Last updated: January 2026
This Privacy Policy explains how Cognati Ltd (trading as Cubiq Cloud) (“Cubiq Cloud”, “we”, “us”) collects and uses personal data and the rights of individuals under UK data protection law.
We are committed to protecting personal data and complying with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.
Company: Cognati Ltd (trading as Cubiq Cloud)
Registered number: 13081108
Registered office: 20 Egerton Close, London, HA5 2LP, United Kingdom
Email: info@cubiqcloud.com
We are a UK-based provider of healthcare customer relationship management and practice management software.
We act in two capacities:
This Privacy Policy applies to personal data for which we act as Data Controller. Where we act as Data Processor, processing is governed by our Data Processing Agreement with the relevant customer.
Depending on your relationship with us, we may collect and process:
We do not determine the content of patient records or clinical data held in the Cubiq Cloud platform. That data is controlled by our customers.
We collect personal data directly from you (for example when you contact us or create an account) and from your organisation. We may also receive business contact details from publicly available sources and professional networks.
We use personal data to:
| Purpose | Lawful Basis |
|---|---|
| Providing and administering services | Performance of a contract |
| Customer and supplier management | Performance of a contract |
| Billing and accounting | Legal obligation |
| Responding to enquiries and support | Legitimate interests |
| Product improvement and security | Legitimate interests |
| Marketing communications | Consent or legitimate interests (where permitted) |
| Website analytics | Legitimate interests or consent (via cookies) |
Where we rely on legitimate interests, we have balanced those interests against individuals' rights and freedoms.
We may send marketing communications to business contacts about our services where permitted by the Privacy and Electronic Communications Regulations (PECR). You can opt out at any time using the unsubscribe link or by contacting info@cubiqcloud.com. Service communications are not marketing and cannot be opted out of.
We may share personal data with:
All providers act under contract. We do not sell personal data.
We host data using Amazon Web Services. Personal data may be stored or accessed outside the UK or EEA. Authorised personnel in Indonesia may access systems for development and support. Where transfers occur, we use the UK IDTA and/or UK SCC Addendum and maintain Transfer Risk Assessments.
We retain personal data only as long as necessary:
Marketing data is retained until you opt out.
You have the right to access, rectify, erase, restrict, object, port data, withdraw consent, and complain to the ICO.
Note: Where we act as Processor, requests should be directed to the relevant healthcare provider.
Where we require personal data to enter into a contract with you or your organisation, failure to provide that data may mean we are unable to provide our services.
We do not carry out solely automated decision-making or profiling that produces legal or similarly significant effects.
Our services are intended for use by professionals. We do not knowingly collect personal data directly from children.
Our website uses cookies for functionality, analytics, and marketing where permitted. You can manage preferences via your browser or site tools.
You may contact us first or lodge a complaint with the Information Commissioner's Office:
Website: ico.org.uk
Telephone: 0303 123 1113
We may update this Policy from time to time. The latest version will be published on our website.