Privacy notice

AssessLogic Limited ("we", "us") is the data controller for personal data processed through the AssessLogic Evidence Platform. We comply with the UK GDPR and the Data Protection Act 2018.

1. Data we process

• Account data: name, email, professional registration (e.g. GMC).
• Assessment content entered by assessors, including pseudonymised claimant references.
• System logs, device, IP and audit trail metadata.

2. Lawful basis

We process personal data on the basis of contract performance, legitimate interest in providing a secure regulated service, and your consent where applicable.

3. Retention

Evidence packs are retained for 7 years from finalisation in line with UK clinical record retention guidance. Account data is retained for the lifetime of the account plus 12 months.

4. Your rights

You have the right to access, rectify, erase, restrict, port and object to processing of your personal data. Contact dpo@assesslogic.co.uk.

5. Sub-processors

We use UK-region cloud hosting and authentication providers under appropriate data-processing agreements. A current list is available on request.