Storii & StoriiCare Privacy Policy

Quick Navigation

General

This notices applies to all websites, apps and services that Storii Global, Inc. Trading as “Storii” and “StoriiCare” own worldwide. Storii Global, Inc. is the parent company of both Storii's operating US subsidiary Storii, Inc. and its UK subsidiary Lifelinked Ltd.

We are committed to protecting and respecting your privacy.

This Privacy Policy provides you with information about the types of personal data that we collect from you or your business and how we use that personal data. Words used in this Privacy Policy have the same meaning as is attributed to them in the www.storii.com/terms.
In order to provide our services to you and to promote our business, we will need to collect and process certain personal information about you and your clients.

We are committed to protecting the privacy and security of your personal information, in accordance with the applicable data protection laws, including the General Data Protection Regulation, together the “Data Protection Laws”. This privacy policy describes how we collect and use personal information about you during and after our relationship with you, as appropriate.

When we say ‘personal data’ we mean identifiable information about you or other users, like your name, email, address, telephone number, support queries and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice does not apply.

For US based clients, some of the Personal Information provided by you or collected by us may be “protected health information” that is governed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Although StoriiCare is not a “covered entity” under HIPAA, StoriiCare is subject to certain aspects of HIPAA when performing services on behalf of a covered entity, such as skilled nursing facilities and healthcare providers. StoriiCare is considered a “business associate” under HIPAA when providing services to “covered entities.” StoriiCare will comply with applicable HIPAA requirements under those circumstances and its uses and disclosures of applicable Personal Information, including Health Information, will only be made in accordance with HIPAA and StoriiCare’s contracts with covered entity clients.

Data controller

For the purposes of the Data Protection Act 1998 and the GDPR, the Data Controller is Lifelinked Limited trading as “Storii” and “StoriiCare” (Company Number SC490896) having its registered address at StoriiCare, 5 South Charlotte Street , Edinburgh,EH2 4AN. We are registered as a data controller with the Information Commissioner’s Office (ZA182832).

Ownership of Data

You have complete control over the information and content you provide to Storii or StoriiCare. You can modify, export, or delete any content you have added. You can also delete your account by contacting us at team@storii.com—though we’d love for you to stay.
If you do not already have a relationship with us, we may hold limited personal information about you so that we may contact you to promote our products and/or services.
For the purposes of the applicable Data Protection Laws, Lifelinked Limited is the data controller of your personal data collected in connection with your use of our platform.

Information We Collect

When you access and use, register an Account or otherwise interact with Storii or StoriiCare or any affiliated Storii product, we may collect some or all of the following information about you:

  • your name, date of birth and gender
  • email address
  • multimedia
  • interests
  • location
  • names of family and friends
  • occupation
  • important dates in your life
  • phone number for multiple uses including Connection updates and abandoned cart SMS updates
  • content associated with you
  • any correspondence between you and Storii and StoriiCare
  • information about your use of Storii and StoriiCare
  • technical information, including the internet protocol (IP) address used to connect your computer or mobile device to the internet, type of mobile device you use, a unique device identifier, mobile network information, your login information, browser type and version you use, browser plug-in types and versions, operating system and platform

    We use this information to allow you to use Storii and StoriiCare, and to send you updates and information about our products and services.

Information Obtained From Third-party Services

When you link a third-party service, like Facebook, we may collect and store personally identifying information and data that you have provided to that third-party service, and consented to having shared with services like Storii. We may use this third-party information to help you easily connect with friends and family. In order to backup your content and make it available to those people and networks you choose to share with, we store the content you share on Storii and StoriiCare. We may also store information such as :

  • information about your visit to our Website, including the full uniform resource locators (URL) clickstream to, through and from our Website (including date and time); pages you viewed or information you searched for; page response times, download errors, length of visits to certain pages and
  • details of your visits to other websites via our Website.

How Do We Use Your Information

We do not share or sell phone numbers we collect or the consent we receive with 3rd parties.

Your personal data will be collected, processed, stored and used by us to:

  • provide you as a user with the Storii or StoriiCare platform
  • to tailor aspects of your experience
  • to identify you and manage your account
  • to generally improve Storii and StoriiCare
  • to associate your Account and your User Content with you
  • to provide customer support
  • to promote our business and market our services
  • to manage our business, including accounting and auditing purposes
  • to conduct group reporting on the performance and usage of our platforms
  • to maintain our IT systems and manage hosting of our data
  • to comply with our regulatory obligations
  • to contact you by email and mobile
  • to provide those you have given access to updates via email
  • in connection with the prevention and detection of fraud and other crime
  • Data that is made public can be used by Storii and StoriiCare for marketing purposes


