Privacy Notice


X-on Health ensures that all data acquired during any interaction with people who enquire via our website site or by any other means, or from our customers and suppliers, is completely protected and when necessary is stored securely within our encrypted networking environment.

Only data needed to engage with any of the aforementioned contacts is stored, with our systems fully configured for the protection of an individual’s data and consequently their privacy.

Enquirers and customers supply required data willingly, but retain ownership and control of their data.

X-on Health business processes include a credit check of all customers. This information remains confidential and is protected in accordance with our privacy policy.


It is important to understand that X-on Health only controls the personal data we hold to maintain our business, e.g. customer and employee details, but where our services are concerned, the customer data associated with that service remains under the control of the customer.  X-on Health processes customer data on their behalf.


Personally identifiable data held by X-on Health can be reviewed at any time by contacting us.  In line with our privacy policy, we will take steps to correctly identify the contact before accessing or changing that data.


Customers who no longer utilise X-on Health services, or people who have enquired about X-on Health services, have the ‘right to be forgotten’ at any time by contacting us. In line with our privacy policy, we will take steps to correctly identify the contact before removing that data.  While a customer X-on Health needs agreed personal data to maintain that customer’s service.


X-on Health are accredited by a number of organisations, accreditations which are regularly audited, and which attest to the high levels of data security maintained by X-on Health, e.g. ISO9001 (Quality Management of Systems requirements), ISO27001 (Information Security Management Standards), ICO (Data Protection Act compliance), IGT (NHS digital services access requirements), are a Crown Commercial Service Supplier and are PCI-DSS (credit card security rules) Level 4 providers.

If you have concerns regarding how X-on Health handles your data, please contact us to discuss, otherwise you can opt to leave the website and not engage with X-on Health.


The X-on Health website does not collect any personal information. Only if you enquire via the contact form, or by calling us, do X-on Health retain any personal information, and only that supplied to us. We do not supply that information to any third party.

Cookies are small files stored in your web browser which can add functionality to a website.
Cookies can also be used to gather anonymous statistical information on website usage such as page visits, visitor location etc. This information is completely anonymous and no personal information is included in these statistics.


The X-on Health website only employs analytical cookies to provide us with site statistics, we do not use cookies for any other purpose. We use the data to improve the design and content of our website, thereby enhancing the user experience.

If you prefer that cookies not be stored on your computer you can change your web browser Preferences/Settings to block cookies. You can usually block permanently, or choose that cookies are deleted when you close the browser. More information here.


X-on Health has adopted the Autotask, Datto Inc CRM platform for maintaining health customer records and as the service desk tool for all customers. The Datto Privacy Policy can be found here

X-on Health employs Google Business Services as part of its business procedures. As a general rule customer data is not retained in this environment, though customers may be referenced in internal documentation. The Google Privacy Policy can be found here.


With permission, we may contact customers occasionally regarding our services via email or telephone. Recipients can unsubscribe via a link in the email, or by calling us on 0333 332 0000 to request removal from our marketing database. We do not provide marketing contacts for use by any third party.


X-on Health records the Calling Line Identification (CLI) information of callers. The CLI enables us to improve the efficiency of our services and also drives some features such as screen pop-ups on customer interfaces.


If we are provided with content, which is intended to be made publicly available, such as a blog, case study or press release, we cannot be held accountable for any third-party use or dissemination.


Information retained by X-on Health as part of an Affiliate or Reseller relationship is for business use only. We do not use that information in any other capacity, and expect reciprocity of information confidentiality.


When requested by the relevant legal authorities, and with the proper authorisation such as a search warrant or court order, and within the scope of the Regulation of Investigatory Powers Act, X-on Health may be required to pass on personal information.
X-on Health’s privacy policy has been compiled to comply with the law of every jurisdiction where we interact with personal data. Where there are concerns regarding that compliance please contact us to advise, so that we may address the issue.


Information sent when seeking employment at X-on Health may be retained for up to a year. This is to assess CVs against any current position, or new position that might arise in the future.
The details of anyone employed by X-on Health are retained during the period of employment, in order to properly engage with that employee, with that data retained for up to 6 years.

Under 18’s

Under 18′;s can only engage with X-on Health with the consent of a parent or supervising adult.

Third Parties

X-on Health do not rent or sell any personal data we hold for any reason whatsoever. All data is held in tightly controlled secure environments with authorised access only.

UK Data

Personal data is not transferred outside the UK except where contractually agreed.


Anyone who has concerns about the handling of their data by X-on Health, and who have not had those concerns addressed to their satisfaction by our Data Protection Officer can contact the appropriate supervisory authority including ICO (Information Commissioner’s Office).