Toggle Side Panel

Privacy Policy

Below is an improved and updated Privacy Policy reflecting your current service providers (Cloudways hosting, Fluent Forms, FluentCRM, etc.). Please review and tailor any sections to match your exact practices and legal requirements. Remember to remove or modify items that do not apply to your business.

Privacy Policy

Welcome to Clinical Coding Hub (“we,” “us,” or “our”), operated by Clinical Coding Hub Limited of 60 Simpson Close, Leagrave, Luton, Bedfordshire, England, LU4 9TP, UK. This Privacy Policy explains how we collect, use, protect, and disclose your personal data (“Personal Data”) when you visit our website at www.clinicalcodinghub.co.uk (“Website”) or use our services.

1. General Information

1.1 Applicable Law

We process Personal Data in accordance with applicable data protection laws, including the UK’s Data Protection Act (DPA) and the EU General Data Protection Regulation (GDPR).

1.2 Definition of Personal Data

“Personal Data” means any information relating to you that can identify you directly or indirectly—such as your name, date of birth, email address, postal address, phone number, or IP address.

1.3 Definition of Processing

“Processing” refers to any operation performed on Personal Data, whether automated or not—such as collection, storage, use, disclosure, and deletion.

1.4 Data Controller

Clinical Coding Hub Limited is the data controller responsible for the processing of your Personal Data under the DPA and GDPR. If you have questions about this policy or our data practices, please email us at info@clinicalcodinghub.co.uk, use our Contact Form, or write to us at the address above.

1.5 Legal Bases for Processing

Under the DPA and GDPR, we rely on at least one of the following legal bases when processing your Personal Data:

  1. Consent – You have given explicit permission for a specified purpose.
  2. Contract – Your data is required to fulfill our contractual obligations or respond to your requests.
  3. Legitimate Interests – Our legitimate business interests allow processing as long as your fundamental rights do not override those interests.
  4. Legal Obligation – We process data to comply with legal or regulatory requirements (e.g., responding to court orders).

2. Data We Collect Automatically

2.1 Log Data

When you visit our Website without registering or logging in, our servers automatically collect certain information (“Log Data”), including:

  • IP address of your device
  • Date and time of access
  • Name and URL of accessed files/pages
  • Browser type and version
  • Number of bytes transferred
  • Status of the page retrieval (e.g., success, error)
  • Session ID
  • Referrer URL (the page from which you arrived)

2.2 Hosting

We host our Website through Cloudways, which processes all data necessary for operating and providing our Website on our behalf. This is based on our legitimate interest in offering our Website reliably and securely.

2.3 Content Delivery (if applicable)

If you use additional content delivery networks (CDNs) or caching services (e.g., Cloudflare, StackPath), please include those details here. Otherwise, you may remove this section.

2.4 Content Management System (CMS)

Our Website runs on WordPress, which manages and publishes content. WordPress itself may process data such as comments or form submissions, depending on the plugins or features you interact with.

3. Third-Party Services and Content

We sometimes embed or integrate content from third-party services for functionality (e.g., analytics, fonts, forms). These providers may see your IP address to deliver their content or service. Below are the third-party services we use:

  1. Analytics & Tag Management
  2. Payment Processing
  3. Fonts & Icons
  4. Spam Protection
  5. Social Media Platforms

4. Cookies

4.1 What Are Cookies?

Cookies are small files placed on your device by our servers (or those of third parties) to remember user preferences or track usage.

4.2 Types of Cookies We Use

  • Essential Cookies – Necessary to ensure our Website functions properly (e.g., login cookies, session cookies).
  • Non-Essential Cookies – Used for analytics, performance, or advertising.

4.3 Legal Basis for Cookies

We only use Essential Cookies without explicit consent. For Non-Essential Cookies, we obtain your consent per the UK Privacy and Electronic Communications Regulations (PECR) and the EU ePrivacy Directive.

4.4 Cookie Consent

We use a cookie consent tool that manages your preferences. When you first visit, the tool prompts you to choose which cookies you permit. Information collected includes:

  • IP address
  • Browser and device details
  • The time and date of your visit
  • Your consent status (accepted or declined certain categories)

For specific details on our cookies, see our Cookie Policy (or insert real link).

