Privacy and Personal Data Policy

We value your privacy and want to be clear about the data we collect, how we use it and your rights to control that information which is why we have reviewed our Privacy Policy.

We have made these updates to reflect the high standards established by the General Data Protection Regulation (GDPR), a set of laws passed in the European Union, which explains how an organisation will handle personal data.

Privacy and your personal data

We are committed to protecting the privacy of our patients. This privacy policy is intended to inform you on how we gather, define and use your data.

This policy applies to information collected by us, or provided by you, during your appointment, via email, our website, or in any other way including over the phone.

All your personal data will be held and used in accordance with the EU General Data Protection Regulation 2016/679 (“GDPR”) and national laws implementing GDPR and any legislation that replaces it in whole or in part, and any other legislation relating to the protection of personal data.

The information we record during your consultations & treatment appointments

When you visit the clinic, you will provide personal information including your name, address, date of birth, contact details and medical history.

During your consultation, medical notes are taken. Prescriptions may be required, and a letter sent to your doctor or another specialist with your consent. This will form part of your medical records.

Prior to your appointment you will be asked to read and sign a consent and payment form which forms part of your medical records. Subsequent to your appointment we will record treatment outcomes which forms part of your medical records.

The information we record via our website

When you visit our website (via a computer, mobile or hand-held device) you may provide us with personal information including your name, email address and phone number.

This information is gathered when you request an appointment or email the practice.

The information we record via our emails

When you correspond with us by email, we may retain the content of your email as it may form part of your medical records.

How we receive information from third parties

All blood and pathology results are sent to us via secure websites. These form part of your medical records.

How we use your information

Your personal details and medical records are for legitimate purposes and ensure we are able to :

• Provide the best possible care

• Diagnose medical concerns, provide treatment plans and write prescriptions

• Write letters to third parties

• Confirm your appointment by text, email or phone

• To answer your questions by email or phone

You have a responsibility to inform us if any of your details such as name, address, contact numbers change, so our records are accurate and up to date for you.

We use data for audit purposes.

How we maintain confidentiality of your records

We are committed to protect your privacy and will only use information lawfully in accordance with the new General Data Protection Regulations 2018.

Every member of staff has a legal obligation to keep information about you confidential.

We work with an IT Specialist to maintain and protect our data.

How we share your information

We will only share your data with a third party with your consent

We do not sell our database to third parties.

How long we hold your information

As a medical practice we are required to hold medical records for ten years.

Your Rights

You have the right to withdraw your consent at any time by contacting us via email or letter. We will no longer contact you although medical records must be retained for ten years.

You have the right to request a copy of your medical records and this request must be put in writing and signed by the patient. We are required to respond to you within 30 days.

You have the right to have information updated or corrected if you feel it is inaccurate, incomplete or out of date. This request must be put in writing and signed by the patient.

Changing our Privacy Policy

Our privacy policy will be reviewed regularly and updated as needed or as required by law.

The revised policy will be displayed on our website. Where necessary, you may be asked to sign the consent form again.

Objections & Complaints

Our Data Protection Officer is Dr Jan Toledano who responsible for ensuring the practice keeps your information secure and confidential and can be contacted on 0203 905 7580 or via info@londonhormoneclinic.com

Further complaints complain can be directed to the Information Commissioners Office (ICO) at www.ico.gov.uk or telephone 0303 123 1113.

Data Breaches

The practice has a Records Management Policy in place.