For users of the Pando platform in the UK, the organisation responsible for processing platform user information is: 

Hypori Ltd.  

16 Great Queen Street, Covent Garden, London, United Kingdom, WC2B 5AH 

Hypori Ltd (Hypori) is part of the Hypori group of companies. 

Depending on the circumstances, Hypori may act as either: 

• Data Controller in relation to certain administrative and operational activities associated with the platform, including platform administration and contract management. 

• Data Processor when processing personal information on behalf of healthcare organisations using the platform. 

Healthcare organisations such as NHS Trusts, GP practices, pharmacies, hospices, and other care providers remain the Data Controllers for patient information shared within the platform as part of providing healthcare services. 

Hypori processes such information soley on the documented instructions of the healthcare organisation and in accordance with applicable contractual and data protection obligations.

For privacy and data protection enquiries relating to Pando you can contact: 

Email: privacy@hypori.com 

Hypori has appointed a Data Protection Officer (DPO) responsible for overseeing data protection compliance. 

If you have questions about this notice or about how personal information is handled in connection with the Pando platform, you may contact: 

Data Protection Officer 

Email: privacy@hypori.com 

The Data Protection Officer acts as a contact point for individuals and supervisory authorities in relation to data protection matters. 

This information applies where you: 

• Use Pando Messenger or related Pando services in the UK
  

• Interact with the Pando platform as a healthcare professional or authorised user 

• Communicate with Hypori in relation to the operation or support of the Pando service  

This page supplements the Hypori Corporate Privacy Statement (available on the Hypori website) and should be read alongside it. 

To provide and operate the Pando service, Hypori may process personal information relating to authorised users of the platform. 

This may include: 

Identity information 

• Name 

• Professional role or job title 

• Healthcare organisation or affiliation 

• Professional identifiers where relevant (for example regulatory numbers) 

Contact information 

• Professional email address 

• Telephone number when provided 

Account information 

• Username or account identifier 

• Authentication credentials  

• Account preferences or profile information 

Technical and usage information 

• IP address 

• Device and operating system information 

• Login activity 

• Service usage information required to operate, maintain and secure the platform 

This information is used to: 

• Provide access to the platform 

• Administer and support the service 

• Manage user accounts and permissions 

• Maintain the security and integrity of the platform 

• Monitor system performance and reliability 

• Investigate misuse or security incidents where necessary 

Hypori processes this information on the basis that it is processed under the following lawful bases under the UK GDPR: 

• Article 6(1)(f) – Legitimate interests, where processing is necessary for Hypori’s legitimate interests in operating, maintaining, securing, and improving the platform, provided such interests are not overridden by the rights and freedoms of individuals. 

Where Hypori acts as a Data Processor, the lawful basis for processing personal information is determined by the relevant healthcare organisation acting as Data Controller. 

The Pando platform may be used by healthcare organisations to support communication between clinicians involved in patient care. 

Where patient information is shared within the platform: 

• The healthcare organisation providing care remains the Data Controller 

• Hypori acts as a Data Processor 

• Processing takes place solely on the instructions of the healthcare organisation. 

Healthcare organisations determine the lawful basis for processing patient information. In many cases this will rely on: 

UK GDPR Article 6(1)(e) 

Processing necessary for tasks carried out in the public interest. 

UK GDPR Article 9(2)(h) 

Processing necessary for the provision of health or social care or the management of health or social care systems and services. 

Patients seeking information about how their personal information is used should contact the relevant healthcare provider directly. 

Where Hypori processes personal information on behalf of healthcare organisations, it acts as a Data Processor and complies with the obligations set out in Article 28 of the UK GDPR. 

These obligations include: 

• Processing personal information only on documented instructions from the Data Controller 

• Ensuring that persons authorised to process personal information are subject to confidentiality obligations 

• Implementing appropriate technical and organisational security measures 

• Assisting Data Controllers in responding to requests from individuals exercising their data protection rights 

• Supporting controllers in meeting obligations relating to security, breach notification, and data protection impact assessments 

• Returning or securely deleting personal information at the end of the service relationship where required 

• Making available information necessary to demonstrate compliance with applicable data protection obligations 

Hypori is committed to supporting healthcare organisations in meeting their obligations under the NHS Data Security and Protection Toolkit (DSP Toolkit) and the National Data Guardian’s Data Security Standards. 

