1. Introduction
 

We respect your privacy and adhere to UK data protection laws. We operate under the guidance of the Information Commissioner’s Office (ICO). For details on your data rights, please visit: https://ico.org.uk/.

​

​

2. Data We Collect

We may collect and process the following categories of data:

• Personal Details:
  Name
  Address
  Contact information (e.g., phone number, email address)
  
   

• Health Data:
  Medical history
  Prescriptions​

​

• Payment Data:
  Billing details
  Transaction records
   

• Marketing & Leads Data:
  Communication history
  Enquiry details
   

​

3. Purpose of Processing

We collect and use data to:

• Provide specialist menopause care and related services.

• Manage appointments, follow-ups, and patient communications.

• Support marketing activities and follow-up on enquiries, ensuring patients and potential patients understand our services.

• Fulfil legal and regulatory obligations.

• Improve patient experience and service quality.

​​

​

​

4. Lawful basis

We process personal data under one or more of the following lawful basis:

• Consent: Where you agree to share sensitive health data and receive marketing communications.

• Contract: Where it is necessary to deliver care and associated services.

• Legal Obligations: To comply with healthcare regulations, including CQC standards.

• Legitimate Interests: Where processing enhances our services or enables us to respond to patient enquiries.

​

​

 

 

5. Data Sharing

We may share data with:

• Approved Medical Professionals: For diagnostic, treatment, or referral purposes.

• Payment Processors: To handle billing securely.

• Regulators: If legally required.

• No data is sold or shared with third parties for unrelated marketing. All marketing activities only support our menopause clinic services.
   

​

6. Data Security and Retention

• Security Measures:
  Encrypted databases
  Restricted access to authorised personnel only

• Retention Periods:
  Health and treatment records are retained as required by law and clinical guidelines.​
  Payment records are kept as per financial regulations.
  Marketing and leads data are retained only as long as relevant or until you withdraw consent.

• Disposal:
  We securely delete or anonymise data that is no longer needed.

 

 

7. Your Rights
You have the right to:

• Access: Obtain copies of your personal data.

• Rectification: Request corrections to inaccurate data.

• Erasure: Request deletion of data when it is no longer required.

• Withdraw Consent: Stop receiving marketing communications at any time.

• Complain to the ICO: If you believe your rights are infringed.

• For guidance, visit https://ico.org.uk/.

​

​

​​

​

8. Contact Us

If you have queries about these privacy terms or wish to exercise your rights, please contact:
[Insert relevant contact details – e.g., Data Protection Officer’s email, clinic’s postal address, and phone number]

​

​​

​9. Comparative Table of Key Data Types & Protection Measures

Data Type                         Examples                             Protection Measures                Retention

Personal Details                          Name, phone number                     Encrypted databases                              As required by law​

Health Data                                 Medical records, diagnoses            Secure clinical systems                         Based on clinical need

Payment Data                              Card details, invoices                     PCI-DSS compliant storage                  As per financial regulations

Marketing & Leads Data             Enquiry forms, preferences            Restricted access, encryption                Until consent withdrawn

​

​

10. Review and Updates

We review these terms regularly and update them as laws or practices change. Any significant changes will be posted on our website and dated accordingly.