How we collect, use, and protect your personal and medical data.
Last updated: 1 March 2025. Effective date: 1 March 2025.
InterHealthTour Ltd. (“InterHealthTour”, “we”, “us”) is registered in England and Wales (Company No. 12345678) at 71–75 Shelton Street, Covent Garden, London WC2H 9JQ. We operate the medical tourism marketplace at www.interhealthtour.com.
Information you provide: Name, email, phone number, country of residence, treatment details, medical history, medical reports and scans uploaded voluntarily, and correspondence with our team.
Information collected automatically: IP address, browser type, pages visited, time on site, referring URL. We use cookies for functionality and anonymised analytics. See our Cookie Policy for details.
We use personal data to: process your quote request, match you with suitable partner clinics, coordinate your travel arrangements, send service communications, improve our platform, and comply with legal obligations. We do not use your personal data for advertising profiling or sell it to third parties.
For EU/UK residents, we process data under: performance of a contract (quote and coordination services); legitimate interests (platform improvement, fraud prevention); consent (marketing communications — withdrawable at any time); and legal obligation (compliance with applicable law).
Medical information is classified as Special Category Data under GDPR Article 9. We process this data only with your explicit consent, stored with AES-256 encryption, and shared only with the specific clinics to which you consent to send your information.
We share your personal data with: partner clinics (only those you have consented to contact); our coordination team; trusted service providers under strict data processing agreements (cloud hosting, payment processing, email delivery). We do not sell personal data.
Where data is transferred outside the UK/EEA, we ensure adequate safeguards are in place (Standard Contractual Clauses or adequacy decisions).
We retain personal data for 3 years after your last interaction, or as required by law. Medical data is deleted on your request or after 5 years of inactivity.
Under GDPR, you have the right to: access, rectify, erase, restrict, or port your data; object to processing; withdraw consent; and lodge a complaint with the ICO (ico.org.uk). Contact us at [email protected].
We use strictly necessary cookies (functional), analytics cookies (Google Analytics, anonymised), and no advertising or tracking cookies. You can manage cookie preferences via our consent banner.
Data Protection Officer: [email protected]
General privacy queries: [email protected]