Explore Elite Risk Management Services

Private Strategic Group
Solutions
Solutions
Critical Event ManagementTravel Risk ManagementRisk Intelligence & AnalysisGlobal Security AssistanceMass Notification SystemMedical Evacuation & Assistance
Solutions Overview
Capabilities
Capabilities
Medical & Security Consulting
Medical & Security Consulting
Duty of CareBusiness Continuity PlanningCyber Security Risk ManagementMedical ConsultingTraining & Capacity Building
Intelligence & Monitoring
Intelligence & Monitoring
Crisis Proactive MonitoringEmbedded Intelligence ServicesGlobal IntelligenceMaritime Crisis
Global Assistance & Response 
Global Assistance & Response 
Medical & Security AssistanceCrisis ResponseEvent Medical SupportMedical Staffing
Global Operations Centers
Global Operations Centers
Security Operations Center Services
Executive Solutions
Executive Solutions
Executive Protection
Capabilities Overview
Platforms
Platforms
TopoONE by Crisis24Crisis24 HorizonMass NotificationAiiANonagon by Crisis24
Platforms Overview
Insights
Insights
Featured Insights
Insights Overview
Cropped image of US Capitol Building.

Intelligence Analysis

US Administration Policies To Pose Political, Security, And Economic Challenges Through At Least 2026

Crisis24 Intelligence explores how US policies will pose political, security, and economic challenges globally through 2026, impacting international relations and trade.

June 9, 2025

Intelligence
Intelligence
Global Risk Forecast 2025
Intelligence Overview
global risk forecast
Report

Global Risk Forecast Report

Stay ahead of emerging challenges with the Global Risk Forecast 2025.

November 18, 2024

About
About
About UsOur ExpertsCareersSustainability
global risk forecast
Report

Global Risk Forecast Report

Stay ahead of emerging challenges with the Global Risk Forecast 2025.

November 18, 2024

enfr

Search

Data Privacy Notice

Last updated: 15 October 2025

This Privacy Notice applies to information we collect about individuals who use our Crisis24 Medical Assistance Services (the “Services”), and services such as global medical evacuation and assistance. It explains what Personal Information we collect, how we use it and who we may share the data with.

In this Privacy Notice, “Crisis24”, “we”, “us”, and “our” refer to Crisis24 Assistance Services Limited, Crisis24 Pte. Limited, Crisis24 GmbH, and Crisis24 Medical Solutions, Inc.

We respect the privacy of individuals and value the confidence of our clients, customers, employees, consumers, business partners, and others. Crisis24 strives to collect, use, disclose and otherwise process Personal Information and other information in a manner consistent with applicable laws, and prides itself on upholding the highest ethical standards in its business practices. Crisis24 complies with applicable data protection laws including the European Union’s General Data Protection Regulation (“GDPR”), the United Kingdom’s (“UK”) Data Protection Act 2018 and the GDPR as incorporated into UK legislation (“UK GDPR”).

To the extent that we process your Sensitive Personal Information for the delivery of the Services to you, we do so as an independent data controller.  Please be advised that Sensitive Personal Information may be shared with your employer or insurer as applicable, who will each operate as an independent data controller. 

Our details

The entity listed below is the company that provides Crisis24 Medical Assistance Services and which collects Personal Information through the use of our Services.

In the USA:

Crisis24 Inc, OnSolve LLC.
185 Admiral Cochrane Drive #300,
Annapolis, Maryland 21401 USA

In the United Kingdom:

Crisis24 Limited, Crisis24 Assistance Services Limited 
Two London Bridge,
London. SE1 9RA

In Germany:

Crisis24 GmbH
Byk-Gulden-Straße 24
D-78467 Konstanz
Germany

In Singapore:

Crisis24 Pte. Limited
137 Market Street, 10-01, 
Singapore 048943


If you have any comments or questions about this Privacy Notice, please contact us at [email protected].

Content

What Personal Information we collect, how we get it, why we have it and the lawful bases we rely on for processing this information

Crisis24 collects Personal Information when you make use of the Services. Crisis24 collects Sensitive Personal Information as part of the delivery of our Services to you when expressly directed to do so by you or your employer.

“Personal Information” is any information or set of information relating to an identified person or an identifiable person who can be identified, directly or indirectly, by reference to an identifier such as an identification number, location data, an online identifier or one or more factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity. For example, Personal Information includes name, address, email address, employer’s company name, job title, phone number, employee ID, including emergency contact information, and passport numbers. For the purpose of the California Consumer Privacy Act (“CCPA”), Personal Information includes information which identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

“Sensitive Personal Information” means Personal Information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, that concerns an individual’s health or sex life, criminal proceedings, or that is designated in writing by a third party as Sensitive Personal Information.

