Privacy Notice

Last Revision Date: March 2020

Purpose: This Privacy Notice describes our privacy practices to help you understand what personal data we collect, use, share and transfer and to inform you about the choices you can make regarding your personal data.

Table of contents

  1. Introduction
  2. Who we are (identity of the data controller)​
  3. Legal basis for data processing​
    Our users​
    Non-user contacts​
    Web submissions​
    Patient data​
    National data opt-out
  4. Why do we need your Personal Data?​
  5. Data Protection Officer (DPO)​
  6. Collection and processing of personal data​
  7. Where do we store and process your personal data?
  8. Sharing of information​
  9. Forums guidance
  10. Security measures and storage of personal data​
  11. Cookies
  12. Log Data​
  13. Disclosure of your Personal Data to third parties​
  14. How long we retain your Personal Data​
  15. Touch ID/Fingerprint/Facial recognition​
  16. Data subject rights​
    The right to be informed​
    The right of access​
    The right to rectification​
    The right to erasure (right to be forgotten)​
    The right to restrict processing​
    The right to data portability​
    The right to object​
  17. How to exercise your rights​
  18. Questions and Complaints​
  19. Changes to this privacy notice​

1. Introduction

Pando regards your privacy and the handling of your personal data with the utmost importance. This Privacy Notice details how we collect, use and securely store any personal data submitted to us through use of our site and the Pando Mobile Application.

There is also an explanation of the various rights you can exercise as a data subject, as well as how you can exercise those rights.

The scope of this Privacy Notice applies to

2. Who we are (identity of the data controller)

For the purposes of this privacy notice, Forward Clinical Ltd (“us”, “we”, or “our”) is the data controller and operates the Pando mobile application (the “Service”) and website.

Our registered office address is: 300 St John Street, London EC1V 4PA.

Our company number is: 10420044

Our ICO registration is: ZA237861

Our users

We process your user data on the legal basis of explicit consent.

Non-user contacts

We process your data on the legal basis of explicit consent.


Where a contract has been signed, we process your data on the legal basis of contract.

Web submissions

We process your data, (your name and the email address that you enter) and any additional personal data you send us on the legal basis of legitimate interest. On submission we give you the option to opt into further marketing, on the basis of explicit consent.

Patient data

Patient data is considered to be a special category of data under the General Data Protection Regulation (EU) 2016/679 (GDPR) and is processed under section 6(1)(c) “necessary for compliance with a legal obligation to which the controller is subject” and 9(2)(h) “(h) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or member State law pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3;”

Giving your explicit consent for us to process your data does not affect your rights. Details of your rights and our data retention periods are further explained below in this Privacy Notice. It should be noted that for patient’s data Pando is the processor and not the controller. Any queries in relation to patient data should be addressed to the hospitals/trusts as they remain the controllers of patient data.

For all individuals, users and non-user contacts we rely on separate, explicit consent for direct marketing. You may withdraw your consent for further processing, fully or for specific purposes at any time by emailing It is important to note that this may affect the services we are able to offer you, and we may need to continue to process data relating to your request to withdraw consent.

National Data Opt-out

Information about your health and care helps the NHS to improve your individual care, speed up diagnosis, plan your local services and research new treatments.

In May 2018, the strict rules about how this data can and cannot be used were strengthened. The NHS is committed to keeping patient information safe and always being clear about how it is used.
The NHS, local authorities, university and hospital researchers, medical colleges and pharmaceutical companies researching new treatments can use your confidential patient information for research and planning. You can choose whether your confidential patient information is used for research and planning.

Type 1 Opt-out: medical records held at your GP practice
You can tell your GP practice if you do not want your confidential patient information held in your GP medical record to be used for purposes other than your individual care. This is commonly called a type 1 opt-out. This opt-out request can only be recorded by your GP. If you choose a Type 1 opt-out, you should ask your GP for a National Type 1 Data Opt-out Form.

Type 2 Opt-out: information held by NHS Digital
A Type 2 opt-out is an objection that prevents your personal confidential information from being shared outside of NHS Digital, that is used for research and planning.

Previously you could tell your GP surgery if you did not want NHS Digital to share confidential patient information that is collected from across the health and care service for purposes other than your individual care. This was called a type 2 opt-out.

From 25 May 2018 the type 2 opt-out has been replaced by the national data opt-out. Type 2 opt-outs that have been recorded previously have been automatically converted to national data opt-outs.

You do not need to do anything if you are happy about how your confidential patient information is used. If you do not want your confidential patient information to be used for research and planning, you can choose to opt out securely online or through a telephone service.

You can change your choice at any time. To find out more or to make your choice visit and/or view the NHS Digital patient Leaflet

Forward Clinical Ltd expects its Data controllers (Trusts, GP’s etc), whether solely or jointly with another organisation, to be responsible for ensuring that national data opt-outs are applied in line with the policy.

In some cases, this requires the Controller to instruct Forward Clinical Ltd (acting as a data processor under their instruction) to apply the national data opt-out.

In line with wider legal requirements as a data processor (Forward Clinical Ltd) will comply with written instructions from the data controller in relation to the national data opt-out.

