Privacy

As data controllers, GPs have fair processing responsibilities under the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This means ensuring that your personal confidential data (PCD) is handled in ways that are safe, transparent and what you would reasonably expect. Please find documents and links below.

We are committed to protecting your privacy. You can access our website without giving us any information about yourself.

However, we do need some of your information to provide services that you request, and this statement of privacy explains data collection and use in those situations.

For example, when you choose to contact us or request information from us. We will ask you when we need information that personally identifies you or allows us to contact you.

We collect the personal data that you may volunteer while using our services. We do not collect information about our visitors from other sources, such as public records or bodies, or private organisations. We do not collect or use personal data for any purpose other than that indicated below:

  • To send you confirmation of requests that you have made to us
  • To send you information when you request it.

We intend to protect the quality and integrity of your personally identifiable information and we have implemented appropriate technical and organisational measures to do so. We ensure that your personal data will not be disclosed to State institutions and authorities except if required by law or other regulation.

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should be aware that we don’t have any control over the other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites.

How we use your medical records

Important information for patients

  • This practice handles medical records in-line with laws on data protection and confidentiality.
  • We share medical records with those who are involved in providing you with care and treatment.
  • In some circumstances we will also share medical records for medical research, for example to find out more about why people get ill.
  • We share information when the law requires us to do so, for example, to prevent infectious diseases from spreading or to check the care being provided to you is safe.
  • You have the right to be given a copy of your medical record.
  • You have the right to object to your medical records being shared with those who provide you with care.
  • You have the right to object to your information being used for medical research and to plan health services. To find out more or to register your choice to opt-out, please visit: https://www.nhs.uk/your-nhs-data-matters/ (England only). There are no national opt-out policies in Scotland, Wales and Northern Ireland, however, some specific research projects make provision for opting-out of their research.
  • You have the right to have any mistakes corrected and to complain to the Information Commissioner’s Office. Please see the practice privacy notice on the website or speak to a member of staff for more information about your rights.

 

Read the full privacy policy (Word document).

 

Processor: DA Languages Limited (Dals Limited)

Purpose: The use of DA Languages Limited (Dals Limited) is to provide provide language services to NHS patients accessing primary care from General Practices, Dental Practices, Pharmacies and Optometrists across BOB.

Legal Basis: DPIA section 6(1)e It is necessary for the performance of a task carried out in the public interest or under official authority vested in the controller.

DPIA section 9(2)h

Processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of union or member state law or pursuant to contract with a health professional and subject to conditions and safeguards.

OpenSAFELY Data Analytics Service

NHS England has been directed by the government to establish and operate the OpenSAFELY COVID-19 Service and the OpenSAFELY Data Analytics Service. These services provide a secure environment that supports research, clinical audit, service evaluation and health surveillance for COVID-19 and other purposes.

“Each GP practice remains the controller of its own GP patient data but is required to let approved users run queries on pseudonymised patient data. This means identifiers are removed and replaced with a pseudonym.

“Only approved users are allowed to run these queries, and they will not be able to access information that directly or indirectly identifies individuals.

“Patients who do not wish for their data to be used as part of this process can register a type 1 opt out with their GP.

You can find additional information about OpenSAFELY at https://www.opensafely.org/

 

If you need this information in a different format, please contact reception.

Date published: 20th September, 2023
Date last updated: 29th September, 2025