We may use automatically collected anonymous information about your use of Storii and StoriiCare.
We will not share the personal information we have collected from you, except as described below:

  • With users you have granted access to on Storii or StoriiCare
  • With service providers who may be working with us to help provide Storii
  • When you provide consent to do so
  • To provide those you have given access to updates via email
  • Data that is made public can be used by Storii or StoriiCare for marketing purposes
  • When we believe that we are lawfully required to do so
  • In connection with, or during negotiations of, any merger, company sale, financing or acquisition, where personal information may be disclosed or transferred as one of Storii or StoriiCare’s business assets
  • To protect the rights, property or safety of Storii and StoriiCare or our users

If you have provided us with your individual contact details (for example, your personal email address), we will rely on your consent to send you electronic communications such as our newsletters and emails with information about our products and/or services.

Some of the above grounds and purposes for processing will overlap and there may be several grounds which justify our use of your personal information.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Storii.com Use of Third-Party AI Services

At Storii.com, we leverage advanced Artificial Intelligence (AI) technologies to enhance our services and provide you with a seamless experience. To support this, we partner with leading AI service providers, including AssemblyAI and OpenAI, known for their cutting-edge language processing and content generation capabilities.

AssemblyAI

We utilize AssemblyAI for its speech-to-text services, enabling us to offer features such as voice commands and audio content transcription. This integration allows us to provide more accessible and user-friendly interfaces for all our users.

Data Sharing and Privacy:

  • When you use voice-enabled features on Storii.com, your audio recordings may be transmitted to AssemblyAI for transcription.
  • We ensure that all data shared with AssemblyAI is done so securely, with measures in place to protect your privacy and confidentiality.
  • AssemblyAI is committed to user privacy, and their processing of our data is governed by strict data protection agreements and privacy standards that align with our privacy commitments to you.

OpenAI

OpenAI's technology powers several of our content generation and language understanding features, helping us to deliver personalized content and support to our users.

Data Sharing and Privacy:

  • In utilizing OpenAI services, certain user inputs and interactions may be processed to generate responses or content tailored to your preferences and needs.
  • We take great care to share only the necessary information with OpenAI, ensuring it is done in a manner that upholds our privacy standards.
  • OpenAI adheres to high privacy and security standards, and our partnership is designed to respect the confidentiality of your information, with all data processing conducted under stringent data protection protocols.

Commitment to Privacy

Your privacy is of utmost importance to us. In incorporating services from AssemblyAI and OpenAI, we are dedicated to maintaining transparency, securing your data, and upholding our privacy principles. We regularly review and update our practices to ensure compliance with the latest data protection laws and standards.

  • User Consent: We obtain explicit consent from our users for the processing of their data by these third-party services, ensuring you have control over your personal information.
  • Data Anonymization: Where possible, we anonymize the data sent to AssemblyAI and OpenAI to further protect your privacy.
  • Right to Opt-Out: You have the right to opt-out of specific features that utilize AssemblyAI and OpenAI services, providing you with choices about how your data is used.

Transfer of Data

To the best of our ability, this data is transferred over a secure connection and stored redundantly on multiple servers across multiple facilities.

Transfers of your information out of the EEA:
We may need to transfer your personal data outside the European Economic Area (EEA), for example, if one of our suppliers or group companies is located outside the EEA. We will ensure that any transfer of your data will be subject to appropriate safeguards, such as a European Commission approved contract (if appropriate) that will ensure you have appropriate remedies in the unlikely event of a security breach.

Your rights

Your duty to inform us of changes:
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us.

Your rights in connection with personal information:
Under certain circumstances, by law, you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a confirmation from us as to whether we process any of your personal information or not, and if this is the case, to receive a copy of such personal information and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information (often referred to as “the right to be forgotten”). This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it, or if we no longer need your data for our legitimate interests but we need to hold some of it for the purpose of legal proceedings.
  • Request the transfer of your personal information to another party.

If you would like to exercise any of the above rights, please:

  • email, call or write to us (see our contact details below);
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill). This is to allow us to verify your identity and prevent disclosure to unauthorised third parties; and
    let us know the details of your request, for example by specifying the personal data you want to access, the information that is incorrect and the information with which it should be replaced.
    Please note that if you request erasure, object to our processing of your personal data or request the restriction of our processing of your personal data we may not be able to provide our services and we may need to deactivate your account on our Website.

    You also have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at: support@storii.com. You can always unsubscribe from our email communications at any time by following the unsubscribe link in our email communications, or by updating your email preferences on your profile on our Website.

National Data Opt-Out Compliance (UK)

StoriiCare complies with the UK National Data Opt-Out policy, which allows individuals to prevent their confidential patient information from being used for research and planning purposes beyond their direct care.

