Wimpole Clinic

External Privacy Notice

Last Updated: 21/01/2025

Privacy Policy – Wimpole Clinic

Last updated: [Insert Date]

1. Introduction

Wimpole Clinic (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us in compliance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.

2. Who we are

Wimpole Clinic
3rd Floor, 2 Harley Street, London W1G 9PA – Head office Surgical Location
2nd Floor 18 – 22 Queen Anne Street, London W1G 8HU. – Surgical Location
214D Hagley Rd Birmingham B16 9PH. – Surgical Location
1 West Road, Ponteland, Newcastle upon Tyne, Ne20 9SU. – Surgical Location
124 Derby Rd, Long Eaton Nottingham Ng10 4LS. – Surgical Location
396 Wilmslow Road, Withington, Manchester, M20 3BN. – Surgical Location
13 Eaglesham Road, Clarkston, Glasgow, G76 7BU. – Surgical Location
17 – 19 Rutland Street, Leicester, LE1 1RB. – Consulting Location
25 Park Square Leeds, LS1 2PF. – Consulting Location
88 Rodney Street, Liverpool, L1 9AR. – Consulting Location
5 Westfields Park, Redland, Bristol, BS6 6LT. – Consulting Location
27 Middle St Brighton, BN1 1AL. – Consulting Location
13 Beaumont Street, Oxford, OX1 2LP. – Consulting Location
1 Mount Ephraim Road, Tunbridge Wells, TN1 1ET. – Consulting Location
5 & 6 City Business Centre, Hyde street, S023 7TA. – Consulting Location

Certificate of Incorporation 8072544
Data Protection Officer: Operations Director
Contact: derek@wimpoleclinic.com

3. What information we collect

We may collect and process the following data about you:

  • Identity Data: Name, date of birth, gender.
  • Contact Data: Address, email, phone number.
  • Medical Data: Relevant health information necessary for your consultation, treatment planning, or procedures.
  • Financial Data: Payment card details or bank details for transactions.
  • Technical Data: IP address, browser type, and browsing actions collected via cookies.
  • Marketing and Communications Data: Your preferences in receiving marketing from us.

4. How we collect your information

  • Directly from you (e.g. consultation forms, online forms, phone calls, emails)
  • Through our website cookies (see our Cookie Policy)
  • From third parties with your consent (e.g. referring GPs or specialists)

5. How we use your information

We use your personal data:

  • To provide you with consultations, treatments, and aftercare.
  • To manage payments, fees, and charges.
  • To communicate with you regarding appointments, follow-ups, and enquiries.
  • To comply with legal and regulatory obligations.
  • With your consent, to send you marketing communications.

6. Legal basis for processing

We process your data under the following legal bases:

  • Performance of a contract: To provide treatment and related services.
  • Legal obligation: For compliance with applicable laws.
  • Consent: For marketing communications and, where required, processing of special category data.
  • Legitimate interests: To manage and improve our services.

7. Sharing your information

We may share your personal data with:

  • Our clinical and administrative team.
  • Service providers acting as processors (e.g. IT systems, website hosting, payment providers).
  • Regulatory bodies or law enforcement if required by law.
  • Referring practitioners with your consent.

We do not sell your data to third parties.

8. International data transfers

If we transfer your data outside the UK, we will ensure it is protected by appropriate safeguards in compliance with UK GDPR.

9. Data security

We have put in place security measures to prevent your personal data from being accidentally lost, used, or accessed unlawfully. Access is limited to authorised personnel.

10. Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including legal, accounting, and regulatory requirements. Medical records are retained in line with clinical guidelines (usually at least 8 years).

11. Your rights

You have the right to:

  • Request access to your personal data.
  • Request correction of inaccurate data.
  • Request erasure of your data in certain circumstances.
  • Object to or restrict processing in certain circumstances.
  • Request transfer of your data to another provider.
  • Withdraw consent at any time where consent is relied upon.

To exercise these rights, please contact Operations Director.

12. Complaints

If you have concerns about our use of your personal data, you can lodge a complaint with the Information Commissioner’s Office (ICO) via www.ico.org.uk.

13. Changes to this policy

We may update this policy from time to time. The latest version will always be available on our website.

14. Contact us

If you have questions about this Privacy Policy, please contact:

Data Protection Officer
Wimpole Clinic
3rd Floor 2 Harley Street, London, W1G 9PA
Email: derek@wimpoleclinic.com
Phone: 02079351861