Version: 14 July 2025
This privacy policy relates to the processing of personal data by eMedvertise N.V., trading as Doctoronline, with its registered office at Mahaaiweg 6, Willemstad, Curaçao (Kingdom of the Netherlands), registered with the Chamber of Commerce under number 108686.
Via Doctoronline, privacy-sensitive data, also referred to as personal data, is processed. Doctoronline attaches great importance to the careful handling of personal data. We therefore process and secure personal data with the utmost care.
This means, among other things, that:
Doctoronline is the controller for data processing within the meaning of the GDPR. In this Privacy Policy, we explain which personal data we collect and use and for what purpose. We recommend that you read this statement carefully
We collect and process the data you provide to us directly, as well as information we gather about you when you use the website. This relates to details you supply by completing forms on our website, www.doctoronline.co.uk (‘Website’), or by corresponding with us via telephone, email, or other means. This includes information you provide when you sign up for our newsletter, create an account, place an order, contact customer service, or take part in other (interactive) features on our Website.
We process the following categories of personal data:
These data are used, among other purposes, for:
In addition to the information outlined above, we also process personal data that you provide as part of special offers and campaigns, such as Tell a Friend. When a friend registers using a customer’s personal link, a unique code (UUID) is used to associate this registration with the customer. This code is used solely to award the reward to the customer once the friend has registered. By submitting the registration form, the friend consents to this association.
This relates to information you provide to us by completing forms on our Website or by contacting us via telephone, email, or by other means. You supply special categories of personal data as part of the medical questionnaire. This includes, among other things, information concerning health, medical history, and/or sexual activity. We collect this data solely for the benefit of the doctors. This data is used for, among other things:
This relates to information we gather about you when you visit our Website. Where required, we only do so after obtaining your consent; for instance, after you accept the use of cookies. The information collected includes, among other things: technical details such as your IP address, login information, browser type and version, browser plugin type and version, operating system, and platform; information regarding your visit, such as the pages you view on our Website (including duration, date, and time), products viewed, page interaction details (such as scrolling, clicking, and mouse-overs), and the telephone number used when you contact our customer service.
This data is used, among other things, for:
This is information we receive about you from selected third parties (such as, for example, business partners, partners in the areas of technical, payment and delivery services, advertising networks, analytics providers, search information providers, providers of ID verification, credit reference agencies). This data is used, among other things, for:
We collect and process your personal data in connection with setting up and/or fulfilling your order with Doctoronline, complying with a legal obligation (such as verifying your identity), or a legitimate business interest of ours. This includes service-related communication (feedback, maintenance, customer satisfaction surveys, or advice), and you have the right to object to this.
If none of these grounds apply, we will request your explicit and informed consent to process your data. For the processing of medical data, we will always seek your consent.
| Purposes | Legal basis |
|---|---|
| Execution of an order or consultation | Performance of a contract (Art. 6(1)(b) GDPR) |
| Processing of medical data | Consent (Art. 9(2)(a) GDPR) |
| Customer service and communication (feedback and suggestions) | Legitimate interest (Art. 6(1)(f) GDPR) |
| Sending marketing communications | Consent (Art. 6(1)(a) GDPR) |
| Improvement of the website and services (maintenance and customer satisfaction surveys) | Legitimate interest (Art. 6(1)(f) GDPR) |
| Legal obligations (e.g. tax record retention requirements) | Legal obligation (Art. 6(1)(c) GDPR) |
We do not retain personal data for longer than is necessary. Your personal data will be stored for as long as your account remains active. Your account – together with the associated personal data – will be deleted by Doctoronline if you have not logged in for 4 years, or 4 years after your last order via Doctoronline. However, certain personal data will be retained for a longer period where there is a legal requirement to do so (for example, the statutory retention period of at least 7 years for payment data and at least 20 years for medical data). Marketing data will be retained until you withdraw your consent or for up to 24 months following the last contact.
We only share personal data with:
Processor agreements have been concluded with all processors in accordance with the GDPR (Article 28 GDPR).
We provide your personal data to third parties (‘processors’) and to companies affiliated with Doctoronline, in order to fulfil and verify rights and obligations arising from the agreement made with you – including services and payments. With these third parties, we have entered into agreements to ensure that their further processing of personal data also complies with the relevant privacy legislation.
In addition, Doctoronline shares your personal data with other third parties, often for marketing purposes. We only do so with your explicit consent.
The doctors we work with operate independently of Doctoronline, and Doctoronline bears no responsibility for the nature and/or quality of the services they provide. For the purpose of requested online consultations, Doctoronline collects your (medical) personal data on behalf of the doctors. This information is stored in a secure environment on Doctoronline’s servers. Doctoronline employees do not have access to this medical data. The relevant personal data and your medication history are accessible only to these doctors, who are independently responsible for your medical record and the associated data processing. We have agreements in place with the doctors to protect your privacy (rights). Your medical data is never shared with third parties, except for Blueclinic Ltd, and only after you have given your consent.