Hypori implements governance, security, and operational controls designed to align with the NHS Data Security and Protection Principles, including: 

• Protection of confidential patient information 

• Secure system design and operation 

• Appropriate access control and authentication mechanisms 

• Monitoring and incident response procedures 

• Confidentiality obligations and information governance training for staff 

Healthcare organisations using the Pando platform remain responsible for their own compliance with the DSP Toolkit and associated NHS information governance requirements. 

Hypori uses carefully selected service providers to support the operation and delivery of the Pando platform. These may include providers of: 

• Secure cloud infrastructure and hosting 

• System monitoring and security services 

• Technical support and service management tools 

• Infrastructure used to maintain system reliability and performance 

These providers process personal information solely on Hypori’s documented instructions and are required to comply with contractual confidentiality and data protection obligations. 

Hypori does not sell personal information. 

Where personal information is transferred internationally, Hypori ensures that appropriate safeguards are in place. These may include: 

• UK International Data Transfer Agreements (IDTA) 

• UK Addendum to Standard Contractual Clauses 

These safeguards are intended to ensure that personal information continues to receive a level of protection consistent with UK data protection law. Patient data is always processed in the UK. Some of the sub-processors that we use for technical support may be located outside the UK and the European Economic Area (EEA). We will always ensure that the safeguards described above are in place if we process data internationally. 

Hypori implements appropriate technical and organisational security measures designed to protect personal information against unauthorised access, loss, misuse, or alteration. 

These measures include: 

• Encryption of data where appropriate 

• Secure hosting infrastructure 

• Access control and authentication mechanisms 

• System monitoring and incident response processes 

• Confidentiality and security obligations for personnel and service providers 

Personal information relating to Pando users is retained only for as long as necessary to: 

• Provide and support the Pando service 

• Maintain business and operational records 

• Comply with legal, regulatory or contractual obligations 

Basic account and service relationship information may be retained for up to six (6) years after the end of a customer relationship, in line with UK legal and financial record-keeping requirements. 

Where information is anonymised so that individuals can no longer be identified, it may be retained for longer periods for statistical or service improvement purposes. 

Retention for data held within the Pando App is retained for eight (8) years in agreement with the Data Controller. This retention period aligns with applicable healthcare record retention practices. The justification for this retention is detailed in the Data Protection Impact Assessment (DPIA) for the App. 

Under the UK GDPR, you have a number of rights in relation to your personal information. 

These include: 

Right of access 

You have the right to request confirmation of whether we process personal information about you and to obtain a copy of that information. 

Right to rectification 

You have the right to request correction of inaccurate or incomplete personal information we hold about you. 

Right to erasure 

You have the right to request deletion of your personal information in certain circumstances, for example where the information is no longer necessary for the purposes for which it was collected or where processing is unlawful. 

Right to restrict processing 

You have the right to request that we restrict the processing of your personal information in certain situations, for example while the accuracy of the data is being verified. 

Right to object 

You have the right to object to the processing of your personal information where we rely on legitimate interests as the legal basis for processing. You also have the right to object to the use of your personal information for direct marketing purposes. 

Right to data portability 

In certain circumstances you have the right to receive personal information you have provided to us in a structured, commonly used and machine-readable format and to request that it be transmitted to another organisation. 

Rights relating to automated decision making 

You have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. The Pando service does not use personal information to make automated decisions about individuals. 

Right to withdraw consent 

Where we rely on consent as the legal basis for processing, you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before consent was withdrawn. 

Requests relating to personal information processed by Hypori can be sent to: 

privacy@hypori.com  

If your request relates to patient information processed by a healthcare organisation, you should contact the relevant healthcare provider directly. 

If you are not satisfied with how personal information is handled, you have the right to contact the UK data protection regulator: 

Information Commissioner’s Office (ICO) 

https://www.ico.org.uk 

However, we encourage you to contact us first so that we can attempt to resolve the issue. 

This page may be updated periodically to reflect changes in services, legal requirements, or privacy practices. 

The most recent version will always be available through the Hypori website.