We collect different Personal Information depending on the Services delivered. The use of information collected through our Services is limited to the Personal Information which is necessary to provide the Services for which Crisis24 has been engaged. The following table explains the types of Personal Information we collect, the source of the data, the purposes for which we use it and the legal bases on which we process the Personal Information. 

PurposeSourcePersonal InformationLegal basis

Registration and tailoring of our Services to you, delivery of our Services, responding to your requests, responding to customer service questions or issues, notifying you of important changes or updates to the Services

Directly from you, your employer, your insurer, and/or third parties assisting you 

Full names, date of birth, contact details, location, home address, employment information, insurance particulars including policy number, the name and contact details of third parties calling on your behalf health information including diagnosis or symptoms, medical reports, medical test results, , general practitioner reports, police reports.

Fulfil contractual obligations

Consent

Delivery of our Services, medical triage in emergency and non-emergency situations, provision of assistance in the arrangement of medical and dental services on your behalf.

Directly from you, your employer, and third parties assisting you 

Personal data as described in the row immediately above.

Fulfil contractual obligations

Consent

Provision of  medical evacuation assistance including medical clearance to travel.

Directly from you, your employer, and third parties assisting you.

Personal data as described in the rows above and also passport details. 

Fulfil contractual obligations

Consent
 

Information We Collect on Behalf of Our clients

Crisis24 collects information under the direction of its clients and may have no direct relationship with the individuals whose personal data it processes. If you are a customer or employee of one of our clients and would no longer like to be contacted by one of our clients that use our Services, please contact the client that you interact with directly. We may transfer personal information to companies that help us provide our Services. Transfers to subsequent third parties are covered by the service agreements with our clients.

If your employer or your insurer (our client) has purchased Crisis24 products or services on your behalf, Crisis24 may receive Personal Information about you directly from your employer. For individuals residing in the European Union or the United Kingdom, if your employer or insurer has given Crisis24 any Personal Information about you in connection with its purchase of a Crisis24 product or service for your benefit, your employer or insurer as relevant, and not Crisis24, will be responsible for determining the method and means by which you will receive notice and the ability to consent to Crisis24’s receipt and use of such information.

We will retain Personal Information we process on behalf of our clients for as long as needed to provide Services to our clients. Crisis24 will retain this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

With Whom the Information May Be Shared

We share information within Crisis24 Group and third parties. This will involve transferring your Personal Information inside and outside of the European Economic Area (“EEA”) and the United Kingdom.

Unless medically relevant to do so, we will never disclose to your employer or your insurer any Personal Information, which relates to pregnancy, sexuality or sexual preference, mental health, alcohol or substance abuse, addictions of any kind, cancer, HIV status, or any other medical information that may be considered protected characteristics.  Such information will only ever be shared where necessary to facilitate medical treatment. 

Third PartiesPurpose

Contractors and third-party service providers who assist us in providing the Services

To provide and maintain our Services - Crisis24 may share Personal Information we collect with our contractors and third-party service providers for the following purposes:

  • Sending emails and other messages on your behalf;
  • Storage;
  • Processing and validating insurance claims;
  • Making medical appointments;
  • Repatriation

Employers

To fulfil contractual obligations - If the Services are purchased by your employer on your behalf and you provide your consent to share Personal Information,

With your consent - We may transfer Personal Information including:

  • That we have received a call and request for assistance from you,
  • Your location,
  • High-level details relating to any medical request such as whether you have made an outpatient appointment or been admitted to hospital, whether you are conscious and contactable or otherwise, or
  • Any other information you have consented to us sharing with your employer.

In protection of your vital interest  – If you are unable to consent because you are unconscious or incapacitated, we may transfer Personal Information including:

  • The record of your admission into a medical facility;
  • The general location of the facility;
  • Information required to facilitate the most appropriate care, such as urgent evacuation, relocation or specific medical considerations, or
  • To recommend that it would be appropriate to consider family concerns, such as flying in family member(s).

In determining your working capacity -  If you are unable to work due to your medical condition, we may transfer Personal Information including a high-level summary of your medical issue and in particular your ability to work or travel, and if you require assistance to work or travel.

Insurers

With your consent - If Crisis24 Services are purchased for your benefit by your insurer, we may transfer Personal Information to your insurer, including:

  • That we have received a call and request for assistance from you,
  • Your location,
  • Information about the symptoms or injuries for which you require treatment,
  • Diagnoses or details provided by medical practitioners treating you, and
  • Details of any recommended procedures or treatment plans which may require pre-authorisation by your insurer.

