Privacy Policy
Last updated: November 2025
This Privacy Policy explains how Medics in Control Ltd (“we”, “us”, or “our”) collects, uses, and protects personal data when you visit our website https://medicsincontrol.com, contact us, interact with our scorecard, or subscribe to our newsletter.
We are committed to handling your information responsibly and transparently, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
Medics in Control Ltd
Registered office: (insert your registered business address)
Email: privacy@medicsincontrol.com
Website: https://medicsincontrol.com
We lead doctors and healthcare professionals to create purposeful, balanced, and financially empowered lives through coaching, group programmes, and educational content.
2. The data we collect
We may collect and process the following types of personal data:
| Category | Examples | How we collect it |
|---|---|---|
| Contact data | Name, email address, phone number | When you complete a contact form, register interest, or email us |
| Newsletter data | Email address | When you subscribe to our Substack newsletter |
| Scorecard data | Name, email address, self-assessment answers, results | When you complete our “Medic in Control” Scorecard hosted on ScoreApp |
| Client data | Background details, goals, and programme participation | When you enrol in the Doctors Breakthrough Programme |
| Usage data | IP address, browser type, device, pages visited, time on site | Automatically through cookies or analytics tools |
| Technical data | Log files and device information | Automatically from our hosting provider (Hostinger) for security and diagnostics |
We do not collect special category (sensitive) data, such as medical records or health details, via our website.
3. How we use your data
We process personal data to:
-
Respond to your enquiries or requests
-
Register your interest in a programme or event
-
Deliver our newsletter and free educational content (with your consent)
-
Deliver and analyse Scorecard results
-
Manage client relationships and deliver coaching services
-
Improve our website, programmes, and communications
-
Comply with legal or regulatory obligations
We never sell or rent your personal data.
4. Lawful bases for processing
Under the UK GDPR, we rely on the following lawful bases:
-
Consent – for newsletters, scorecard participation, and non-essential cookies.
-
Contract – to provide coaching programmes or respond to specific service requests.
-
Legitimate interests – to operate, secure, and improve our website and manage client relationships.
-
Legal obligation – to comply with accounting, tax, and record-keeping requirements.
You can withdraw consent at any time by contacting privacy@medicsincontrol.com or unsubscribing from communications.
5. How we share your data
We only share data with trusted service providers who help us operate our website and deliver our services. These processors are bound by confidentiality and data protection obligations.
| Processor | Purpose | Location |
|---|---|---|
| Hostinger International Ltd | Website hosting and security logs | EU/UK |
| Elementor / WordPress | Website design, contact forms | EU/US |
| Substack, Inc. | Newsletter subscription and delivery | USA |
| ScoreApp Ltd | Hosting and managing the “Medic in Control Scorecard” | UK |
| Google LLC | YouTube video embedding and (optional) analytics | USA |
| Microsoft / Google Workspace | Email hosting and communications | UK/EU/USA (via SCCs) |
All third parties are required to protect your data and process it only as instructed.
6. International transfers
We are based in the United Kingdom. Some of our service providers may process personal data outside the UK, including within the European Economic Area (EEA) and the United States.
Where data is transferred internationally, we ensure that appropriate safeguards are in place under the UK GDPR — typically through Standard Contractual Clauses (SCCs) approved by the Information Commissioner’s Office (ICO) or adequacy decisions for EEA transfers.
These measures ensure your personal data remains protected to UK standards.
7. Data retention
We retain personal data only for as long as necessary for the purposes it was collected, or as required by law.
| Data type | Retention period |
|---|---|
| Contact form enquiries | Up to 12 months after last correspondence |
| Client and coaching programme records | Up to 6 years after programme completion |
| Newsletter subscriber data | Until you unsubscribe or request deletion |
| ScoreApp data | Up to 12 months after completion of the Scorecard |
| Website analytics data | Up to 26 months |
| Server and security logs | Up to 6 months |
After these periods, data is securely deleted or anonymised.
8. Cookies and third-party content
Our website uses essential cookies to function properly and may use optional cookies (e.g. analytics or marketing) to understand usage and improve performance.
We also embed third-party content such as YouTube videos and Substack widgets, which may set their own cookies when viewed.
You can manage or withdraw cookie consent at any time through our cookie banner or your browser settings.
Full details are available in our Cookie Policy (link to your plugin-generated Cookie Policy page).
9. Data security
We use appropriate technical and organisational measures to protect your personal data, including SSL encryption, password protection, access controls, and secure hosting.
While we take reasonable precautions, no system is completely secure; transmission of information online is at your own risk.
10. Your rights
Under the UK GDPR, you have the following rights:
-
Access a copy of your personal data
-
Request correction or deletion of inaccurate data
-
Restrict or object to certain types of processing
-
Withdraw consent where processing is based on consent
-
Request data portability (transfer to another provider)
-
Lodge a complaint with the Information Commissioner’s Office (ICO)
You can contact the ICO here: https://ico.org.uk/make-a-complaint/
To exercise your rights or raise a privacy concern, email privacy@medicsincontrol.com.
11. Links to other websites
Our site may include links to other platforms, such as Substack, ScoreApp, or YouTube.
We are not responsible for the content, privacy practices, or cookies used by those websites.
We recommend reviewing their Privacy Policies before providing any personal data.
12. Updates to this policy
We may update this Privacy Policy periodically to reflect changes in our services or legal obligations.
The latest version will always be available on this page, with the “Last updated” date shown above.
13. Contact us
If you have any questions or concerns about this Privacy Policy or your personal data, please contact:
Data Protection Contact
Medics in Control Ltd
Email: privacy@medicsincontrol.com