5. Data We Collect Directly

5.1 Contacting Us

When you contact us via our Contact Form, email, phone, or social media, we collect:

  • Name
  • Email address
  • Telephone number (if provided)
  • Any other Personal Data you share in your message

We use this information solely to respond to your inquiries. We delete your data when no longer needed, unless legal obligations require retention.

5.2 Forms

We use Fluent Forms (by WPManageNinja LLC) to handle form submissions on our Website. Data you enter into our forms is processed by Fluent Forms.

5.3 Membership or User Account

For certain services, you may register for an account using MemberPress. We collect and store:

  • Username or nickname
  • Email address
  • Password
  • Other relevant membership details (e.g., subscription status, billing information)

This data is retained as long as your account is active or as legally required. Once you cancel your membership or delete your account, we remove or anonymize your data unless we must retain it by law.

5.4 Payment Information

Payments for memberships or other products are processed by PayPal or Stripe. We do not receive or store your full payment details; only the information necessary to confirm payment.

5.5 Customer Relationship Management (CRM)

We manage customer data and communications through FluentCRM (by WPManageNinja LLC). This includes:

5.6 Marketing & Newsletters

If you opt in to receive marketing messages or newsletters, we use your data (usually name and email) to send relevant updates or offers. You can unsubscribe at any time by following the “unsubscribe” link in each message or contacting us directly.

6. Principles of Processing Personal Data

6.1 Storage and Retention

We keep Personal Data only as long as necessary for the purposes stated or to satisfy legal requirements (e.g., HMRC retention periods). This generally ranges from two to six years.

6.2 Security

We protect your data through organizational and technical measures (such as SSL encryption and restricted access). However, no method of transmission over the internet is completely secure. If a data breach occurs, we will notify affected individuals as soon as feasible.

6.3 Special Category Data

We typically do not process special category data (e.g., health, religious beliefs) unless explicitly required for a specific service and done so with your explicit consent.

6.4 Automated Decision-Making

We do not engage in fully automated decision-making (including profiling) that legally or significantly affects you.

6.5 Sale of Personal Data

We do not sell your Personal Data.

7. Sharing and Disclosure

We only share your Personal Data with third parties:

  1. To Perform Services – e.g., hosting, payment processors, CRM, or other essential providers.
  2. When You Consent – e.g., opting into specific data sharing.
  3. Legal Obligations – e.g., responding to valid legal orders or investigations.
  4. Legitimate Interests – e.g., to protect our rights, property, or safety of others.

8. International Transfer

Your Personal Data may be transferred outside your jurisdiction (including to the United States) for processing, storage, or backup. We ensure adequate safeguards (e.g., Standard Contractual Clauses) are in place to protect your data when it is transferred internationally.

9. Your Rights

Under the DPA and GDPR, you have the following rights regarding your Personal Data:

  1. Right to Information – Ask if we process your data and why.
  2. Right to Rectification – Request corrections of inaccurate or incomplete data.
  3. Right to Erasure – Also known as the “right to be forgotten,” under certain circumstances.
  4. Right to Data Portability – Receive your Personal Data in a structured, commonly used format.
  5. Right to Object – Object to processing based on legitimate interests or for direct marketing purposes.
  6. Right to Withdraw Consent – Revoke any consent you’ve given at any time.
  7. Right to Lodge a Complaint – File a complaint with a supervisory authority. In the UK, that is the ICO.
  8. Right Not to Be Subject to Automated Decision-Making – Request human intervention for significant decisions made solely by algorithms.

If you wish to exercise any of these rights, please contact us at info@clinicalcodinghub.co.uk or via our Contact Form.

10. Changes

We may update this Privacy Policy from time to time to reflect changes in our services or compliance requirements. We will post the updated version on our Website and update the “Effective Date” below.

11. Contact Us

If you have questions about our privacy practices or want to make a complaint, please reach out:

12. Effective Date

This Privacy Policy was last updated on Thursday, 15 March, 2025.

Thank you for reading our Privacy Policy.