Law Enforcement Organisations

To comply with applicable law and legal obligations - Crisis24 may use and disclose Personal Information and other information as it believes reasonably necessary: 

  • To comply with applicable law or respond to legal process (for example, a court order, search warrant or subpoena);
  • In response to lawful requests by public authorities (such as to meet national security or law enforcement requirements);
  • To investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our Terms and Conditions, or in other circumstances in which Crisis24 has a good faith belief that its products or Services are being used in the commission of a crime or that there is an emergency that poses a threat to the safety of you or another person; or
  • To protect our rights and property. 
     

We may need to share your Personal Information where required under the laws of countries in which we operate. 

Company Group and Affiliates

For our internal operations - We share information we collect within the Crisis24 Group in order to carry out our internal operations relating to finance and other service fulfilment.

For the pursuance of our obligations in the context of our legitimate business interests - Crisis24 may disclose Personal Information and other information to facilitate the financing, securitisation, insuring, merger, sale, assignment, bankruptcy, or other disposal of all or part of our business or assets.

For other purposes where data is de-identified - We may also use and disclose aggregated, de-identified information about users of the Services for any purpose, such as by publishing a report on trends in the usage of our Services

How Long We Store Personal Information

We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your Personal Information for as long as your account is active or as needed to provide you Services, comply with our legal obligations, resolve disputes and enforce our agreements, consistent with applicable law.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.  

In some circumstances you can ask us to delete your data: see below for further information.

In some circumstances we may anonymise your Personal Information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. 

Your Rights Regarding the Collection, Use And Distribution of Personal Information and Other Information

Under certain circumstances, you have rights under data protection laws in relation to the Personal Information we hold about you. You have the right to request:

  • access to your Personal Information
  • to have your Personal Information corrected
  • to have your Personal Information deleted
  • the restriction of the processing of your Personal Information or otherwise object to such processing
  • your Personal Information to be provided to you in a portable form.

You also have the right to:

  • withdraw consent for processing of Personal Information which relied on consent as the legal basis, and 
  • under the CCPA, protection from discrimination for exercising legal privileges.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within a reasonable timeframe and in accordance with applicable statutory timeframes.

We do not sell your personal data or otherwise exchange your data with third parties for other benefits or consideration. We may still use aggregated, pseudonymised, and de-identified personal information which does not identify you or any individual. 
 

What Kind of Security Procedures We Use to Protect the Loss, Misuse, or Alteration of the Information Under Our Control

Crisis24 takes commercially reasonable administrative, technical, and physical precautions to protect our users’ information against loss, misuse and unauthorised access, disclosure, alteration, and destruction. However, no system is 100% secure, and therefore we cannot guarantee the absolute security of the information that we collect.

Use of Artificial Intelligence in our Services

Crisis24 may use Artificial Intelligence systems (“AI”) to enhance our products and service offerings to you. Crisis24 does not make any decisions based solely on AI inputs.

International Transfer

Crisis24 provides services globally so it may be necessary to transfer your Personal Information internationally. In particular, your Personal Information may be transferred to and processed in the EU, United States, the United Kingdom, Singapore, and/or Australia and wherever you access Crisis24 provided services while you travel. The laws of other countries may provide a lower standard of protection than those in your country or the country you are in while using our services. We seek always to ensure that we comply with all relevant data protection laws when working with partners and service providers in delivery of the Services, including standard contract clauses to protect the data being transferred and processed as far as possible. 

Dispute Resolution

In compliance with the GDPR, Crisis24 commits to resolve complaints about our collection or use of your Personal Information. EEA and Swiss individuals with inquiries or complaints should first contact Crisis24 at:

Privacy Office Crisis24 
Two London Bridge, London, SE1 9RA
[email protected]

Contacting the Regulator

If you feel that your Personal Information has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your Personal Information, you have the right to lodge a complaint.

If you are based in the UK, you have the right to lodge your complaint with the Information Commissioner’s Office. You can contact them by calling +44 (0) 303 123 1113 or online at www.ico.org.uk/concerns. (Please note we can’t be responsible for the content of external websites.)

If you are based in the EEA or Switzerland, you have the right to lodge your complaint with the data protection regulator in your country of residence.

Changes to this Privacy Policy

This Privacy Notice may be amended from time to time, consistent with changing legal, regulatory or client requirements. If we make a material change to this Privacy Notice, we will provide you with appropriate notice by email prior to the change becoming effective. 

 

Updated: 15 October 2025