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.

We have set out below, in a table format, a description of the ways we plan to use your personal data, and the legal bases we rely on to do so.

PURPOSE/ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING INCLUDING BASIS OF LEGITIMATE INTEREST

To manage our relationship with you which will include:

a)     Account creation and site access

b)     Notifying you about changes to our terms or privacy notice

c)     Asking you to leave a review or take a survey

d)     Customer services

a)     Identity

b)     Contact

a)     Performance of a contract with you

b)     Necessary to comply with a legal obligation

c)     Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

a)     Identity

b)     Contact

c)     Technical
  1. Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

Necessary to comply with a legal obligation
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

a)     Technical

b)     Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

How we share your personal data

We may share your personal data with the parties set out below for the purposes set out in the table above.

  • External Third Parties such as service providers who provide IT and system administration services.
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

International data transfers

33n uses third-party processing tools and, as a result, may make limited amounts of international transfers as part of a processing tool’s data redundancy and back-up, policies and procedures. All such transfers are governed by suitable safeguards, specifically use of Standard Contractual Clauses, which ensure your personal information is treated by those third parties in a way consistent with, and which respects, EU and UK laws on data protection. 

If you require further information about this protective measure, you can request it from the DPO (dpo@33n.co.uk).

How we store and protect your data

We take reasonable steps to secure your personal data from unauthorised access, loss, or misuse, including limiting access to your personal data to those individuals who have a business need to know it for the purpose above, and who are subject to a duty of confidentiality.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for or as required by law.

 

Your legal rights

Under data protection law, you have the right to:

  • Access your personal data. You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data in certain circumstances.
  • Object to or restrict processing.
  • Ask that we transfer the personal information you gave us to another organisation, or to you.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO).

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice. If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address: 

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

 

Where we are a Processor

Where we are a Processor of your Personal Data we will operate under the terms of a Data Processing Agreement with the relevant Controller.

This is generally data you input when directly using a service and may include information we receive from you relating to the performance of the website with regard to a specific usage, as opposed to more general performance of the website, (eg scores or comments provided by you), using features available on the website.

Get in touch

Want to learn more about how CLEARnotes can transform clinical documentation and enhance patient care? Contact us today to discover how our deployment support can help your team seamlessly integrate our AI-powered tool into your workflow—safely, securely and efficiently.

Email

info@33n.co.uk

Data security and privacy

Privacy
About
FAQ
Terms