Skip to main content

Privacy Policy

Last updated: 13 May 2026

Who we are

TreatCompare (www.treatcompare.com) is an independent UK healthcare price comparison service. We are the data controller for personal data collected through this website. You can contact us at hello@treatcompare.com.

What data we collect

We collect personal data only when you actively provide it:

  • Price alert subscriptions — your email address, and optionally a treatment preference, dose, and target price. We use this to send you email alerts when prices change.
  • Email notification signups — your email address, used to notify you when new features launch (e.g., aesthetics or dental clinic comparisons).
  • Patient reviews — if you submit a review, we collect the review text and any information you choose to include. Reviews are moderated before publication.
  • Discount code submissions — if you submit a discount code, we collect the code details and your submission information.

We do not collect health data, payment information, or any special category data. We do not require you to create an account.

Cookies and analytics

TreatCompare does not show a cookie banner because we do not set any cookies, IDs or tracking that would require one. We do not use Google Analytics, Meta Pixel, or any advertising tracker.

Cookieless analytics (Cloudflare Web Analytics)

We load Cloudflare Web Analytics on every page. Cloudflare provides this as a privacy-first alternative to Google Analytics: it sets no cookies in your browser, performs no fingerprinting, stores no persistent visitor identifier, and is built so that no consent banner is required. It cannot identify you personally or follow you across sessions or websites. Under UK PECR it is treated as audience measurement that does not require consent.

Anonymous referrer beacon

We also use a small first-party beacon (/api/referrer-log) that records, for each visit, the category of the referring site (for example: Google search, ChatGPT, Reddit), the landing path on TreatCompare, your country (from the CDN's geographic header), the rough time on page, and a per-visit ID held in sessionStorage that is wiped when you close the tab. The beacon does not store your IP address, raw referrer URL, user-agent string, screen size, or your organisation / internet service provider. It contains no personal data under UK GDPR.

What we do not collect

  • No cookies of any kind set by TreatCompare in your browser
  • No Google Analytics, Google Tag Manager, Meta Pixel, or advertising trackers
  • No cross-session or cross-site visitor identifier
  • No IP addresses persisted by us (Cloudflare uses the IP only at request time for the analytics ping and does not persist it against analytics records)
  • No user-agent string, screen dimensions, or device fingerprint stored against your visit

How we use your data

  • Price alerts — to send email notifications when prices drop below your target
  • Launch notifications — to notify you when new features are available
  • Site improvement — aggregated analytics to understand which pages and features are most useful

We do not sell, rent, or share your personal data with third parties for marketing purposes. We do not send marketing emails beyond the alerts you have explicitly signed up for.

Outbound click tracking and advertiser referrals

TreatCompare exists to help you find verified UK private healthcare providers. When you click a “Compare”, “Visit provider”, or equivalent link to a provider's website, that click passes through a TreatCompare redirect URL (/out/...). We record:

  • The provider you clicked through to and the source page on TreatCompare
  • A randomly generated click identifier (UUID, not linked to your identity)
  • Your country (derived from your IP at request time, not stored as an IP address)
  • Device type (mobile / tablet / desktop)
  • The HTTP referrer header sent by your browser

We do not store your IP address, exact location, or any health-related selection you made (such as which dose or treatment you were viewing) against this click record. The click identifier is passed to the provider via the URL so they can match the visit to any subsequent booking; we may receive a postback from the provider confirming whether a click resulted in a booking, purchase, or consultation.

Some providers pay TreatCompare a fee per click or per confirmed customer for the visitors we send. This is the primary commercial model that lets us keep TreatCompare free to use. Provider order on listing pages is determined by price, regulator status, and inclusions — never by payment. We do not sell, rent, or share your name, email, or any contact information with any advertiser.

Lawful basis for outbound click tracking is legitimate interest — specifically, our and the advertiser's legitimate interest in operating, measuring, and funding the comparison service you use. You can object to this processing by emailing hello@treatcompare.com or by not clicking outbound provider links.

Advertisers receiving click and conversion data from TreatCompare operate under our standard advertiser data processing agreement.

Legal basis

We process your data under the following legal bases (UK GDPR):

  • Consent — for price alert emails (you can withdraw at any time)
  • Legitimate interest — for anonymous, cookieless audience measurement (no personal data) and for outbound click tracking

Data storage and security

Your data is stored securely in a hosted PostgreSQL database. Email addresses are not encrypted at rest but are transmitted over HTTPS. We do not store passwords (there are no user accounts). The database is hosted within the EU/UK.

Data retention

  • Price alert subscriptions are retained until you unsubscribe or request deletion
  • Analytics data is aggregated and does not contain personal identifiers
  • Patient reviews are retained indefinitely unless you request removal

Your rights

Under UK GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate data
  • Erasure — ask us to delete your personal data
  • Withdraw consent — unsubscribe from alerts or withdraw cookie consent at any time
  • Complain — lodge a complaint with the ICO (ico.org.uk)

To exercise any of these rights, email hello@treatcompare.com. We will respond within 30 days.

Third-party services

  • Vercel — website hosting (processes server logs including IP addresses)
  • Neon — database hosting (stores subscriber emails and reviews)
  • Amazon SES — email delivery for price alerts and confirmations
  • Cloudflare Web Analytics — cookieless audience measurement (no cookies, no fingerprinting, no persistent identifier)

Each of these providers has their own privacy policy and processes data as a data processor on our behalf.

Changes to this policy

We may update this policy from time to time. The “last updated” date at the top of this page will be changed. If we make significant changes to how we use your data, we will make this clear on the website.