Healios Privacy Policy – Healthcare Services

Introduction and summary of our privacy policy

Welcome to Healios Limited’s privacy policy in relation to our healthcare services. This privacy policy also covers use of our app called “ThinkNinja”.

Healios goals are:

  • To provide our users (we also refer to as ‘clients’) with a range of high standard psychological services covering early support for mental health and emotional wellbeing, assessment, psychological treatment, wellbeing monitoring and care in a manner which is flexible and user friendly
  • To improve and develop the services we provide so we continue to deliver high standard services. This includes monitoring clinical outcomes.
  • To support our clinical team delivering our services in meeting their professional standards and in the process of continuing their professional training
  • To support others involved in our client’s care include their family members and other healthcare professionals
  • To share our learning with the wider professional community and contribute to developments in the field of mental health
  • To comply with legal and regulatory requirements

We process your personal data in support of those aims. We are transparent about our processing. We respect the confidentiality of your personal data. We share your personal data for the purpose of our client’s direct care and in a limited number of other ways permitted or required by law.

When you use Healios services, you trust us with your information. You can use Healios services knowing that we do not gather your personal information to sell to other organisations. Healios collects and processes personal data in accordance with this policy and to deliver high quality care to our clients.

Healios does combine your data with other data of others to create reports about how we can improve our services that we may publish in a manner which does not identify individual clients.

If you are under 16 years of age we will require consent from an adult for you to receive care from Healios for our services, except ThinkNinja.

If you are under 16 years of age, you can use ThinkNinja without adult consent, and if available for your area, an additional text message chat feature within the app that allows you to text a Healios clinical team member. If you require further support features in the app, you may require adult consent.

This privacy policy will tell you about:

(a) how we look after and use your personal data provided to us in connection with healthcare services we provide to you or others; and

(b) your privacy rights under the data protection law including the General Data Protection Regulation (GDPR) (and data protection law made under that regulation) and how that law protects you.

(c) How we look after and use your personal data provided to us as a potential new user/customer in connection with general enquiries about our healthcare services

As we are collecting personal data about you, relevant laws protect your personal data and give you rights in relation to your data . Your ‘legal rights’ mean you can:

  • Request access to your personal data
  • Ask us to correct your personal data
  • Ask us to delete your personal data
  • Object to the processing of your personal data
  • Request restriction of processing of your personal data
  • Request the transfer of your personal data
  • Withdraw consent at any time

Each of these ‘legal rights’ and how Healios is collecting and protecting your data is explained in more detail in the next sections.

Details of our privacy policy

This privacy policy is provided in accordance with the requirements of the GDPR. It is divided into sections outlined below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy policy. 

1. Important information and who we are

Purpose of this privacy policy

This privacy policy aims to give you information on how Healios Limited collects and processes personal data in connection with healthcare services (including ThinkNinja) and any other services that you request from us or we provide to you or others, or from enquiries as a potential new customer.

It is important that you read this privacy policy together with any other privacy policy or fair processing notice, and other communications we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.  This privacy policy supplements the other notices and is not intended to override them.


Healios Limited (referred to as Healios, "we", "us" or "our" in this privacy policy) is a limited company with registration number 08459279. Healios is data controller of the personal data to which this privacy policy relates. 

We have appointed a data protection lead (“DPL”) whose role includes overseeing questions in relation to this privacy policy.  If you have any questions about this privacy policy, including any requests to exercise [your legal rights], please contact our DPO using the details set out below.

Contact details

Our contact details are:

Our full name:  Healios Limited

DPL contact name:  Richard Andrews

Email and postal address for contacting us and our DPL:

Email address:  dpo@healios.org.uk

Postal address:  Viceroy House, Unit 2, 2nd Floor, Mountbatten Business Centre, Millbrook Road East, Southampton, Hampshire, SO15 1HY

You have the right to make a complaint at any time to the Information Commissioner's Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to this privacy policy

This version was last updated on 6th March 2020 and historic versions can be obtained by contacting us.

The need for you to inform us of changes to personal data about you or others

It is important that the personal data we hold about you is accurate and current.  Please keep us informed if your personal data changes during your relationship with us by contacting us. Please using the contact details in the previous section.  

Similarly, it is important that the personal data we hold about others is accurate and current.  Please keep us informed if others’ personal data that you have given us changes during your relationship with us.