Nation Clinic logo
MyScan Built with Nation Clinic expertise
How it works What it measures Pricing Privacy & safety FAQ

MyScan – Privacy Policy

Last updated: 13-11-2025

This Privacy Policy explains how MyScan, a biometric scanning module within the Nation Clinic digital ecosystem, processes and protects personal, biometric, and health-related data. The service is operated by:

NATION CLINIC LTD

Company Number: 16033377
25 Park Lane, London, United Kingdom, W1K 1RA

By using MyScan, you agree to the practices described in this policy.

1. What MyScan Is

MyScan is a mobile biometric scanning feature that uses your device’s front-facing camera and an embedded on-device biometric processing engine to derive physiological indicators such as:

  • Heart rate
  • Heart rate variability
  • Respiratory rate
  • Blood pressure (estimated)
  • Oxygen saturation (SpO₂)
  • Stress index
  • Interbeat interval
  • BMI
  • Metric confidence scores
  • Other derived physiological parameters

MyScan is not a diagnostic tool. It supports screening, monitoring, and structured escalation inside the Nation Clinic platform.

2. Data We Collect

MyScan collects only the data required to perform scans, maintain safety, and store results in your clinical record.

2.1 Biometric & Physiological Data (Generated During Scan)

Extracted locally on your device:

  • Heart rate, HRV, respiratory rate
  • Blood pressure estimates
  • SpO₂
  • Stress index
  • Interbeat interval
  • BMI (from height/weight input)
  • Per-metric confidence scores
  • Scan duration
  • Lighting and quality indicators

No raw images or video are stored or transmitted.
The camera feed is processed locally and then discarded.

2.2 Technical & Device Metadata

Submitted with each validated result:

  • Device model and OS version
  • App version
  • Biometric engine version
  • Timestamp
  • Unique session ID
  • Consent record reference

2.3 Patient Inputs Required for Measurement

These may be retrieved from your stored profile or entered manually:

  • Age
  • Gender
  • Height
  • Weight

These inputs help produce accurate biometric readings.

2.4 Authentication Information

MyScan operates inside the Nation Clinic app and requires secure user authentication.
A valid authenticated session is required to:

  • Start a scan
  • Submit results
  • Retrieve your scan status
  • Confirm consent

MyScan itself does not store login credentials or passwords.

2.5 Consent Records

Before your first scan, you must provide explicit biometric consent, covering:

  • Activation of the front-facing camera
  • Processing of facial signals into physiological measurements
  • Storing results in your Nation Clinic medical record
  • Automated triage/escalation when values exceed safety thresholds

Consent logs include:

  • User ID
  • Timestamp
  • Consent version
  • Locale/language
  • Linked scan session ID

Consent can be revoked at any time; this disables MyScan.

3. How Your Data Is Used

3.1 Performing the Scan

Your device’s biometric engine processes facial signals to produce structured physiological data. This occurs entirely on-device.

3.2 Validating & Storing Results

After a scan:

  • The app validates the result structure and confidence levels
  • Valid results are securely transmitted to the MyScan backend
  • Data is transformed into Nation Clinic’s openEHR-compliant medical record format
  • The result is stored within the MyRecords module

3.3 Automatic Clinical Triggering

If your values exceed approved clinical thresholds:

  • A trigger event is generated
  • Alerts may be routed to:
    • MyDoctors (for clinician review)
    • MyBody (for trend monitoring)
    • Automated follow-up questionnaires (secure chat)

All trigger rules follow Nation Clinic’s clinical governance framework.

3.4 Result Display & Patient Feedback

You receive a summary with:

  • Normal
  • Borderline
  • Flagged

Messages are supportive, non-alarmist, and clinically safe.

3.5 Safety, Monitoring & Governance

Operational events are logged to:

  • Monitor scan quality
  • Detect errors (e.g., low confidence)
  • Support clinical audit trails
  • Maintain regulatory compliance

No images or raw biometric footage are ever logged.

4. Data Protection & Security

4.1 On-Device Camera Processing

  • No video/images leave your device
  • Only extracted numerical and metadata fields are transmitted

4.2 Encrypted Transmission

  • All communication uses secure encrypted channels (TLS 1.3)
  • Only validated JSON results are sent to backend systems

4.3 Secure Storage

  • Results stored in encrypted, dedicated clinical record systems
  • AES-256 encryption at rest
  • Strict access controls based on user permissions

4.4 Access Restrictions

Only authenticated and authorised Nation Clinic users can perform scans or access scan data.

5. Logging & Audit Trails

MyScan maintains a complete, regulatory-compliant audit trail of biometric operations.
Logged events include:

  • Consent provided
  • Scan started
  • Biometric engine initialised
  • Local result generated
  • Validation outcome
  • Result submission
  • Trigger evaluation
  • Storage confirmation
  • Error states, retries, failures
  • Session completion

Each log includes:

  • Timestamp
  • User ID
  • Session ID
  • Event type
  • Status or error details
  • Trigger codes (if relevant)

Logs are retained for at least 12 months.
No facial imagery or raw camera data is ever logged.

6. How We Share Data

We do not sell data.
We do not share data for advertising or marketing.

6.1 Internal Nation Clinic Modules

Your scan data may be shared securely with:

  • MyRecords – clinical record storage
  • MyDoctors – clinician triage and follow-up
  • MyBody – trends and insights
  • Automated Chat – structured questionnaires following flagged results

6.2 No External Biometric Vendor Data Transfer

MyScan does not transmit identifiable data, imagery, or raw signals to any external biometric provider.

6.3 Regulatory, Clinical or Legal Requirements

Where required by law, we may share data with regulators or authorities in line with medical data protection rules.

7. Data Retention

  • Biometric results are retained as part of your medical record under applicable healthcare retention laws (NHS/GDPR).
  • Operational logs are retained for at least 12 months.
  • Consent records are retained for audit and compliance.
  • Deletion requests are processed through the medical record system and must follow clinical retention rules.

8. Your Rights

You may be entitled to:

  • Access your data
  • Correct inaccurate information
  • Request deletion (where legally possible)
  • Withdraw consent (which disables MyScan)
  • Request a copy of your data
  • Restrict or object to certain processing
  • File a complaint with the ICO or your local data protection authority

Revoking consent removes your ability to use MyScan but does not remove medically required records.

9. Clinical Disclaimer

  • MyScan is not a diagnostic tool
  • Results are for screening and monitoring only
  • Any interpretation or medical action occurs via qualified Nation Clinic clinicians
  • Messages in the app do not constitute medical advice

10. Updates to This Policy

This Privacy Policy may be updated to reflect:

  • System changes
  • New features
  • Updated clinical rules
  • Regulatory changes

The “Last Updated” date will indicate the latest version.

11. Contact

NATION CLINIC LTD
25 Park Lane, London, United Kingdom, W1K 1RA
Company No. 16033377
Email: [email protected]

© Nation Clinic Ltd · All rights reserved.
MyScan Privacy Policy · MyScan Terms of Use