Privacy Notice

PRIVACY NOTICE

Last updated: 08/01/2026 13:44

This privacy notice explains how EPIC (a medical training course) (“we”, “us”, or “our”) collects, uses, stores, and shares (“processes”) your information when you use our services (the “Services”), including when you:

• Visit our website at icued.online (or any website of ours that links to this privacy notice)

• Engage with us in other related ways

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you have any questions, please contact us at andrew.peeling@doctors.org.uk.

SUMMARY OF KEY POINTS

This summary highlights key points from this privacy notice. You can read the full notice below for more detail.

What personal information do we process? We may process personal information depending on how you interact with the Services, the choices you make, and the features you use.

Do we process any sensitive personal information? No. We do not process sensitive personal information.

Do we collect any information from third parties? No. We do not collect any information from third parties.

How do we process your information? We process your information to provide, improve, and administer our Services, to communicate with you, for security and fraud prevention, and to comply with the law. We may also process your information for other purposes with your consent. We only process your information where we have a valid legal basis.

In what situations do we share personal information? We may share personal information only in specific situations described in this notice.

How do we keep your information safe? We use organisational and technical measures to protect personal information. However, no online system can be guaranteed to be completely secure.

What are your rights? Depending on where you live, you may have rights relating to your personal information.

How do you exercise your rights? The easiest way is to contact us at andrew.peeling@doctors.org.uk. We will consider and respond to requests in line with applicable data protection laws.

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In short: We collect personal information that you provide to us.

We collect personal information you voluntarily provide when you register for the Services, express interest in our Services, participate in activities on the Services, or contact us.

Personal information provided by you

The information we collect depends on how you use the Services. It may include:

• Names

• Email addresses

• Job titles

• Usernames

• Passwords

• Responses to pre-course and post-course evaluations

• A record of curriculum items you have marked as “completed”

• Whether you have attended the MYEPIC course

• Whether you have completed the pre-course evaluation

• Session cookie information used only for session management when you log in

• Your training grade

Sensitive information

We do not process sensitive information.

Please ensure that any personal information you provide is accurate and up to date, and tell us if it changes.

2. HOW DO WE PROCESS YOUR INFORMATION?

In short: We process your information to provide, improve, and administer our Services, communicate with you, prevent fraud, maintain security, and comply with legal obligations. We may also process your information for other purposes with your consent.

We may process your personal information to:

• Create and manage user accounts (including account creation, login, and authentication)

• Provide and deliver the Services you request

• Send important administrative information (for example, updates to our terms or policies)

• Protect someone’s vital interests (for example, to help prevent harm in an emergency)

• In evaluation responses: to understand users’ experience of intensive care medicine, including confidence, experience, and knowledge in caring for patients in intensive care. Evaluation responses are directly attributable to each user and are used to assess these areas and improve the course.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In short: We only process your personal information when we have a valid legal basis under applicable law (for example, your consent, a contract, a legal obligation, vital interests, or legitimate interests).

The GDPR and UK GDPR require us to explain the legal bases we rely on. We may rely on:

• Consent: where you have given permission for a specific purpose (you can withdraw consent at any time).

• Contract: where processing is necessary to provide the Services or to take steps you request before entering a contract.

• Legitimate interests: where processing is reasonably necessary for our legitimate interests and does not override your rights.

• Legal obligations: where processing is required to comply with law.

• Vital interests: where processing is necessary to protect someone’s life.

Examples of legitimate interests may include measuring the effect of attending the course and improving it for the future.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In short: We may share information only in specific situations described in this section.

We may share personal information in the following situation:

• Business transfers: if we are involved in negotiations for a merger, sale of assets, financing, or acquisition.

• Attribution of feedback: were we deem it necessary, we may need to contact other relevant parties providing information about feedback you have given us, such as an educational supervisor or faculty member.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In short: We may use cookies and similar technologies to support the Services.

We may use cookies and similar technologies to help keep the Services secure, prevent crashes, fix bugs, save preferences, and support basic site functionality.

6. HOW LONG DO WE KEEP YOUR INFORMATION?

In short: We keep personal information only as long as necessary for the purposes described in this notice, unless a longer period is required by law.

We generally keep personal information for the period you have an account with us. When we no longer need it, we will delete or anonymise it where possible. If deletion is not possible (for example, in backups), we will store it securely and restrict further use until it can be deleted.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

In short: We use organisational and technical security measures to protect your information.

While we take reasonable steps to protect personal information, no method of transmission or storage is 100% secure. Using the Services is at your own risk, and you should access them in a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

In short: We do not knowingly collect data from, or market to, anyone under 18.

If we learn we have collected personal information from someone under 18, we will deactivate the account and take reasonable steps to delete the information. If you believe we may have collected such information, contact us at andrew.peeling@doctors.org.uk.

9. WHAT ARE YOUR PRIVACY RIGHTS?

In short: If you are in the EEA, UK, or Switzerland (and in some other regions), you may have rights that allow you greater access to and control over your personal information.

These may include the right to access, correct, delete, or restrict processing of your personal information, and the right to object to certain processing. To exercise your rights, contact us using the details below.

If you are in the EEA or UK, you may also complain to your relevant data protection authority (for the UK, the ICO). If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

Withdrawing your consent

If we rely on consent, you can withdraw it at any time by contacting us. This will not affect processing carried out before you withdrew consent, or processing based on other lawful grounds.

Account information

To review, update, or close your account, contact us using the details below. If you ask to close your account, we will deactivate or delete it from active systems, but may retain some information where necessary to prevent fraud, resolve disputes, enforce our terms, or comply with legal requirements.

Cookies and similar technologies

Most browsers accept cookies by default. You can usually choose to remove or reject cookies, but doing so may affect some features of the Services.

If you have questions about your privacy rights, email andrew.peeling@doctors.org.uk.

10. CONTROLS FOR DO-NOT-TRACK FEATURES

Some browsers and mobile devices offer a Do-Not-Track (DNT) setting. There is not currently a consistent industry standard for recognising DNT signals, so we do not respond to them. If a standard is adopted in the future that we must follow, we will update this notice.

11. DO WE MAKE UPDATES TO THIS NOTICE?

In short: Yes. We may update this notice to stay compliant with the law.

We may update this privacy notice from time to time. We will update the “Last updated” date at the top. If changes are material, we may notify you by posting a prominent notice or by contacting you directly where appropriate.

12. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, contact our Data Protection Officer by email: andrew.peeling@doctors.org.uk.

EPIC
Data Protection Officer
Andrew Peeling
andrew.peeling@doctors.org.uk

13. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

You have the right to request access to the personal information we collect about you, details of how we have used it, to correct inaccuracies, or to request deletion. You may also have the right to withdraw consent where consent is the legal basis for processing. These rights may be limited by law.

To make a request, please contact us at andrew.peeling@doctors.org.uk.