If you are receiving health or social care services in England and wish to opt out of your data being shared for these purposes, you can manage your preferences via the NHS National Data Opt-Out Service at https://www.nhs.uk/your-nhs-data-matters/.

StoriiCare ensures that all data processing and sharing align with national guidelines and that opt-out preferences are respected in all applicable cases.

PDS FHIR API

If you are receiving care from a health or care organisation, that organisation may share your NHS number with other organisations providing your care. This is so that the health and care organisations are using the same number to identify you whilst providing your care. By using the same number the health and care organisations can work together more closely to improve your care and support.

Your NHS number is accessed through an NHS England service called the Personal Demographic Service (PDS). A health or care organisation sends basic information such as your name, address and date of birth to the PDS in order to find your NHS number. Once retrieved from the PDS, the NHS number is stored in our case management system. These data are retained in line with our record retention policies and in accordance with the Data Protection Act 1998, Government record retention regulations and best practice. Further information is available on our website.

We will share information only to provide health and care professionals directly involved in your care access to the most up-to-date information about you. Access to information is strictly controlled, based on the role of the professional, and where the user has a direct care relationship with you.The use of joined up information across health and social care brings many benefits. One specific example where this will be the case is the discharge of patients into social care. Delays in discharge (commonly known as bed blocking) can occur because details of social care involvement are not readily available to the staff on the hospital ward. The hospital does not know who to contact to discuss the ongoing care of a patient. The linking of social care and health information via the NHS number will help hospital staff quickly identify if social care support is already in place and who the most appropriate contact is. Ongoing care can be planned earlier in the process, because hospital staff will know who to talk to.

You have the right to object to the processing of your NHS number in this way. This will not stop you from receiving care, but will result in the benefits outlined above not being realised. To help you decide, we will discuss with you how this may affect our ability to provide you with care, and any other options that you have.If you wish to opt-out from the use of your NHS number in this way, you can contact us by phoning 01234 123123 or by emailing hello@example.com.

NHS login

Please note that if you access our service using your NHS login details, the identity verification services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get an NHS login account and verify your identity, and uses that personal information solely for that single purpose. For this personal information, our role is a “processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS login’s Privacy Notice and Terms and Conditions, please click here. This restriction does not apply to the personal information you provide to us separately.

NHS Care Identity Authentication (CIA)

Please note that if you access our service using your NHS Care Identity credentials, the identity access and management services are managed by NHS England. NHS England is the controller for any personal information you provided to NHS England to get a national digital identity and authenticate your claim to that identity, and uses that personal information solely for that single purpose. For any personal information, our role is a “processor” only and we must act under the instructions provided by NHS England (as the “controller”) when verifying your identity. To see NHS England’s Privacy Notice and Terms and Conditions, view the NHS Care Identity Service 2 page. This restriction does not apply to the personal information you provide to us separately which is managed in accordance with our Privacy Policy.

GP Connect

The 'End user organisation privacy notice statement' is available on the GP Connect privacy notice page.

NHS App

If you view or manage your hospital appointments via the NHS App [we/your hospital] share[s] your data with NHS England who operate the NHS App and provide this functionality, known as NHS Wayfinder services. For more information, see the NHS Wayfinder services privacy policy.

Analytics and Cookies

Like most platforms, we use analytics and cookies to improve our services and your experience with Storii and StoriiCare. We use third-party tools, like Google Analytics to automatically record information about your browser and device type. We also use cookies, snippets of code that are stored by your browser, to enable us to recognize your browser on return visits and to help us better understand how and when users interact with Storii and StoriiCare services.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access our platform. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log in to Storii or StoriiCare.

You may opt-out of Google’s analytics cookies by visiting Google’s opt-out page - https://tools.google.com/dlpage/gaoptout. Click on the links below to find out how to change your cookie settings in:

Internet Explorer
Firefox
Chrome
Safari
Opera
iPhone and iPad
Samsung

Legal Compliance

If we are required by law, it may be necessary to provide access to your information and content.

Updates to This Policy

When we update our privacy policy, we will make the newest version available on this page and in the most recent release of our applications. You will also receive an email.

Contact us or the ICO

If you have any concerns or complaints about our privacy activities, you can contact us at support@storii.com You can also contact the Information Commissioner’s Office on 0303 123 1113.

For more details about your rights under the Act, the rules we have to adhere to in collecting and storing your information, and how you can check your data records, please visit https://www.gov.uk/data-protection/the-data-protection-act.

Feedback

If you have any questions at all about this policy or our platform, or about how we use and process your personal information, please do not hesitate to contact us by e-mail at support@storii.com or, alternatively, in writing to StoriiCare, 5 South Charlotte Street, Edinburgh, EH2 4AN.



Updated 1st May 2025