BOOK NOW

Privacy Policy

Version Date: 1st November 2025

We are committed to protecting and preserving the privacy of our visitors when visiting our site or communicating electronically with us.

This policy sets out how we process any personal data we collect from you or that you provide to us through our website. We confirm that we will keep your information secure and that we will comply fully with all applicable UK Data Protection legislation and regulations. Please read the following carefully to understand what happens to personal data that you choose to provide to us, or that we collect from you when you visit this site. By visiting our website, you are accepting and consenting to the practices described in this policy.

 

Types of information we may collect from you

We may collect, store and use the following kinds of personal information about individuals who visit and use our website:

 

Information you supply to us

You may supply us with information about you by filling in forms on our website. This includes information you provide when you submit a contact/enquiry form. The information you give us may include your name, address, e-mail address and phone number,

 

Information our website automatically collects about you.

With regard to each of your visits to our website we may automatically collect information including the following:

technical information, including a truncated and anonymised version of your Internet protocol (IP) address, browser type and version, operating system and platform;
information about your visit, including what pages you visit, how long you are on the site, how you got to the site (including date and time); page response times, length of visit, what you click on, documents downloaded and download errors.

 

Third party links

Our site may, from time to time, contain links to and from the third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

 

Your rights – access to your personal data

You have the right to ensure that your personal data is being processed lawfully (“Subject Access Right”). Your subject access right can be exercised in accordance with data protection laws and regulations. Any subject access request must be made in writing to us at our email address listed at the bottom of this page. We will provide your personal data to you within the statutory time frames. To enable us to trace any of your personal data that we may be holding, we may need to request further information from you. If you have a complaint about how we have used your information, you have the right to complain to the Information Commissioner’s Office (ICO).

 

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

 

1. Commitment to Your Privacy

Mayfair Health operates in full compliance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
We are committed to protecting the confidentiality, integrity, and security of your personal and medical information.
Your records are held in secure electronic systems and accessed only by authorised clinical or administrative personnel involved in your care.

 

2. How We Use Your Data

Your medical and personal information is used solely for the purpose of providing safe, effective, and personalised healthcare. This includes:

Clinical assessment, treatment, and follow-up.
 Administrative processing (e.g. invoicing, scheduling, insurance claims).
Communication with other healthcare professionals directly involved in your care (for example, your GP, specialist consultants, or diagnostic services).

We will never sell your personal information to any third party.

 

3. Sharing Information

Disclosures of your medical data may be made to:

Other health professionals and services (e.g. imaging, laboratories, referring clinicians).
Insurers or funding bodies, where required to process your claim and with your consent.
Regulatory or legal authorities where disclosure is required by law.

All sharing of identifiable information is strictly controlled and logged.

 

4. Lawful Basis for Processing

Under Article 6 of the UK GDPR, we rely on the following lawful basis for processing your data:

Performance of a contract – to deliver the healthcare services you request.

Because health data is considered special category data, we also meet an additional condition under Article 9:

Provision of healthcare or medical diagnosis – Article 9(2)(h).

 

5. Anonymous Data Use for Research, Audit and AI Development

Mayfair Health is dedicated to improving healthcare outcomes through responsible innovation.
From time to time, we may use fully anonymised clinical data from our clinics to support research, quality improvement, and the development of advanced healthcare tools, including through our partner organisation WellQ Ltd.

All data used for these purposes are irreversibly anonymised prior to use, ensuring no individual can be identified, directly or indirectly.
The anonymisation process complies with ICO guidance, UK GDPR, and the Data Protection Act 2018.
These activities may include statistical analysis, AI model training, or population health studies aimed at improving diagnosis, treatment and prevention of illness.
No identifiable personal information will ever be transferred outside of Mayfair Health for these purposes.

Participation in anonymised research does not affect your care in any way.
If you would like to opt out of your anonymised data being used for research or innovation purposes, please contact our Data Protection Officer at info@mayfairhealth.co.uk.

 

6. How We Protect Your Data

We use secure, encrypted systems to store and manage data.
Access is restricted to authorised staff, and all activity is monitored for compliance.
Data is stored on secure servers located within the UK or EEA, or in approved jurisdictions that meet UK adequacy standards (e.g. Google Cloud with ISO-27001 certification).

 

7. Your Rights

You have the right to:

Access your personal data and request a copy.
Request correction of inaccuracies.
Request deletion (“right to be forgotten”) where applicable.
Restrict or object to certain types of processing.
Data portability (where technically feasible).
Lodge a complaint with the Information Commissioner’s Office (ICO).

Requests should be sent to: info@mayfairhealth.co.uk.

 

8. Data Retention

Clinical records are retained in accordance with statutory healthcare guidelines — typically for eight years after your last visit (or until age 25 for minors), unless longer retention is legally required.
After this period, records are securely destroyed or anonymised.

 

9. Further Information

For a full overview of our Data Protection Policy, please visit.
👉 www.mayfairhealth.co.uk/privacy-policy or contact our Data Protection Officer at info@mayfairhealth.co.uk for any queries regarding your health records or data rights