Privacy Policy and Terms of Use

Privacy Policy and Terms of Use

ETHOS Digital Health Limited (“We”) are dedicated to safeguarding your personal data and respecting your privacy. This document, along with any other documents referenced herein, outlines the basis on which any personal data we collect from you, or that you provide to us, will be processed. It also details your rights regarding the data we collect and how to exercise those rights.

What Information Do We Collect and Process About You When You Visit Our Website?

When you fill in forms on our website www.ethos.co.im (“our site”), we collect your personal data. This includes information you provide when registering to use our site. We also gather information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through, and from our site (including date and time), page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

When You Contact Us

Information is collected when you correspond with us by phone, email, or otherwise. This includes each time you visit our sites. The information you give us may include your name, address, email address, and phone number, collected based on our legitimate interest to respond to your requests for information about our services.

For Marketing Purposes

We will never sell your data or provide access to third parties for marketing purposes. We use your personal data to inform you about other goods and services we offer that are similar to those you have already purchased or enquired about. You can opt out of receiving marketing messages at any time.

When You Apply for a Job With Us

Applying for a position at ETHOS Digital Health Limited requires you to provide personal information, including your name, address, job and career history, educational background, and other relevant CV details. This is processed based on discussing a potential employment contract.

What Do We Do With Your Personal Data?

We use the information to improve our site and ensure content is presented effectively, as part of our service provision and to keep our site safe and secure. We only use your information where legally permitted, specifically to comply with legal or regulatory obligations.

Our website uses cookies to distinguish you from other users, providing a good browsing experience and enabling us to improve our site. Please read our cookie policy for further details.

Data Platform Operations

In addition to our website activities described above, ETHOS Digital Health Limited operates an internal business intelligence platform that integrates data from our operational systems to support business reporting, project management, and financial analysis.

What Data We Process:

  • Project and client information from our project management system (CMAP)
  • Financial and invoicing data from our accounting system (Xero)
  • User authentication and access data for platform users
  • Business analytics and reporting data derived from the above

Who We Process Data About:

  • ETHOS staff members who use the platform
  • Our clients and their contact details (for business relationship management)
  • Contractors and suppliers (for project and financial management)

Legal Basis for Processing: We process this data based on our legitimate interests in:

  • Operating our business efficiently
  • Managing client relationships and projects
  • Financial reporting and compliance
  • Business analysis and improvement

Third Party Data Processors

To operate our data platform, we use the following trusted third-party processors:

Supabase (EU) – Database and data storage services

  • Purpose: Secure storage of business data and analytics
  • Location: European Union data centres
  • Safeguards: EU hosting with GDPR compliance

Clerk Inc. (US) – User authentication services

  • Purpose: Secure user login and access management
  • Location: United States
  • Safeguards: Data Privacy Framework certified with Standard Contractual Clauses for EU-US transfers

All processors are bound by comprehensive Data Processing Agreements and implement appropriate technical and organisational security measures.

Data Retention for Platform Operations

Business and project data is retained for:

  • Active projects: Duration of project plus 7 years for business records
  • Client information: Duration of business relationship plus 7 years
  • Financial data: 7 years in accordance with accounting requirements
  • User access logs: 2 years for security and audit purposes

Your Rights Regarding Platform Data

The same rights described above apply to data processed through our platform. If you are an ETHOS client or contact and wish to exercise your rights regarding data we hold about you in our business systems, please contact us using the details provided below:

Their website: https://www.inforights.im/complaint-handling/how-to-make-a-complaint-to-the-information-commissioner/

Isle of Man Information Commissioner, P.O. Box 69, Douglas, Isle of Man, IM99 1EQ

Email: [email protected]

Telephone: +44 1624 693260

Contact Us

For questions or to exercise your rights over your information, contact us via our contact form or email us at [email protected]

Policy Information

This policy was last updated on 17th June 2025 and may be revised at any time.