4. Why do we need your Personal Data?

Providing Pando with your personal data is an obligation of using the Service. This is because your personal data is required to confirm your identity as a user, to maintain accurate clinical records for your patients or clients, and to identify you to other users who may need to contact you.

5. Data Protection Officer (DPO)

Pando has duly appointed Claire Robinson as the Data Protection Officer (DPO). Should you need to contact the Pando’s DPO directly, you can do so:


You can write to the DPO at: 300 St John Street, London, EC1V 4PA

6. Collection and processing of personal data

While using our service, we may ask you to provide us with certain personal data that can be used to contact or identify you. This includes:

  • Full name
  • Email address
  • Mobile number
  • Place of work
  • Specialty
  • Grade

Whilst using the Service, personal data is generated relating to your professional and/ or clinical activities. This includes user ID/time/date stamps relating to messages or files sent, tasks created and edited, patient profiles created and edited, photos taken. These are obtained by taking any action within the app and form part of the audit trail generated by the Service.

We may also collect information from individuals, users and non-users, who contact us, via email, telephone or web submission. This will include name, email address and in some cases telephone number, and details related to your place of work.

We may use your personal data for providing the Service, including to:

  • Maintain and improve the Service
  • Contact individuals for the purposes of preventing or addressing service, security or technical issues
  • To answer queries from users directly
  • Maintain the service of the platform

With your explicit consent we may use your personal data for sharing, with users and non-user contacts, details of our services and products in the form of marketing.

7.Where do we store and process your personal data?

The personal data that we collect from you is stored in the European Union on (Europe) Cloud Servers of Amazon Web Services with all primary processing taking place in London, UK. This data may, however, be processed by sub-processors operating outside of the European Economic Area (“EEA”) based on a data processing agreement if the additional requirements of Art. 44 et seq. GDPR for processing in third countries are compliant with an appropriate level of protection in the third country and appropriate guarantees under Art. 46 GDPR (such as standard data protection clauses, or exceptional circumstances under Art. 49 GDPR). A full list of our third-party sub-processors and details of their privacy policies can be found here.

Where we process data on behalf of the UK NHS service, we ensure that data will always be stored and processed on the Cloud Servers of Amazon Web Services within the London Cluster and will not leave the EEA.

Sensitive information between your browser and our Website is transferred in encrypted form using Transport Layer Security (“TLS”). When transmitting sensitive information, you should always make sure that your browser can validate our certificate.

Please contact our Data Protection Officer if you would like further details on the specific safeguards applied to the export of your personal data outside the EEA –

Processors and sub-processors

Infrastructure processors

Customer feedback, engagement and analytics

Customer Support

8. Sharing of information

We do not share your information with anyone outside Pando without your express permission to do so.

Under no circumstances will your information be sold or passed on to third parties for the purposes of marketing, sales or other commercial uses without your prior express consent.

We may disclose information to third-parties where it is necessary, such as where there is an overriding legal obligation, where permitted under Data Protection Legislation or for the purposes of the prevention and/or detection of fraud or crime.

9. Forums guidance

The forums feature in Pando is for clinicians and health workers who need to disseminate information quickly and have a point of reference especially during the COVID-19 pandemic.

Forums are a fixed point of contact for staff at health and social care organisations. The structure is similar to ‘teams,’ as per the existing functionality in the Pando App. The key difference is that users can will search for the forum (e.g. COVID-19 updates) and automatically join.

Stay safe, stay legal

Remember that anyone can read your posts, so please check that you do not include sensitive personally identifying information about either your patients or yourself. Forums are not the place to share confidential information.

You must respect privacy and confidentiality and follow the guidance of your Information Governance teams and NHS England at all times.

Report any post that you consider to be factually inaccurate, misleading or abusive (see respect below) to

Respect each other

Pando forums are a place for:

  • Co-ordinating and disseminating information encouraging.
  • Supporting each other.
  • Offering advice and suggestions.
  • Posting relevant information.

To achieve this, we ask that users: be respectful – You must not post materials or topics which are insulting, offensive, abusive, vulgar, hateful, harassing, obscene, profane, lewd or physically threatening. We ask that everyone who posts makes the effort to respect all other views and does not attempt to force any personal views onto others. We expect those who post to accept others’ comments in the way that they are meant, as in support and information sharing.

To make the Forums easy to read and use, we ask that users:
  • Write clearly when you compose a message – Review your message before you post.
  • Don’t use ALL CAPS – It is shouting and makes the message harder to read.
  • Don’t post off-topic messages – keep the message relevant to the forum.
  • Remember that spamming and advertising is strictly prohibited – Any and all advertising, chain letters, pyramid schemes, solicitation, spamming and trolling is inappropriate and unacceptable on any of our forum areas.
Contacting a moderator

If you need to contact us with a forums query please email

Data Protection

If you have a concern about data protection please email

10. Security measures and storage of personal data

Where you communicate with us via our site, the nature of the Internet is such that we cannot guarantee or warrant the security of any information that you transmit as no data transmission over the internet can be guaranteed to be 100 % secure. However, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your Personal Data.

