top of page

​Radiant Science UG

16 Floningweg 12107 Berlin

​

Last updated: 9 July 2025

​

PATIENT PRIVACY NOTICE

​

Radiant Science UG (“we”, “us”, “our”) is committed to protecting your privacy and ensuring the secure handling of your personal data. This Privacy Notice explains how we collect, use, store, and share your information when you use our services (“Services”), and outlines your rights under the UK and EU General Data Protection Regulation (GDPR).

​

If you have any questions, please contact us at info@radiantscience.io

​

WHO WE ARE

Radiant Science UG
Address: 16 Floningweg 12107 Berlin
Contact: info@radiantscience.io

​

We act as a data processor on behalf of healthcare providers (Data Controllers) in accordance with UK and EU GDPR to provide our services to support care delivery. The GP or clinic is the Data Controller. We process data only on their instruction. 

​

WHAT INFORMATION DO WE COLLECT

We collect and process the following categories of personal data to operate effectively, improve service quality, and meet legal and security obligations:

Personal Information

  • Contact details (phone number, email address)

  • Identifiers (name, gender, usernames, encrypted passwords)

  • Preferences and job titles

  • Chat interactions or disclosures through our systems

System Information

  • Device, browser, and operating system details

  • Language, time zone, approximate location, IP address

  • Usage logs (features accessed, duration of actions)

Healthcare Information

  • Health, genetic, and biometric data provided by your care team or disclosed by you

Social Login Data

  • Optional social logins (e.g., Gmail). We do not share medical data with these providers.

Other Sources

  • Public and partner databases, clinics, or platforms, as required for service delivery

 

HOW DO WE USE YOUR INFORMATION?

We process your data for the following purposes, always in accordance with our role as data processor under UK/EU GDPR:

  • Providing and managing our Services

  • Communicating with you on behalf of your care team

  • Ensuring legal and security compliance

  • Improving and personalising our Services

  • Protecting vital interests (e.g., threats to safety)

 

LEGAL BASES FOR PROCESSING

We process your personal data based on one or more of the following legal grounds:

  • Performance of a contract with your healthcare provider

  • Compliance with legal obligations

  • Protection of vital interests

  • Legitimate interests of your care team or as required for service delivery

  • Your explicit consent (where required, e.g., for certain health data processing)

 

WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

We share personal data only with authorised sub-processors who comply with GDPR and uphold high data security standards. Where data is transferred outside the UK or EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses or participation in the EU-U.S. Data Privacy Framework).​ A full list of our subprocessors can be found at ANNEX 1.

 

HOW DO WE HANDLE SOCIAL LOGINS?

If you register or log in using a third-party provider (e.g., Google), we access only basic profile information (such as name and email address). We do not share your medical data with these providers. Please refer to their respective privacy policies for more information.

 

INTERNATIONAL DATA TRANSFERS

Where your personal data is transferred outside the UK or EEA, we ensure that such transfers are subject to appropriate safeguards, such as Standard Contractual Clauses or participation in approved data transfer frameworks, in accordance with applicable law.

 

HOW LONG DO WE KEEP YOUR INFORMATION?

We retain personal data for a maximum of 120 days from the end of service agreement with the Data Controller (the clinic), unless a longer retention period is required by law. Where immediate deletion is not possible (e.g., backups), your data is encrypted and isolated until it can be securely deleted.

 

HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement modern technical and organisational security measures, including:

  • Data minimisation and purpose limitation

  • Encrypted communication and storage

  • Pseudonymisation and anonymisation where feasible

  • Secure system architecture with two-factor authentication (2FA)

  • Continuous security monitoring

  • We support audit logs and accountability obligations under the UK GDPR and NHS data governance standards.

  • We are Cyber Essentials certified and have completed the NHS DSPT toolkit.

Despite our best efforts, no system is completely secure. In the event of a data breach that threatens your data integrity or rights, we will promptly inform affected users and relevant authorities as required by law. You can find out more about our technical and organisational measures in ANNEX II. 

 

CHILDREN

Our Services are intended for users aged 18 years or older. If we become aware of personal data collected from minors without appropriate consent, we will promptly delete such data. Please contact support@radiantscience.io with any concerns.

 

WHAT ARE YOUR PRIVACY RIGHTS?

Under UK and EU GDPR, you have the following rights:

  • Access your personal data

  • Correct or update your data

  • Request erasure (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability

  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, please contact us at info@radiantscience.io. We will respond in accordance with legal requirements.

 

CONTROLS FOR DO-NOT-TRACK FEATURES

Currently, we do not respond to Do-Not-Track browser signals, as standards are not yet finalised.

 

UPDATES TO THIS NOTICE

We may revise this Privacy Notice from time to time. The “last updated” date at the top of the page will always be updated. Material changes will be clearly communicated through our Services or via email.

 

CONTACT US

If you have any privacy-related questions, concerns, or requests to review, update, or delete your data, please contact us at:

Felix Geilert

Email: info@radiantscience.io

We will respond in compliance with legal requirements and privacy standards.

​

ANNEX I:

​

You can find a full list of our subprocessors at SUBPROCESSORS LIST: www.radiantscience.io/subprocessors 

​

ANNEX II:

​

You can find out more about our data security measures in our TECHNICAL AND ORGANISATIONAL MEASURES document: www.radiantscience.io/tom

​

bottom of page