Mon–Fri 10:00–18:00 · Sat 10:00–14:00

+44 203 887 8835
Windwood Health Clinic Logo

Privacy Policy

Last updated: November 2025

Introduction

Windwood Health Clinic ("we", "our", "us") is committed to protecting and respecting your privacy. This policy explains how we collect, use, and safeguard your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.

Information We Collect

We collect and process the following types of information:

  • Personal details: Name, date of birth, address, contact details
  • Medical information: Medical history, symptoms, diagnoses, prescriptions, test results
  • Appointment data: Booking details, attendance records, consultation notes
  • Insurance information: Policy details for billing purposes
  • Technical data: IP address, browser type, device information when using our website

How We Use Your Information

We use your personal and medical information to:

  • Provide medical care and treatment
  • Process appointments and prescriptions
  • Communicate with you about your care
  • Maintain accurate medical records
  • Process payments and insurance claims
  • Comply with legal and regulatory requirements
  • Improve our services and patient experience

Legal Basis for Processing

We process your health information under the following legal bases:

  • Consent: You provide explicit consent for us to process your data
  • Contract: Processing is necessary for providing healthcare services
  • Legal obligation: We must comply with healthcare regulations
  • Vital interests: Processing is necessary to protect your life or health

Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encrypted data storage and transmission
  • Access controls and authentication
  • Regular security audits and updates
  • Staff training on data protection
  • Secure disposal of records when no longer needed

Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal requirements)
  • Object to processing of your data
  • Request restriction of processing
  • Data portability
  • Withdraw consent at any time

Data Retention

We retain medical records in accordance with NHS and professional guidelines, typically for a minimum of 8 years after your last contact with us, or longer if required by law or clinical need.

Contact Us

For questions about this policy or to exercise your rights, please contact our Data Protection Officer:

Email: privacy@windwood.health
Phone: +44 20 1234 5678
Address: 123 Windwood Avenue, London SW1A 1AA

Complaints

If you have concerns about how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO): www.ico.org.uk