Privacy Policy

We at The Women’s Hormone Clinic understand that your privacy is important to you and that you care how your personal data is used. We respect and value the privacy of all our clients and will only collect and use data in the ways described here and that are consistent with your rights under data protection law.

This policy is subject to change without notice and so it is advisable that your re-read this policy from time to time to ensure you are still happy with the terms. This policy was last updated on 19th February 2021.

Website Privacy Policy:

The Women’s Hormone Clinic found at (“Website”) is governed by the following privacy policy (“Privacy Policy”).

The purpose of this policy is to inform you of what personal identifiable information  we collect ad how it may be used.

This policy is subject to change, it is advisable that you revisit this page from time to time to ensure you are still happy with the terms of the policy.

What is Personal Data?

Personal data is, in simple terms any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

What information do we collect?

We collect information that you voluntarily submit to the website such as your name, telephone number or email address for example when you submit a contact form.

Automatically collected information.

We automatically collect certain information about you and the device with which you access the Website. For example, when you use the Website, we will log your IP address, operating system type, browser type, referring website, pages you viewed, and the dates/times when you accessed the Website. We may also collect information about actions you take when using the Website, such as links clicked.

Cookies Policy

We may log information using cookies, which are small data files stored on your browser by the Website. We may use both session cookies, which expire when you close your browser, and persistent cookies, which stay on your browser until deleted, to provide you with a more personalized experience on the Website.

How Your Information May Be Used

We may use the information collected in the following ways:

  • To operate and maintain the Website
  • To send you promotional information, such as newsletters. Each email promotion will provide information on how to unsubscribe from future emails
  • To send you administrative communications, such as administrative emails, confirmation emails, technical notices, updates on policies, changes to our service or security alerts
  • To respond to your comments or inquiries
  • To track and measure advertising on the Website
  • To track, measure and analyse the statistical performance of the Website
  • To protect, investigate, and deter against unauthorized or illegal activity

Third-Party Use of Data

We may share your information with third parties when you explicitly authorize us to share your information.

Additionally, the Website may use third-party service providers to service various aspects of the Website. Each third-party service provider’s use of your personal information is dictated by their respective privacy policies.

The Website currently uses the following third-party service providers:

Google Analytics – this service tracks Website usage and provides information such as referring websites and user actions on the Website. Google Analytics may capture your IP address, but no other personal information is captured by Google Analytics.

Typeform – we use this third party software to provide the ‘symptom checker’ form on our homepage. All data gathered is encrypted and hosted on Amazon’s AWS service. The data remains the property of The Women’s Hormone Clinic and would never be shared with anyone else.

Your Rights In Relation To Your Personal Information

Your personal data is protected by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”)

Opt-out – You may opt-out of future email communications by following the unsubscribe links in our emails. You may also notify us at via email to be removed from our mailing list.

Access – You may access the personal information we have about you by submitting a request via email – this is known as a “subject access request”. We aim to respond to a subject access request within seven working days and not more than two weeks of receiving it. In some cases, however, particularly if your request is more complex, it may take up to a maximum of one month from the date of receipt of the request.

Amend – You may contact us via email to amend or update your personal information.

Forget – In certain situations, you may request that we erase or forget your personal data. To do so, please submit a request via email.

Please note that we may need to retain certain information for record keeping purposes or to complete transactions, or when required by law.

How can I contact you?

If you have any queries about your personal data and data protection or to make a subject access request please contact the clinic by email [email protected] or by telephone 01273 569059

You may also contact the Information Commissioners Office (the data protection regulator in the UK): Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, telephone: 0303 123 1113

Changes to this Privacy Policy

This policy is subject to change for example, if the law with regards to data protection changes. It is advisable that you revisit this page from time to time to ensure you are still happy with the terms of the policy.

Patient Privacy Policy:

Why we collect personal data from you

In our practice, we aim to provide the highest quality healthcare. To do this we must collect and use your personal details, including sensitive details about your health. Without this information, it would be almost impossible to deliver the quality health care we seek to provide. This policy outline the types of data we collect and the ways in which it might be used.

If you have any questions about how we process your information, please don’t hesitate to get in touch by contacting our Data Protection Officer:

Address: Data Protection Officer, The Women’s Hormone Clinic, 93 Windmill Drive, Brighton, BN1 5HH

Email: [email protected]

What personal information do we hold about you?

Personal details

When you register with us, you complete forms and provide us with basic information about yourself, such as your name, date of birth, physical address and email address. You will also provide us with an up to date photographic ID such as a driving licence or passport for identification purposes during your online consultations. You are responsible for the accuracy of the information that you provide to us.

