We collect personal data from you when you are referred to us or attend the clinic. We will
always aim to keep this data secure and use it only for the purposes that we are legally
For example, we collect and store information that we receive from your GP and other health
professionals when you are sent to us for care. We will also gather information from you at
your appointments and may request historic information from other health clinics of past
health episodes if these are relevant to the care we are providing you. Some of the
information we hold we recognise will be sensitive.
The information we hold will include contact details (name, address, telephone numbers,
email), personal details (gender, date of birth, GP practice, emergency contacts) and
medical information. We may also take and store photos of your skin complaint.
We use this information and medical records primarily to ensure the safe and effective
delivery of care. Parts of the records will be used for the efficient management of our
services and the NHS (where applicable); to undertake medical audits that improve our
overall care for patients and occasionally in medical research. We will also use your mobile
phone number to send you appointment reminders.
We are a paperless practice, save for communication with outside bodies which don’t accept
electronic data, in which case information of you may be posted or faxed (marked ‘private &
confidential’). We will ask you at registration how you would like to be contacted. We prefer
to communicate with you via phone, text or email. Our end of the email provision is as safe
as possible and you recognise that it is you and your email provider are responsible for the
security of your email account at your end.
If you send us clinical enquiries via unsecured means, e.g. via Facebook, we are happy to
reply to these but we will only do so via more secure means if we feel there is a risk of
breaking confidentiality with you or any of our patients.
Who else has access to your data?
At times, we do need to share information with other health service bodies, to ensure you
receive the best care from us and the health service generally, and so that we can
administer the service. We will only send the minimum level of information that is necessary
in these cases.
Privacy Notice Public – Updated 06/2019 NEXT REVIEW: 10/2020
We do employ the services of other organisations who will process your data on our behalf –
particularly our clinical record management providers (such as ‘Pabau’). These companies
place that make this clear. Pabau Privacy Notice can be accessed here:
We also need to comply with the any legal requests for information from public bodies –
such as the police and government bodies – or to protect you, ourselves and others.
Your rights over your data
You have the right to be informed how we use your data. If you have any queries over and
above the contents of this policy then please contact our data protection officer, Dr Keli Thorsteinsson (email@example.com).
You can also request a summary of the information that we hold on you or for us to correct
any factual data that is inaccurate. The first request for information will be provided free of
charge, but a charge of £10 may be charged for subsequent requests.
You may ask us to delete information that we hold on you, which we will consider. However,
it is a legal requirement to maintain medical records for a defined period of time (we abide to
the current retention schedules contained in the “Records Management Code of Practice for
Health and Social Care 2016”) and so these will be considered alongside any request.
To make a request for any of the above, please email us at firstname.lastname@example.org.
Finally, if you are unhappy with how we are managing your personal data, or aren’t happy
with our response at any time, then you have the right to file a complaint with the Information
Commissioner’s Office (https://ico.org.uk/).
We use reasonable and modern methods to protect your data, but unfortunately no data
transmission or storage system is 100% secure. If you feel that the security of your
information has been compromised in anyway then please contact us immediately. If we
become aware of any security issue, then we will contact any individuals that are affected.
General Enquiries: Telephone: 01978 799688
Address: Freyja Medical, 25 Chester Street, Wrexham LL13 8BG