We provide a newsletter designed to keep interested parties informed about eHealth in a broad sense and/or about our services. You can sign up for this newsletter on our website. This newsletter may include information specifically tailored to you – for instance, through ‘profiling’. Every newsletter always contains a link enabling you to unsubscribe.
By using our services, your email address will automatically be added to a list of recipients to whom we may send a service message by email regarding the status of an order, as well as changes and incidents related to our Website or our services, within the context of a closed agreement (an ‘order’).
We may also provide you with information relating to previous orders you have placed with us through this channel. These service emails are sent on the basis of legitimate interest or contractual necessity, but you may unsubscribe from these service emails by using the unsubscribe option included in our communications.
Doctoronline uses your phone number to contact you, if necessary, with any questions or updates concerning the order you have placed. Doctoronline may also get in touch with you by phone in relation to the services provided by Doctoronline. We will only call you if you have expressly given your consent when creating your account. During every phone call, you will have the opportunity to object to being contacted by phone and to withdraw the consent you have previously given.
In certain cases, data is processed outside the EU. This only happens if:
Doctoronline operates a global technical infrastructure. Although Doctoronline does its utmost to avoid this wherever possible, it is possible that your (personal) data may be transferred to countries outside the European Union, where privacy protection regulations may not provide the same level of protection as within the European Union.
You can pay using Klarna. Klarna may carry out a credit check for this purpose, during which (personal) data will be processed. Klarna’s details are: Klarna Bank AB, registration number 556737-0431, Sveavägen 46, 111 34 Stockholm, Sweden. Read Klarna’s privacy statement here.
We use profiling for marketing purposes (such as personalised newsletters and advertisements). No decisions are made that are solely automated with legal consequences.
If you wish, Doctoronline can provide you with an overview of your personal data that we hold on file (Article 15 GDPR). Most of this information can be accessed via your Mijn Doctoronline account. Should this information prove to be incorrect or incomplete, we will amend or supplement it at your request (Article 16 GDPR).
You may also exercise your right to be forgotten (Article 17 GDPR). In such cases, your account and all associated personal data – insofar as legally permitted – will be permanently deleted or anonymised.
If you have reported an inaccuracy or incompleteness in your personal data to us, you may request that we restrict processing while we address your request (Article 18 GDPR). You may also ask us to restrict the processing of your data if you believe we are processing your data unlawfully, no longer require it, or if you have objected to (further) processing. Upon receipt of your restriction request, we will only process the data after obtaining your consent or for compelling reasons (such as a legal proceeding).
You have the right to data portability. This means you are entitled to receive the personal data you have provided to us in a usable format (Article 20 GDPR). Doctoronline will send your data to you in XML format.
If you disagree with a particular processing of your data – including, for example, the automated processing of your personal data (‘profiling’) for direct marketing purposes – you may always object to this (Article 21 GDPR).
If you have given us consent to process your personal data, you may withdraw this consent at any time (Article 13:2c GDPR). You may also withdraw your consent to receive marketing communications or object to this at any time.
You have the right to lodge a complaint with the lead supervisory authority (Article 77 GDPR). For Doctoronline, this is the Dutch privacy regulator; the Autoriteit Persoonsgegevens. You may file a complaint regarding the way we process your personal data.
You can exercise the above rights, and any other rights you have under applicable privacy legislation, by sending a request to info@doctoronline.com. We will comply with your request as soon as possible, but in any event within 4 weeks, or otherwise respond.
You can also exercise your right to be forgotten and your right to data portability from your Mijn Doctoronline account.
Doctoronline has appointed a Data Protection Officer. The DPO operates independently and serves as an internal supervisor. The DPO ensures that Doctoronline implements and adheres to the relevant privacy regulations. If you have any questions regarding the processing of your personal data, you may contact our DPO (Mr B. Teeken) via info@privacyhelder.nl or by calling 088-0606448. You may also contact our DPO if you have any questions, comments, or complaints concerning this Privacy Policy.
We take appropriate technical and organisational security measures to prevent misuse of and unauthorised access to personal data. In particular, we implement the following measures:
If, despite the precautions taken, it unexpectedly transpires that something has gone wrong with the protection of your personal data, or if we suspect this to be the case, we will report it to the Information Commissioner’s Office. If the breach of your personal data could potentially have adverse or negative consequences for you, we will inform you of this as soon as possible. Doctoronline has an internal procedure for managing such incidents.
We use cookies. See our Cookie Policy for further details regarding the types of cookies, their purposes, retention periods, and your preferences.
We reserve the right to amend this privacy policy. Please check this statement regularly for the most up-to-date version.
Last updated: 14 July 2025.