Skip to content
LEGAL

Privacy Policy

This policy explains what data ResoClinx collects, why we collect it, how it is stored, and the rights you have over it.

Last updated: April 2026

Who we are

ResoClinx is the data controller for personal data collected through resoclinx.com and the ResoClinx platform. For all data requests contact contact@resoclinx.com.

What data we collect

From website visitors: Name, email, phone, clinic name, country, IP address, browser type, pages visited, referring source. Collected when you submit a form, download a guide, take the scorecard, or book a call.

From clinic clients (paying customers): Business contact details, billing information, integration credentials (encrypted), team member logins, treatment lists, calendar data, and patient enquiry data we process on your behalf as a data processor.

From end-patients (your clinic's patients, processed on your behalf): Name, contact details, enquiry content, call recordings, WhatsApp messages, photos uploaded for treatment-area assessment, and booking records.

Lawful basis for processing

  • Contract performance for delivering the service to paying clients.
  • Legitimate interest for marketing communications to people who downloaded a guide or made an enquiry.
  • Consent for cookies, marketing emails, and any optional data collection.
  • Data processor agreement with each clinic for processing their patients' data.

How long we store data

  • Marketing leads: 24 months from last interaction, then deleted.
  • Active client data: for the duration of the contract plus 6 months for billing reconciliation.
  • Patient enquiry data processed on a clinic's behalf: per the clinic's retention policy, default 24 months.
  • Call recordings: 12 months unless the clinic configures otherwise.

Third-party processors we use

  • Cloudflare (UK, EU, US) for hosting and DDoS protection.
  • Resend for transactional email delivery.
  • Twilio for SMS, voice, and WhatsApp communications.
  • OpenAI and Anthropic for AI inference. No data is used for model training.
  • Stripe for payment processing.
  • GoHighLevel (HighLevel) for CRM and platform infrastructure.
  • Google for GBP integration only, where the clinic has authorised it.

All processors are bound by data processing agreements and operate under appropriate safeguards for international transfers.

Your rights

Under GDPR you have the right to:

  • Access the data we hold on you.
  • Rectify inaccurate data.
  • Erase data (subject to lawful retention requirements).
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.
  • Lodge a complaint with the UK ICO or your local supervisory authority.

To exercise any right, email contact@resoclinx.com. We respond within 30 days.

Cookies

We use essential cookies (site functionality), analytics cookies (anonymised usage patterns), and marketing cookies (only with consent). The cookie banner on first visit lets you accept or decline non-essential cookies.

Changes to this policy

We update this policy when our processing changes. Significant changes are notified by email to active clients. The last updated date at the top reflects the most recent revision.