Effective date: 1 January 2026 · Version 1.0
1. Who We Are
The Personal Health Passport ("the Platform", "we", "us") is operated by Darren Carter as an independent digital health-record tool. It is not a regulated medical device and is not operated by or affiliated with the National Health Service (NHS). Correspondence: contact@personalhealthpassport.co.uk.
2. What Data We Collect
We collect only the information you actively provide:
- Account data: your name and email address, used solely to identify your account and let you log in.
- Health passport data: every entry you make across all sections of the passport — clinical logs, medications, contacts, appointments, vitals, and notes. This data is provided by you, about you, and is stored exclusively for your use.
- Technical data: a hashed authentication token stored in your browser's local storage to maintain your session. No IP addresses, browser fingerprints, or behavioural analytics are collected.
3. How We Store and Protect Your Data
All data in transit between your browser and our server is encrypted using TLS (HTTPS). Data at rest is stored in a private MySQL database on a UK-based Virtual Private Server. Passwords are hashed using bcrypt with a cost factor of 12 — plain-text passwords are never stored or accessible. Session tokens are stored as SHA-256 hashes in the database; the raw token is held only in your browser's local storage.
Health records are stored in a structured JSON format linked to your account and are not human-readable without database access credentials, which are not shared with any third party.
4. Absolute Guarantee — Your Data Is Never Sold or Commercialised
We do not sell, licence, rent, share, or otherwise commercialise any data you enter into the Personal Health Passport. Your health records are not used for advertising, profiling, analytics resale, research aggregation, or any commercial purpose of any kind. This guarantee is absolute and unconditional. We do not use any third-party analytics platform, advertising SDK, or behavioural tracking tool that would receive your data.
5. Local Storage and Browser Data
The Platform stores the following in your browser's local storage:
- Authentication token (
pp_token) — a random 64-byte token used to restore your session after it expires server-side, without requiring you to re-enter your password.
- Preference flags — small key-value pairs that record which Daily Log modules are active, which condition panels are expanded, and your last-visited section. These are not transmitted to the server and exist only to improve your experience on the current device.
- Gateway acknowledgement (
pp_gateway_seen_v1) — a flag confirming you have read the onboarding information. Cleared if you clear your browser data.
Clearing your browser's local storage will log you out and reset preferences, but will not delete your passport data, which remains on the server linked to your account.
6. Data Retention and Deletion
Your account and passport data are retained for as long as your account is active. To request deletion of your account and all associated health records, contact us at contact@personalhealthpassport.co.uk. Deletion is permanent and irreversible. We will process verified deletion requests within 30 days.
7. Your Rights (UK GDPR)
As a UK resident you have the right to access, correct, export, restrict processing of, or erase the personal data we hold about you. To exercise any of these rights, contact us by email. We do not use automated decision-making or profiling. You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your rights have not been respected.
8. Third Parties
The Platform loads the QRCode.js library from a content delivery network (CDN) solely to generate QR codes within your browser. No health data is sent to this CDN — QR generation is entirely client-side. No other third-party services, scripts, or APIs receive any user data.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via the onboarding gateway on your next login. Continued use of the Platform after any update constitutes acceptance of the revised policy.
Effective date: 1 January 2026 · Version 1.0
1. Agreement to Terms
By creating an account and using the Personal Health Passport ("the Platform"), you agree to be bound by these Terms and Conditions. If you do not agree, you must not use the Platform. These Terms govern your use of the Platform in its entirety, including all sections, features, exports, and associated functionality.
2. Eligibility
The Platform is intended for use by adults aged 16 and over. If you are under 16, a parent or guardian must register and manage your account on your behalf. By registering, you confirm that the information you provide is accurate and that you are eligible to use the Platform.
3. Account Security
You are solely responsible for maintaining the confidentiality of your account credentials. You must not share your password with any other person. If you suspect your account has been accessed without your authorisation, you must change your password immediately and notify us at contact@personalhealthpassport.co.uk.
We recommend using a strong, unique password for your Health Passport account given the sensitivity of the data stored within it. We will never ask for your password by email, telephone, or any other channel.
4. Acceptable Use
You may use the Platform solely for its intended purpose: recording, organising, and presenting your own personal health information. You must not:
- Use the Platform to store information about any other person without their explicit consent.
- Attempt to gain unauthorised access to any other user's account or data.
- Use the Platform in any way that could compromise the security, integrity, or availability of the service.
- Submit false or misleading information that could result in harm to yourself or others if relied upon clinically.
- Use the Platform for any commercial purpose, including reselling access or using it as part of a paid service.
5. No Medical Advice — Clinical Decisions Remain with Your Care Team
The Platform is a personal record-keeping and organisational tool only. Nothing within the Platform — including informational reference cards, clinical terminology, threshold guidance, or structured data fields — constitutes medical advice, diagnosis, or treatment recommendation. All clinical decisions, treatment changes, and emergency responses must be directed by qualified healthcare professionals.
