top of page

PRIVACY POLICY

Flux Medical Limited (trading as Lazomis QI)
Company Number: 16158150
England and Wales

Last updated: 22 February 2026

1. Who We Are

Flux Medical Limited, trading as Lazomis QI (“we”, “us”, “our”), operates the Lazomis QI platform (the “Platform”).

We are registered in England and Wales under company number 16158150.

For the purposes of UK data protection law, we act as:

  • Data Controller for personal data relating to user accounts and platform administration.

  • Data Processor where healthcare organisations upload patient-level data for audit or quality improvement purposes (unless otherwise agreed in writing).

Contact email: [Insert Email]
Website: [Insert URL]

2. Scope of This Policy

This Privacy Policy explains how we collect, use, process, and protect personal data when you:

  • Use the Lazomis QI website

  • Create an account

  • Use QI tools or audit modules

  • Submit data to the Platform

  • Communicate with us

3. Types of Data We Collect

3.1 User Account Data

We may collect:

  • Name

  • Professional title

  • Email address

  • Organisation

  • Role

  • Login credentials

  • Usage activity logs

3.2 Project and Audit Data

Users may enter:

  • Service-level clinical data

  • Audit metrics

  • Structured inpatient review data

  • Operational and pathway data

The Platform is not designed for the storage of identifiable patient data unless explicitly configured for that purpose.

Users are responsible for ensuring:

  • No identifiable patient data is uploaded without a lawful basis

  • Appropriate governance approvals are in place

3.3 Technical Data

We may automatically collect:

  • IP address

  • Browser type

  • Device information

  • Log data

  • Platform interaction data

  • Cookies and analytics data

4. Lawful Bases for Processing

We process personal data under the following lawful bases:

  • Contractual necessity – to provide access to the Platform.

  • Legitimate interests – to improve and develop the Platform.

  • Legal obligation – where required by law.

  • Consent – where explicitly obtained.

Where we act as Data Processor, the healthcare organisation determines the lawful basis for patient-level data processing.

5. How We Use Personal Data

We may use personal data to:

  • Provide access to the Platform

  • Maintain user accounts

  • Provide support

  • Improve platform functionality

  • Develop new QI tools

  • Generate anonymised benchmarking analytics

  • Monitor security and prevent misuse

  • Comply with legal obligations

We do not sell personal data.

6. Anonymised and Aggregated Data

We may use anonymised and aggregated data to:

  • Develop national benchmarking datasets

  • Improve algorithms and scoring systems

  • Produce research and publications

  • Create statistical models

  • Develop commercial analytics products

Anonymised data:

  • Does not identify individual patients

  • Does not identify individual clinicians

  • Does not identify organisations without explicit consent

Once data is fully anonymised, it is no longer considered personal data under UK GDPR.

7. Data Sharing

We may share personal data with:

  • Hosting and cloud service providers

  • IT infrastructure providers

  • Professional advisers (legal, accounting)

  • Regulators where legally required

All third-party processors are required to:

  • Maintain confidentiality

  • Implement appropriate security measures

  • Process data only on our instructions

We do not share identifiable data with third parties for marketing purposes.

8. International Transfers

Where data is transferred outside the UK:

  • Appropriate safeguards will be implemented

  • UK-approved transfer mechanisms will be used

9. Data Retention

We retain personal data:

  • For as long as your account is active

  • As necessary for legal, regulatory, or contractual purposes

  • As required for legitimate platform development

Anonymised aggregated data may be retained indefinitely.

10. Data Security

We implement appropriate technical and organisational measures to protect data, including:

  • Access controls

  • Encryption where appropriate

  • Secure hosting environments

  • Role-based permissions

  • Audit logs

However, no internet-based service is completely secure, and we cannot guarantee absolute security.

11. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure (where applicable)

  • Restrict processing

  • Object to processing

  • Data portability (where applicable)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

ICO website: https://ico.org.uk

Where we act as Data Processor, requests relating to patient-level data should be directed to the relevant healthcare organisation (the Data Controller).

12. Cookies and Analytics

We may use cookies to:

  • Improve user experience

  • Analyse platform usage

  • Maintain security

Users may adjust browser settings to control cookies.

A separate Cookie Policy may apply.

13. Children

The Platform is intended for professional healthcare users and is not directed at children.

14. Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will always be available on our website.

15. Contact Us

Flux Medical Limited
Trading as Lazomis QI
Company Number: 16158150

Email: info@fluxmedical.co.uk
Website: https://www.lazomis.co.uk

bottom of page