Privacy Policy

1. Information We Collect

We collect and process personal information necessary to provide you with healthcare services. This includes:

• Personal Details: Name, date of birth, address, contact information
• Medical Information: Health history, symptoms, diagnoses, treatment records
• Appointment Data: Booking details, attendance records, preferences
• Payment Information: Billing details and payment transaction records
• Communication Records: Emails, phone calls, and correspondence

2. How We Use Your Information

Your personal data is used solely for legitimate healthcare purposes:

• Providing medical consultations, treatments, and healthcare services
• Managing appointments and maintaining accurate medical records
• Communicating with you about your care and appointments
• Processing payments for services rendered
• Sharing information with other healthcare providers when necessary for your care
• Complying with legal and regulatory obligations
• Improving our services and maintaining quality standards

3. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Secure encrypted storage of electronic medical records
• Physical security measures for paper records
• Access controls ensuring only authorized personnel view your data
• Regular security audits and updates
• Staff training on data protection and confidentiality
• Secure communication channels for sensitive information

4. Information Sharing

We may share your information only when:

• You have given explicit consent
• It is necessary for your care (e.g., referrals to specialists)
• Required by law or regulatory bodies
• Necessary for medical emergencies
• Sharing with your NHS GP as part of coordinated care (with your consent)

5. Your Rights

Under UK GDPR, you have the following rights:

• Right to Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate information
• Right to Erasure: Request deletion of your data (subject to legal requirements)
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to certain types of processing

6. Data Retention

We retain medical records in accordance with professional and legal requirements. Adult records are typically retained for a minimum of 8 years after the last consultation. Children's records are retained until the patient's 25th birthday or 26th birthday if the young person was 17 at the conclusion of treatment.

7. Cookies and Website Data

Our website uses essential cookies to ensure proper functionality. We do not use tracking or marketing cookies without your consent. For more information, please see our Cookie Policy.

8. Third-Party Services

We may use trusted third-party services (such as appointment booking systems, payment processors, or diagnostic laboratories) who process data on our behalf. These providers are bound by data processing agreements and must comply with UK GDPR requirements.

9. Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. The latest version will always be available on our website with the revision date clearly displayed.

10. Contact Us

If you have any questions about this privacy policy or wish to exercise your data protection rights, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection issues.