Last updated: 22 June 2026
The data controller is Innovations And More Ltd, a company registered in England
and Wales (Companies House No. 11350220), trading as ClinicianCompliance.com.
ICO Registration Number: C1424540.
Privacy contact: admin@innovationsandmore.com
We collect the following categories of personal data:
Some documents you may choose to upload — including DBS certificates, passport photographs, and health-related credentials — constitute special category personal data under Article 9 UK GDPR, or criminal record data under Article 10 UK GDPR and Schedule 1 of the Data Protection Act 2018.
We process this data only at your explicit direction, solely for the purpose of providing you with a personal compliance vault. The lawful basis for processing this data is your explicit consent (Article 9(2)(a) UK GDPR), which you give by actively uploading a document of this type. You may withdraw consent at any time by deleting the document from your vault.
We do not analyse, disclose, or share the content of your uploaded documents with any third party, except as described in section 6.
| Processing activity | Lawful basis |
|---|---|
| Providing the document vault and account | Contract — Article 6(1)(b) |
| Sending expiry reminder emails (Pro) | Contract — Article 6(1)(b) |
| Processing payment via Stripe | Contract — Article 6(1)(b) |
| Security logging and fraud prevention | Legitimate interests — Article 6(1)(f) |
| Organisation compliance monitoring | Contract — Article 6(1)(b) |
| Processing DBS certificates | Explicit consent — Article 9(2)(a) / DPA 2018 Sch.1 |
| Processing passport / visa / biometric documents | Explicit consent — Article 9(2)(a) |
| Processing health-related credentials | Explicit consent — Article 9(2)(a) |
We use your data to: provide the document vault and compliance tracking service; send expiry reminder emails to Pro users; respond to support enquiries; and detect and prevent fraud or abuse. We do not sell your personal data. We do not use your data for advertising.
We share personal data with the following sub-processors under appropriate data processing agreements:
We do not share your uploaded documents or personal data with any other third party, except where required by law.
Your data is stored on secure servers in the EU. Uploaded files are stored with randomised filenames and served only through authenticated PHP handlers — direct file URLs are not accessible. All connections use HTTPS. Passwords are hashed using bcrypt.
We retain your personal data for as long as your account is active. If you delete your account, all personal data and uploaded files are deleted immediately from our systems. Stripe may retain payment records for their own legal obligations. Security log entries in organisation audit logs are retained for the life of the organisation.
You have the following rights, exercisable by contacting admin@innovationsandmore.com:
We will respond to rights requests within one calendar month. If you are unsatisfied with our response, you may lodge a complaint with the Information Commissioner's Office (ICO) (ICO Registration Number C1424540).
We use one strictly necessary cookie: CC_SESSION, which maintains your login session. This cookie is placed only after you log in and is exempt from consent requirements under PECR. We do not use tracking, advertising, or analytics cookies. See our Cookie Policy for full details.
This service is intended for healthcare professionals aged 18 and over. We do not knowingly collect data from anyone under 18.
We will notify registered users of material changes to this policy by email. The current version is always available at this URL.
Innovations And More Ltd (Company No. 11350220)
ICO Registration No. C1424540
Privacy enquiries: admin@innovationsandmore.com