Privacy Policy

Version 3.1

Effective from 12/2023

Privacy policy statement

This privacy statement applies to the website, apps and services available from:

Webdoctor Ltd ( (Webdoctor)


At we fully respect your privacy and we will not collect any personal information on this website without your consent.
It is our priority to protect your data. This is why we have taken the time to describe our information handling practices in detail.
Please take the time to review this document, if you find anything that is not clear, please feel free to contact us at

Personal Information we collect

Information you provide

We collect personal information from you when you apply for one of the services which we offer, this may be via an online questionnaire, a video consultation, a follow up question, a telephone call, an email or other means.
It is necessary for us to collect sensitive data (such as medical information) relating to you so that our medical team can make a clinical decision if the service (and treatment) is safe and suitable for you.
We collect your email and mobile number so that our team can contact you if required.
We collect your home or shipping address so that depending on the service selected, we can send your prescription or medical certificate or home test kit.

When you purchase a service from us we collect information that includes your payment information, such as your credit or debit card details and other account and authentication information.
Any credit card information you provide is collected and processed directly by our payment processor, which is currently Stripe.
We will never receive or store your credit card information on our servers. Stripe commits to complying with the Payment Card Industry Data Security Standard (PCI-DSS).
You can view the Stripe Privacy Policy here

Should you contact us by any electronic format, including Web Chat, application messages, phone, email or post or by any other method – we may hold the content, contact details and any additional information you provide to us on record for future reference and use by
If you give us your credit card details then we will process payments using Secure Sockets Layer (SSL) security but we will not keep a record of your card details on our servers.

Information we received about you

If you have been referred to a specialised doctor called a consultant, or for diagnostics assessment such as x-rays or laboratory tests or for treatment such as physiotherapy then the report or result from the consultant or diagnostic assessment will be received by our practice team.
This information is made available to you via your secure health record on

Device and network information

When you use our apps or website we collect information about the app, browsers and devices that you use to access services. The information that we collect may include unique identifiers, browser type and settings, device type and settings, operating system and application version number.
We also collect information about the interaction of you and your browsers and devices with our services, including IP address, crash reports, system activity, and the date, time and referrer URL of your request.

Use of Personal Information

We use your personal information (subject to your consent choices) as described below to provide and support the services described in the Webdoctor terms and conditions.

Provide you with our service

We use the information you provide as part of your online consultation so that our medical team can make a clinical decision if the service (treatment) is safe and suitable for you.

The questions that are asked are based on the latest medical standards both nationally and internationally. The questions are reviewed and updated regularly by our clinical leadership team.

We use the information you provide as input into our clinical decision support system to assist our medical personnel in the decision making process. It should be noted that the decision to determine if the service and associated treatment is safe and suitable for you is decided by our medical team.

Communicate with you

We use the email you provide to alert you of a new message from your doctor. All communication with our team relating to your consultation should be via our secure messaging system and you should always avoid sending medical or personal information via email.

If we need to contact you urgently or you are not responding to email we may use other means such as SMS or telephone calls to contact you regarding your online consultation.

When you contact us, we use this information to respond to you. This may be via web chats, application messages, telephone, email or post or by any other method.


If you consent to marketing, we use your information to keep you informed about our service (such as when we release new services or products or run special offers), services you are interested in, general health topics and about exclusive offers.
We only contact you with these offers a few times a year and you can always opt-out if you change your mind at any time.

Research and Development

To improve our service and help us make better decisions, we analyse personal data to find improvements and make clinicians aware of risks.

We may from time to time publish anonymised research on aggregate data (you will never be identifiable as we will remove all identity information).

How long do we hold your data (Data Retention Policy)

We store data until it is no longer necessary to provide our services, comply with legislation / guidelines, or until your account is deleted.
If you have been treated by our medical personnel we will retain your data for a minimum period based on the following criteria:

  • Adult (18 years old and older): eight years after last treatment or death.
  • Children and young people: until the patient’s 25th birthday, or 26th if the young person was 17 at the conclusion of treatment, or eight years after the patient’s death.
  • Maternity records: 25 years after the birth of the last child.
  • Records of a mentally disordered patient: 20 years after last treatment or eight years after death.
  • If the data is required for any legal case, we will retain it or make it available for as long as necessary.
  • This may of course change if the law or national guidelines require it.

Who has access to the information we collect?

We do not share your identifiable personal information with any third party except as necessary to operate services and to fulfill legal and regulatory obligations.

Webdoctor team

Patient care is team based and access to your information is crucial for your safety and continuity of care.
The sharing of information within the Webdoctor team is on a need-to-know basis, depending on the role the member of staff has in your care.

All our staff are bound by a confidentiality clause in their contracts.
Also, under Medical Council guidance, it is a condition of registration to abide by the guidance set out by the Medical Council, which includes a requirement to respect patient confidentiality.

Disclosure with your consent

Disclosure can be made with your explicit consent. This could be a request from an Insurance company, employer or legal proceedings request but any disclosure must be with, and limited to, the authority provided by you.
If this is not forthcoming, no information will be provided.

Disclosure without your consent

Disclosure can be made without your consent in two instances:

  • If the disclosure is required by law. For example, when ordered by a judge in a court of law, or by a tribunal or body established by an Act of the Oireachtas.
  • If the disclosure is in the public interest. For example, where mandated by infectious disease regulations, or there is a threat of serious harm to yourself or others.

How is your Information Secured and Protected?

We have technologies and procedures in place to protect your personal information.
However, emails you send us are not necessarily secure when they are transmitted to us and we can accept no liability for any loss or damage resulting from emails to

For every third party service that we use, we have a Data Processing Agreement with that service provider and check that processing complies with the related legislation.

Telephone Recording

We may record telephone calls for training and verification purposes.

Communication with Customers

When you request a prescription from us, you will receive a message to your account in relation to that prescription and we may contact you by telephone to discuss it further but you will not be added to any marketing list without your consent.
No medical information will be sent to your registered personal email address. Only notification of correspondence in your inbox will be sent to your registered email address.

How to Access and Update your Information?

In line with the Data Protection Acts, you have the right of access to any personal information about you and can export a copy of the data associated with your webdoctor account anytime using the export functionality under your “My Account” feature.
This will be in a machine readable format and can be used in other healthcare systems.

You also have the right to require us to correct any inaccuracies in the information we hold about you by sending us a written request (this must include a copy of identification such as a driver’s licence or passport, this is to make sure that your personal information is only updated by you).

Subject access requests must be made in writing and include a copy of identification (such as driver licence or passport, this is to make sure that your personal information is not given to the wrong person) and must be addressed to the Data Protection Officer (see below). All access requests will be processed within one month on receipt of the access request.

Account deactivation, deletion and erasure

If you have not actually used any medical services, when you delete your account, we permanently delete your webdoctor account and all the information associated with this account.
Once your account is deleted you will not be able to use our service and if you change your mind you will have to re-register.

The only exception is if you have had a consultation with our medical personnel, in which case we deactivate your account and keep your data for the minimum period as defined under the “Data Retention”.
Deactivation of your account means you will not be able to use our service and if you change your mind, you will have to contact support at to reactivate your account.

Changes to this Statement

We may occasionally update this Privacy Statement. We encourage you to periodically review this Statement to stay informed about how we are helping to protect the personal information we collect. Your continued use of this service constitutes your agreement to this Privacy Statement and any updates.

How to contact Webdoctor with questions

The data controller responsible for your information is Webdoctor Ltd., which you can contact at (subject “FAO DPO”) or by post at:

Data Protection Officer
Webdoctor Ltd.
20 Knockmeenagh Road
Dublin 22