Login
Login

Privacy Policy

This policy complies with the UK Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). Where appropriate, we take steps to align with applicable international data protection standards. It explains how Areté Medical Community collects, processes, and shares data from healthcare professionals (HCPs) registering on our platform, participating in research, or interacting with us via our services.

Introduction
Areté Medical Community (“we,” “us,” or “our”) is committed to protecting your privacy. This policy outlines how we handle personal data collected from healthcare professionals interacting with our platform and services.

Data Controller
The data controller responsible for your personal data is Areté Medical Community, whose registered office is at 15 West Street, Brighton, BN1 2RE. For any privacy-related inquiries, please contact us at privacy@aretemedicalcommunity.com. For GDPR compliance or specific data protection concerns, you may also contact our Data Protection Officer at DPO@aretemedicalcommunity.com.

Personal Data We Collect
We may collect the following types of personal data:

  • Contact Information: Name, email address, phone number, and mailing address.
  • Professional Information: Specialty, employer, qualifications, and registration numbers.
  • Research Data: Responses from surveys, interviews, or other research participation activities.
  • Technical Information: IP address, browser type, and usage data from our platform.
  • Financial Information: We may collect basic payment-related information (e.g. payment email address or payment platform account details) to process incentives. Payment is handled securely via third-party providers; we do not store your card or banking details.

Identity Verification

To verify your identity and maintain the integrity of our research community, we use our partner Yoti (https://www.yoti.com/). Yoti processes your ID document and, if required, a biometric selfie to confirm your identity.

When you submit your ID for verification:

  • Yoti extracts relevant data, such as your name and date of birth, from the document.
  • If a selfie is required, Yoti’s technology verifies that the image is of a real person and matches the photo on the submitted ID.
  • Yoti then provides us with the verification outcome; we do not receive or store your ID document or biometric data.

Data Handling & Retention:

  • Yoti does not use your data for any other purpose and automatically deletes the submitted information after 180 days.
  • Areté Medical Community receives a copy of your ID document (and selfie, if provided) for verification purposes. These are stored securely only for the time needed to complete the verification and then deleted. We retain only a record of your verification status (pass/fail) for compliance and fraud prevention purposes.

For more details on Yoti’s data processing, please refer to Yoti’s Privacy Policy.

If you choose not to complete the identity verification process, you may be unable to register or participate in our research studies.

How We Use Your Data
We use your data to:

  • Recruit you for relevant research studies.
  • Process honoraria payments for participation.
  • Facilitate communication regarding research opportunities.
  • Improve our platform’s functionality and services.

Legal Basis for Processing
We process your personal data on the following lawful grounds:

  • Consent: When you agree to participate in research activities.
  • Contractual Necessity: To fulfill agreements, such as paying honoraria.
  • Legitimate Interests: To improve our platform and match you with relevant studies.
  • Legal Obligations: For tax and regulatory compliance.

Data Sharing
We do not sell your personal data. We may share your data with:

  • Service Providers: for technical, payment processing, or communication purposes.
  • Research Clients: aggregated and anonymized data shared with clients for research purposes.
  • Legal Authorities: where required by law.
  • Identity verification providers: such as Yoti Limited to confirm professional identity and prevent fraudulent registrations.
  • Reward fulfilment partners: we may share limited personal data (such as email address) with trusted service providers solely for the purpose of distributing rewards. These providers act strictly on our instructions and are not permitted to use your data for any other purpose.

International Data Transfers & Safeguards

To facilitate incentive payments or provide support services, we may transfer your personal data outside the UK or European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) for transfers outside the EEA.
  • UK International Data Transfer Agreements (IDTAs) for transfers from the UK.
  • Transfers to Canada, which benefits from an adequacy decision under GDPR.
  • For transfers from other regions, we comply with applicable local data protection laws.


These measures help protect your personal data in line with the UK Data Protection Act 2018, GDPR, and other applicable privacy laws (e.g. CCPA, PIPEDA). If you have any questions about data transfers, please contact us at privacy@aretemedicalcommunity.com.

Data Retention
We retain your data only as long as necessary to fulfill the purposes outlined in this policy or as required by law.

Your Rights
Areté Medical Community processes personal data in accordance with the UK GDPR.

This means you have the right to:

  • Access the data we hold about you
  • Rectify inaccurate or incomplete information
  • Request erasure of your data
  • Restrict or object to processing
  • Receive your data in a portable format
  • Withdraw your consent, where applicable


To exercise any of these rights, contact DPO@aretemedicalcommunity.com