Book a Call

Privacy Policy.

Privacy Policy

The Private Clinic is committed to ensuring the privacy of our patients and website visitors. This policy explains what personal data we may collect about you when you interact with us and how we use it.

Who are we?

“The Private Clinic” is a trading name of “TPC Group Limited a company registered in England and Wales at 98 Harley Street, London, United Kingdom, W1G 7HZ with company number 14493595”. For simplicity, “we” “us” and “our” means TPC Group Limited.

TPC Group Limited is the data controller in relation to the processing of personal information that you provide us when using our services.

You can contact our Data Protection Officer at: DataProtectionOfficer@theprivateclinic.co.uk


Or write to:

Data Protection Officer
The Private Clinic
98 Harley Street
 London
W1G 7HZ

Consultants providing medical services at our sites are independent doctors, and not our employees.  Each consultant is the data controller of your personal data processed by them.  In relation to personal data processed in the provision of healthcare at The Private Clinic, the consultant and we will act as joint controllers.  In all other circumstances, the consultant will act as an independent data controller.  Where we and the consultant are joint controllers, you may contact us in relation to the exercise of your rights (see further below).  For information on the processing of your personal data by a consultant, you should contact the relevant consultant for that information.

Your personal and sensitive personal data

Under data protection legislation, the data that organisations hold about you can be categorised as follows:

Personal Data

This is data related to an identifiable person or data that can be used to identify a distinct individual. Examples of personal data we collect and process include names, email addresses, location, telephone numbers, ID numbers and online identifiers. Where this policy states “your data/your personal data” we are referring to Personal Data unless otherwise stated.

Sensitive Personal Data

Sometimes referred to as “Special Category Data”, this is personal data that is deemed to be more sensitive than non-sensitive personal data. For example, medical records, genetics, biometric data, details of ethnicity, sexual orientation. We only use this data for the purposes of your treatment and to ensure your care and safety as a patient, though there may be instances where we are required or permitted to do so by applicable law (e.g. to comply with public health requirements). We never use your sensitive personal data for marketing purposes.

The legal bases we rely on

Under data protection legislation, organisations must have one of a number of reasons for processing your personal data. Below we outline the legal bases we rely on and an example of the purpose for which it is used:

Consent

In some situations, we ask for your consent to process your data for the purpose we have identified.

  • For example, we ask you to tick a box on our enquiry form to receive our special offer and discount emails.

Contractual obligations

Sometimes we may need your data to fulfil our contractual obligations to you.

  • For example, if you wish to book an appointment we may need your payment details, address and contact details to process payment and secure your booking.

Legal compliance

There may be some situations where we are required by law or regulatory bodies to process your data

  • For example, we may require you provide proof of ID and age where the law requires.
  • Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests.

Legitimate Interests

In some situations, we process your data to pursue our interests in a way which might reasonably be expected as part of running our business and which does not significantly impact your rights or freedom.

  • For example, we will use the contact details you provide, to call/SMS/email you regarding your enquiry and provide you with targeted relevant information.
  • We may combine and anonymise your data with that of other customers to identify trends and help make improvements to our service and business.

When do we collect your personal data?

  • When you visit any of our websites
  • When you communicate with us by phone, email, or instant messaging systems
  • When you engage with us on social media
  • When you interact (open/click) with our emails
  • When you request further information from us
  • When you arrange appointments with clinic staff
  • When you attend appointments and as part of the consultation process
  • When you make payments to us or require a refund
  • When you fill in any forms online or in clinic
  • When you’ve given a third-party permission to share information with us (e.g. Facebook/Instagram)
  • When you complete any surveys we send you
  • When you review our services
  • When you refer a friend
  • When you visit our clinics, where we may operate CCTV systems for security purposes

What personal data do we collect?

  • Information submitted via an enquiry form, including your name, email address, phone number, and postcode, to contact you regarding your enquiry and understand demand for our services.
  • Details of your interactions with us through our call centre, in clinics, or online, including recorded calls, conversation notes, and phone call logs.
  • Copies of documents provided to verify age or ID where required by law or company policy.
  • Details of your medical history, including medication and allergies, to ensure treatments are appropriate and safe.
  • Payment details.
  • Details of your visits to our websites, including how you arrived, pages visited, time spent, links clicked, and technical information about your device and internet connection.
  • Information gathered through cookies. Learn more about how we use cookies.
  • Your reviews, survey responses, and comments

How and why do we use your personal data?

We want to give you the best possible experience from your very first interaction with us. One way to achieve this is to better understand who you are by collecting data about you. We use this to make improvements to our service and to communicate information that you are likely to be interested in. There are many cases where we are required to collect and process data about you either to fulfil our contractual obligations to you or to comply with the law. We use your personal data for the following purposes:

  • To contact you regarding your enquiry and process your request for further information or appointment booking.
  • To provide you with further information about your enquiry, helping you make an informed decision.
  • To send email reminders for booking subsequent appointments for ongoing treatments.
  • With your consent, to send special offers and news via email to keep you updated on promotions.
  • To tailor communication content, making it more relevant to you.
  • To contact you regarding your appointments and treatments, ensuring you don’t miss them.
  • For business performance analysis, ensuring we continue to provide the best service.
  • To verify identity and help prevent and detect fraud.
  • To take payments and process refunds.
  • To provide customer service and support.

