Privacy Policy

Privacy Policy

How Book a Scan collects, uses, shares and protects your personal data.

Last updated June 2026
Website https://www.bookascan.co.uk
Company AIS Health Ltd
Policy type Privacy and data protection

Book a Scan is committed to protecting your privacy and handling your personal data responsibly.

This Privacy Policy explains what data we collect, how we use it, and your rights under UK data protection law.

This includes the UK General Data Protection Regulation and the Data Protection Act 2018.

1. Who We Are

Book a Scan is the data controller for the personal data you provide when using our website and booking platform.

We are responsible for ensuring your data is handled lawfully, fairly and transparently.

2. What Data We Collect

We may collect the following categories of personal data.

Contact and identity information

  • Full name
  • Date of birth
  • Email address
  • Telephone number
  • Postal address

Health and medical information

Health information is special category data.

Because we operate a healthcare booking platform, we collect special category data under UK GDPR Article 9.

This may include:

  • Symptoms and clinical history provided in medical forms
  • Referral letters or clinical correspondence where provided
  • Medication history relevant to the scan
  • Pregnancy or breastfeeding status
  • Implant or device information relevant to scan safety
  • Allergy history where relevant to contrast scans

Booking and transaction data

  • Scan type and body area requested
  • Preferred location and provider
  • Booking history and appointment records
  • Payment information

Payment data is processed securely. We do not store your full card details.

Technical data

  • IP address
  • Browser type and version
  • Pages visited and time spent on site
  • Referring website
  • Cookie data. Please see our Cookie Policy.

3. How We Use Your Data

We use your personal data for the following purposes.

  • To process your booking enquiry and facilitate your appointment
  • To carry out clinical suitability and safety checks
  • To share relevant clinical information with your imaging provider
  • To communicate with you about your booking
  • To process payment for your booking
  • To comply with legal and regulatory obligations
  • To improve our platform and services

4. Legal Basis for Processing

We process your personal data on the following legal bases.

  • Contract: Processing is necessary to fulfil your booking and provide our services.
  • Legal obligation: We may process data to comply with applicable law.
  • Legitimate interests: We process certain technical data to operate and improve our platform.
  • Explicit consent: For special category health data, we rely on your explicit consent. You provide this when completing the medical information form.

5. Sharing Your Data

We may share your personal and health data with selected parties.

  • Imaging providers: We share the clinical information necessary to facilitate your booking and appointment.
  • Payment processors: Payment data is processed by our secure payment provider.
  • IT and platform service providers: We use third-party services to operate our platform. These providers are bound by appropriate data processing agreements.
  • Regulatory bodies: We may be required to share data with regulators or law enforcement in certain circumstances.

We do not sell your personal data to third parties.

6. Retention of Data

We retain your personal data for as long as necessary.

This includes fulfilling the purposes for which it was collected.

We may also retain data to comply with legal, regulatory and clinical record-keeping obligations.

Health data may be retained for longer periods. This is in line with applicable healthcare record-keeping guidance.

7. Your Rights

Under UK GDPR, you have the following rights.

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can ask us to correct inaccurate data.
  • Right to erasure: You can ask us to delete your data in certain circumstances.
  • Right to restrict processing: You can ask us to limit how we use your data.
  • Right to data portability: You can request your data in a portable format.
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time.
  • Right to object: You can object to processing based on legitimate interests.

To exercise any of these rights, please contact us using the details on our website.

We will respond within one calendar month.

8. Data Security

We take appropriate technical and organisational measures to protect your personal data.

These measures help protect against unauthorised access, loss or disclosure.

Health data is treated with the highest level of care. It is only accessible to those who need it to process your booking.

9. International Transfers

We aim to keep your data within the UK and European Economic Area.

Where data is transferred outside these areas, we ensure appropriate safeguards are in place.

These safeguards are applied in line with UK GDPR requirements.

10. Complaints

If you have concerns about how we handle your data, you have the right to lodge a complaint with the ICO.

You can contact the Information Commissioner’s Office at ico.org.uk .

11. Changes to This Policy

We may update this Privacy Policy from time to time.

The current version will always be available on our website.

12. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us through the contact details provided on our website.

AIS Health Ltd
Trading as Book a Scan
4th Floor, Silverstream House
45 Fitzroy Street
Fitzrovia
London
England
W1T 6EB

Website: https://www.bookascan.co.uk