Self-tracked logs entered into this Platform do not replace, substitute, or supersede the professional clinical judgement of your GP, consultant, specialist nurse, or any other registered healthcare professional. Always follow the advice of your clinical team.
6. Limitation of Liability
To the fullest extent permitted by applicable law, the Personal Health Passport and its operator accept no liability for:
- Clinical decisions made on the basis of information stored or displayed within the Platform.
- Loss of data due to failure to press Save, browser data clearance, or device failure.
- Interruption of service due to server maintenance, hosting failures, or circumstances beyond our reasonable control.
- Any harm arising from reliance on reference information displayed within informational cards or guide panels.
Your use of the Platform is entirely at your own risk. The Platform is provided "as is" without warranties of any kind, express or implied.
7. Intellectual Property
All software, design, text, and structural elements of the Platform are the intellectual property of the operator. You may not copy, reproduce, distribute, or create derivative works from the Platform without express written permission. Your health data remains entirely your own — we claim no ownership over any personal information you enter.
8. Termination
We reserve the right to suspend or terminate any account that violates these Terms. You may delete your account at any time by contacting us. Upon termination, all associated data will be permanently deleted from our systems within 30 days.
9. Governing Law
These Terms are governed by and construed in accordance with the laws of England and Wales. Any disputes arising from your use of the Platform shall be subject to the exclusive jurisdiction of the courts of England and Wales.
10. Changes to These Terms
We may update these Terms from time to time to reflect changes in the Platform, applicable law, or operational requirements. Material changes will be communicated via the onboarding gateway on your next login. Your continued use of the Platform following any update constitutes acceptance of the revised Terms.
Effective date: 1 January 2026 · Version 1.0
1. Our Approach to Cookies
The Personal Health Passport is built on a principle of minimal data collection. We use no advertising cookies, no tracking cookies, no analytics platforms, and no third-party profiling tools of any kind. This policy describes the small number of strictly functional storage mechanisms required to make the Platform work.
2. What We Use and Why
The Platform uses browser local storage — not traditional HTTP cookies — for all client-side persistence. Local storage entries are never transmitted to third parties and exist solely on your device.
| Storage Key | Purpose | Expires |
|---|
pp_token |
Authentication token. Keeps you logged in between sessions without requiring your password each time. Linked to a hashed record in our database — invalid if you log out or the server invalidates it. |
30 days from last login, or on explicit sign-out |
s11_modules |
Records which Daily Log add-on modules (e.g. COPD, POTS, Blood Glucose) you have activated. Stored locally for instant page rendering; also persisted to the server as part of your preferences. |
Persistent (until cleared) |
src_toggle_* & s15_toggle_* |
Records which condition panels (Rare Diseases, Women's Health, Men's Health) you have expanded or enabled. Improves page-load experience by restoring your toggle state instantly. |
Persistent (until cleared) |
pp_gateway_seen_v1 |
Records that you have acknowledged the onboarding gateway. Prevents the introduction screen from reappearing on every login once you have confirmed you have read it. |
Persistent (until cleared) |
pp_last_section |
Remembers which section of the passport you were last viewing so you are returned to the same place on your next session. |
Persistent (until cleared) |
3. Server-Side Session Cookie
PHP, the server-side language powering the Platform, creates a standard session cookie (PHPSESSID) in your browser when you log in. This cookie contains only a random session identifier — it holds no personal data and is used purely to link your browser request to your server-side session. It is a strictly necessary functional cookie that cannot be disabled without preventing login entirely. It expires when you close your browser tab or explicitly sign out.
4. What We Do Not Use
- No Google Analytics, Matomo, or any other web analytics platform.
- No advertising or retargeting cookies of any kind.
- No social media pixels (Facebook, X/Twitter, LinkedIn, etc.).
- No third-party tracking scripts or SDKs, with the sole exception of the QRCode.js CDN library used for client-side QR code generation (no data is transmitted to this CDN).
- No cross-site tracking identifiers.
5. Managing and Clearing Storage
You can clear all local storage entries at any time through your browser settings (typically under Privacy & Security → Clear browsing data → Local storage and cookies). Doing so will log you out and reset your dashboard preferences, but will not delete your passport data, which remains on the server linked to your account.
Because we use only strictly necessary functional storage, there is no cookie consent banner — these mechanisms are legally exempt from opt-in requirements under UK PECR as they are essential to the operation of the service you have requested.
6. Changes to This Policy
We will update this Cookie Policy if we introduce any new storage mechanisms. Any meaningful changes will be communicated via the onboarding gateway on your next login. We commit to never introducing advertising, tracking, or analytics cookies without explicit, informed consent.
