May 2019

We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our patients and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the new data protection law (GDPR).

Our Promise to you:

To be clear about why we collect your personal information and what we will use it for.

To make it easy for you to tell us how you would like us to keep in touch.

To collect the information we need to make sure we deliver the best service to you.

To never sell or share your personal information, or let other organisations use if for marketing purposes.

To take good care of your personal information, and make sure it is up to date, safe and secure at all times.

What Does This Notice Cover?

This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

What Personal Data Do We Collect?

We may collect some or all of the following personal data:
Date of birth;
Email address;
Telephone number;
Registered GP Practice;
Payment information;
Information about your preferences and interests;
Medical information;

Your personal data may have been passed to us from a third party medico legal intermediary/insurance company who are referring you for treatment.

Our Website And Your Information
You may choose to use our ‘contact us page’ on our website ( to get in touch. Data transmitted via the website cannot be 100% secure so please be aware that any information you do transmit to us is at your own risk. Once we receive your information we will use our best efforts to ensure it’s safety within our network.
Our website may contain links to other websites that are outside of our control and are not covered by this Privacy Policy.

How Do We Use Your Personal Data?

Under the GDPR, we must always have a lawful basis for using personal data. Your personal data may be used for one of the following purposes:

To ensure that you receive the service you have requested.
Communicating with you. This may include emails, letters or telephone calls.
Liaising with and supplying information to the medico legal intermediary/health insurance company or solicitor who referred you to us.
Communicating with your GP or Consultant with your consent
Contacting you with information by email and/or post that you have opted-in to (you may unsubscribe or opt-out at any time by contacting us at

How Long Will We Keep Your Personal Data For?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept for a period of eight years or for a patient under the age of 18 your data will be kept until the age of 25.

After a period of eight years the files are destroyed using a shredding service which complies with ICO guidelines and current Data Protection Law.

How Do We Keep Your Personal Data Safe?

We will only store or transfer your personal data in the UK. This means that it will be fully protected under the GDPR.
Physical files known as ‘Patient Records’ are stored in compliance with ICO guidelines and current Data Protection Law.
Our computerised patient data is stored within ‘Sensible People’ which is secure and encrypted system and governed by their data protection policy.
All our computers are password protected and our networks are checked regularly to ensure they are secure.

Data that is transmitted via the internet or email cannot be 100% secure and we therefore take every reasonable precaution to keep your information safe by:
Any electronic communication is processed using a suitable level of encryption.
Any clinical reporting to a third party medico legal intermediary/health insurance company or solicitor is conducted using secure portals or encrypted emails.

Do We Share Your Personal Data?

We will never sell your personal information or let other organisations use it for their own purposes.

We will only share your information where:
We are legally required to, or as a result of a lawful request by a government or law enforcement authority.
If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.

Controlling Access To Your Personal Data?

You have the right to a copy of the information we hold about you. This is called a Subject Access Request. If you would like to make a Subject Access Request you can do so by contacting us at:
We will provide you with it as soon as possible. You have the right to have incorrect information corrected and the right to object to further processing of your personal information for direct marketing.

How Do You Contact Us?

To contact us about anything to do with your personal data and data protection, including to make a Subject Access Request, please send an email to for the attention of Ellie Simpson

Changes to this Privacy Notice
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes will be made available on request.


Use of our website

Healthworks follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.

Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Healthworks, which are sent directly to users’ browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalise the advertising content that you see on websites that you visit.

Note that Healthworks has no access to or control over these cookies that are used by third-party advertisers.

Healthworks Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.


By using our website, you hereby consent to our Privacy Policy.