How we protect your data

We take the security of your data seriously and take all appropriate steps designed to protect it from unauthorised access, loss and misuse. We never sell any of your personal data for any purpose. Any sensitive personal data we may collect (such as medical records) is never used for marketing purposes and access to such data is further restricted.

How long do we keep your data?

We only keep your data for as long as is necessary to fulfil the purpose for which it was collected. At the end of the period, your data will either be deleted or anonymised so that it can be used in a non-identifiable way for statistical analysis which helps us make improvements to our service and business.

Our Retention of Medical Records policy is based on NHS England’s guidance document: Records Management Code of Practice, 2023.

Cookies & similar technologies

To help us give you the best possible experience, our websites and emails contain cookies, web beacons and similar technologies. Cookies are small, harmless text files that are downloaded to your computer/device when you visit websites. They serve a range of purposes such as helping us understand our website usage, activity and user behaviour. For more information, see our Cookies policy below.

Who do we share your personal data with?

We never sell your personally sensitive data with any third parties. We want to maintain your trust in us as a reputable company and believe this is essential to ensure this.

We will only share your personally sensitive data with other healthcare professionals or providers, when necessary, as part of your ongoing care. In addition, we will share such data with third parties, including Government bodies and agencies, when we are legally compelled to do so.

However, we do use third parties to support, manage or deliver some of our day-to-day business services. This includes our legal and other professional advisors.

We may also need to share your personal data if we sell our business or any of its assets or engage in a merger or reorganisation.

As a result, we may share non-sensitive personal data (such as phone numbers, email address and IP address) with the following type of companies we work with:

  • Companies that help us deliver emails and electronic communications.
  • Companies that support our website, phone handling, and other IT/business systems.
  • Companies that provide online communication services, such as instant messaging and video conferencing platforms. By using these services, you accept their terms of usage, and all data (messages, photos, videos, files, and transcripts) will be managed according to their policies.
  • Companies that provide analytics services, such as Google Analytics and Hotjar.
  • Facebook and Instagram, to display relevant services while you browse the internet or social media, based on your acceptance of cookies. See our Cookie Policy for more details.

We select these companies carefully and take precautions to keep your data safe and protect your privacy:

  • We carefully screen all providers with data security playing a key factor in our decision to work with them.
  • We only provide the data they need to perform the services we require.
  • They may only use your data for the purposes we specify and agree with them.

What are your rights?

You have many rights relating to your personal data including:

  • The right to request a copy of certain personal data in a structured, commonly used, and machine-readable format.
  • The right to request the correction of inaccurate or outdated personal data.
  • The right to request the deletion or cessation of processing of your data, where it is no longer needed.
  • The right to stop direct marketing—this is an absolute right, and we must comply with your request.
  • The right to object to data processing when we rely on legitimate interests as the lawful basis.
  • The right to withdraw your consent at any time if you previously provided it.
  • Please note that in some cases, we may refuse a request where we have a strong overriding reason or a legal obligation to retain the data.

If you wish to exercise any of your rights, have a complaint or questions about this policy, please see the “Who are we?” section for contact details.

complaints@theprivateclinic.co.uk

How to stop marketing messages from us

There are several ways you can stop receiving marketing messages from us:

Please note these actions will only stop emails that are not related to booking confirmation/ payment confirmation/ medical aftercare. You may still receive email correspondence from The Private Clinic staff; for example emails to confirm your appointments.

  • Clicking the “unsubscribe” link at the top or bottom of any of our marketing emails
  • Send a request to unsubscribe by replying directly to any of our marketing emails

In most cases your request will be processed immediately but occasionally it may take a few days to take effect so you may still receive emails from us during this time.
If you have previously unsubscribed but change your mind and wish to be included in our emails again, please call us or let a member of staff know. We will email you a request which you need to open and accept to start receiving our emails again.

Children

We do not knowingly collect personal data relating to children under the age of 16. If you are a parent or guardian of a child under the age of 16 and think that we may have information relating to that child, please contact us. We will ask you to prove your relationship to the child but if you do so you may (subject to applicable law) request access to and deletion of that child’s personal data.

Changes to this privacy policy

We may update this privacy policy from time to time to reflect how we use your personal data. We will notify you by e-mail (if we hold your email details) of any significant changes but we encourage you to review this policy regularly to stay informed of how we use your data.

Questions and Complaints

We hope this privacy policy has been helpful in setting out the way we handle your personal data and your rights. If you have any questions that haven’t been covered or want to make a complaint about how we have handled your personal data please contact our Data Protection Officer at: DataProtectionOfficer@theprivateclinic.co.uk


Or write to:

Data Protection Officer
The Private Clinic
98 Harley Street
London
W1G 7HZ

If you have concerns about aspects of the way your data has been handled or used by us and are not satisfied with our response, you can report your concerns to the UK Information Commissioner Office (ICO). Details of how to do this are on the ICO website (https://ico.org.uk).

This policy was last updated on the 7th January 2025.