Health and medical information

The main type of information we hold about you is sensitive health and medical information. This may include details of your physical or mental health status, symptoms, treatments, consultations, medications and procedures. This information will detail your past history as well as details of your consultations with our doctors, and interactions with our digital service, Heydoc. Your interactions with our digital service may be shared with our doctors in order to provide you with a better experience and for the purposes of providing you better health care.

Under what basis do we use your personal data?

In most cases we use your personal data because you ask us to do so, in other words, you give us permission. We use the information that you submit to us to provide you with high quality medical care within the scope of the clinic. In addition we use it to communicate with you in the event that any services requested are unavailable, to notify you of changes to our services, if there is a query or problem with your medication or test results and for record keeping purposes.

Where necessary for safety, regulatory and/or compliance purposes, we may audit consultations and your other interactions with our services. Strict confidentiality and data security provisions will apply at all times to any such audit and access.

There are times where you may need to give us specific permission. Where your consent is required, we will provide you with all the details you require in order to make your decision. Sometimes we may be asked by legal authorities to process your personal data and at other times, it might be in order to protect your vital interests. There may also be instances where we have special permission because the interests of the public are deemed to be of greater importance than your confidentiality.

Where do we obtain your personal data from?

In most cases we collect your personal data directly from you. There are times where we might need get information from your relatives, other GPs or health professionals and from the results of blood tests and diagnoses such as mammograms and pelvic ultrasounds. Where we get your personal data from other sources, we will inform you.

Who might we share your personal data with?

We may need to share your personal data with health authorities, NHS Trusts, special health authorities, legal authorities and ambulance services. With your consent and, subject to strict sharing protocols about how it will be used, we may also share your information with social services, education services, local authorities, voluntary sector providers as well as the private sector.

It is mandatory that we notify your GP of your treatment with us. This is a compliance requirement of the General Medical Council.
We will always offer to notify your GP of any medicines that we have prescribed, but if you decline to take up our offer, it is your responsibility to notify your GP. You must be aware that any Hormone replacement medication prescribed by us may have a bearing on the healthcare that you receive from you GP and other NHS medical service and so it is essential that your GP record is up to date. If you do not give consent then there may be certain forms of drug therapy that your practitioner is not prepared to prescribe you. With your consent we will write to your GP with a summary of our treatment plan and a copy will be sent to you for your records.

Financial Information

All payments via credit or debit card are processed through our third-party processor “Zettle” that will store all payment information and transaction details. We will not retain your credit or debit card details.

How we look after your personal data

We respect the fact that the personal data belongs to you. We have a duty to keep your information confidential, secure and accurate. We do not keep your personal data for any longer than is necessary for the purpose for which we collected the data. Where we need to further use your personal data, we ensure that it is legal for us to do so and when we need to store your data we take measures to ensure that you or other patients cannot be identified through simply accessing those files.

We retain your medical records in accordance with national best practice guidance –  Records Management Code of Practice for Health and Social Care 2016 (Information Governance Alliance, July 2016)

What are your rights as a patient?

There is an EU law that protects your personal data called the General Data Protection Regulation (GDPR). We must ensure that when you ask about your personal data we respond promptly to your request. You have the right to have your data corrected or removed or transferred to another service provider and also to ask that we stop using your data.

Where you have previously given your consent, you have the right to withdraw that consent, unless a legal authority prevents us from doing this. You have the right not to be pestered by nuisance email or tele-marketing.

You also have the right to be informed of certain security incidents which might have an impact on you. You have the right to raise a complaint with the data protection authority (supervisory authority). Please find their details below. Should you require access to your personal data you may make the request by using the link on our website or contacting us directly at our clinic.

Under the Data Protection Act patients are entitled to receive a copy of their medical records. Any applications should be made in writing and addressed to the Data Protection Officer at the address detailed above.

Data Storage and Transfer

We do not store your personal data on our website. All personal and health data, including medication and diagnostic information are stored on secure servers of our clinical notes system provider Heydoc.

Your data is physically stored on servers which have achieved the highest level of security certification, as used by banks and government services. Heydoc servers are located in London, United Kingdom. Only a very limited number of authorised staff from Heydoc Limited can access these servers. Data is replicated continuously, with multiple copies stored between security centres to ensure immediate failover. Data in transfer is fully encrypted using the most secure cryptographic technologies available (256-bit level of encryption). This means that when you access your data via the internet the Heydoc server will negotiate a secure link with the end user via a process called SSL. This is the same technology used for online banking and credit card transactions and is known to be the most secure system available.

Changes to this Privacy Policy

This policy is subject to change for example, if the law with regards to data protection changes. It is advisable that you revisit this page from time to time to ensure you are still happy with the terms of the policy.