11. Cookies

Our site uses “cookie” technology to enhance your user experience. A cookie is a small piece of text stored by your browser on your computer, at the request of our server.

Please refer to Pando’s cookie declaration for information about the cookies we use.

Change your consent

12. Log Data

When you access the Service by or through a mobile device (such as a smartphone or a tablet), we may collect certain data automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser you use and other statistics (“Log Data”).

13. Disclosure of your Personal Data to third parties

We disclose your Personal Data to various recipients to improve our Service, including.

  • to third parties who we engage to provide services to us, such as outsourced service providers, IT service providers;
  • to comply with any applicable law or regulation, a summons, search warrant, court regulatory order, or another statutory requirement.

14. How long we retain your Personal Data

We will not retain your Personal Data for longer than is necessary under the principle of data minimisation. User account details are stored for the duration of you maintaining an account. We will only retain your personal data for as long as it is required to fulfil the original purpose for which it was collected, including the purposes of satisfying any legal, accounting, or reporting requirements.

If you ask us to delete your data then we may not be able to provide you with all of the services offered from this website.

15. Touch ID/Fingerprint/Facial recognition

Users may choose to use Fingerprint/Facial recognition/Touch ID as part of the Service. This data is not collected, stored or processed in any manner by Pando. We advise that users should review the privacy notice relating to their device and its operating system before setting up any fingerprint or facial recognition systems.

16. Data subject rights

Under the General Data Protection Regulation (GDPR), data subjects whose data is processed by Pando are entitled to exercise certain rights against their personal data. These rights are designed to put Data Subjects in the driving seat when it comes to how their personal data is handled by organisations.

The right to be informed

Pando is obliged to ensure that any communications regarding our data processing activities between ourselves and any Data Subjects is provided is a clear and transparent manner. This is provided by this Privacy Notice.

The right of access

You are entitled to request a copy of the all personal data currently held about you as well as the following information about your data:

  1. The purpose of processing;
  2. The categories of personal data concerned;
  3. The recipients to whom the personal data has been disclosed;
  4. The retention/envisioned retention period for that personal data;
  5. The source of the personal data if it has been collected from a third-party.
The right to rectification

If you believe the personal data we hold about you is either inaccurate or incomplete, you may exercise this right to correct or complete this data. This right can be used with ’the right to restrict processing ‘to ensure that any inaccurate or incomplete data is not processed until corrected.

The right to erasure (right to be forgotten)

You may request erasure of any personal data we hold on you without undue delay where one of the following grounds apply:

  1. The personal data are no longer necessary in relation to the purposes they were collected or otherwise processed;
  2. The data subject withdraws consent and no other legal ground for processing exists;
  3. The data subject exercises the right to object and no overriding legitimate grounds for processing exist;
  4. The personal data has been unlawfully processed;
  5. The personal data has to be erased for compliance with an overriding legal obligation;
  6. The personal data has been collected in relation to the offer of information society services.
The right to restrict processing

As an alternative to the right to erasure, you may ask us to cease processing your data, but not erase it entirely where one of the following grounds apply:

  1. The accuracy of the personal data is contested;
  2. Processing of the personal data is unlawful;
  3. Personal data is no longer needed for processing, but is still required as part of a legal process;
  4. The right to object has been successfully exercised and processing is temporarily halted pending a decision on the status of the processing.
The right to data portability

You may request your personal data be transferred to another controller or processor in a commonly used, machine-readable format. This right can only be exercised when all of the following grounds apply:

  1. The processing was on the basis of consent
  2. The processing is by automated means
  3. The processing if for the fulfilment of a contractual obligation
The right to object

You may exercise the right to object in instances where:

  1. Processing is based on either the performance of a public task or legitimate interest;
  2. Processing is for direct marketing purposes;
  3. Processing is for the purposes of scientific or historical research;
  4. Processing involves automated decision-making, including profiling.

17. How to exercise your rights

You may request to exercise any of the above rights, free of charge by contacting:

Any data subject request will be responded to within one month, however we reserve the right to refuse or charge an administrative fee for the furthering of any of the above requests if they are done so in a frivolous, vexatious or excessive manner. We will inform you if an administrative charge is being applied before fulfilling your request, so you can decide whether or not to proceed. Typically, in order to further one of the following requests, we will ask for you to provide a form of identification for verification purposes.

18. Questions and Complaints

Should you wish to discuss a complaint, please contact the DPO at the above email address, who will be happy to assist you. 

Alternatively, if you are unsatisfied with the DPO’s response to your concern, Under Article 77 of the GDPR you have the right to lodge a complaint directly with the Information Commissioner’s Office. Under Article 80, you may authorise certain third parties to make a complaint on your behalf (such as legal representation).

19. Changes to this privacy notice

We reserve the right to make changes to this Privacy Notice at any time without prior consultation. Any changes to this Privacy Notice will be posted on our site so that you are always aware of what Personal Data we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use Personal Data in a manner significantly different from that stated in this Privacy Notice, or otherwise disclosed to you at the time it was collected, we will notify you by email.