Back to Legal & Trust Centre

Data Processing Summary

A public summary of how ANCHOR processes data on behalf of clinics.

Status
Public summary
Version
v1.0
Stage
Contract-adjacent summary - agreement controls
Last updated
15 June 2026

This summary describes how ANCHOR processes data on behalf of clinics. It is a contract-adjacent summary; the signed data processing agreement and customer agreement control.

Status

This is a public summary only. A signed data processing agreement and the customer agreement control over this summary.

Roles

Controller and processor roles are subject to the agreement, the configuration, and the data submitted. A clinic is likely the controller for its clinic-governance data, and ANCHOR is likely the processor for clinic-governance processing where it is configured that way.

Categories of data

Processing may involve:

  • account and authentication data
  • staff identifiers and reviewer attribution
  • governance metadata
  • learning and CPD metadata
  • policy and attestation metadata
  • incident and near-miss metadata
  • public intake submissions
  • support communications

Processing purposes

Processing supports:

  • providing governance and readiness infrastructure
  • metadata-only governance evidence and receipts
  • human-review workflows
  • trust, learning, and readiness surfaces
  • operating, securing, and supporting the service

Subprocessors

Subprocessors are summarised on the Subprocessors page. Their use is controlled by the data processing agreement.

International transfers and regions

International-transfer and hosting-region positions are not asserted here unless confirmed, and are addressed in the data processing agreement.

Retention and deletion

Retention and deletion are summarised on the Data Retention and Offboarding pages and are subject to the agreement.

Data subject assistance

Where applicable, ANCHOR can assist the clinic, as controller, in responding to data-subject requests.

Incident and breach assistance

Where applicable, ANCHOR can assist the clinic with incident and breach handling, as set out in the agreement.

Audit and information rights

Audit and information rights are summarised here and are addressed in detail in the data processing agreement.

Contact

Privacy and data-protection questions may be sent to privacy@anchorvet.co.uk. DPA and commercial document questions may be sent to legal@anchorvet.co.uk. These mailboxes forward to and are monitored by the founder; they are contact routes only, not a Data Protection Officer appointment or a legal-advice service. Please do not send raw clinic, client, or patient data unless an authorised agreement and product flow permit it.

Not legal advice

This is a public summary and is not legal advice. The signed documents control.

Important notice

ANCHOR helps clinics evidence responsible AI governance practices. It does not make a clinic compliant with any law or professional standard, and it does not replace veterinary judgement. These pages are prepared for transparency and solicitor review and are not legal advice.