Lisle Medical Privacy Policy

Privacy Notice

At Lisle Medical, we are committed to protecting your personal information and respecting your privacy. This notice explains how we collect, use, and safeguard your data when you use our services.

Who we are

Lisle Medical is a private GP service providing medical care to individuals and families. We act as a data controller for the personal data we process.

Contact details

What information we collect

We may collect and process the following information:

Personal information

  • Name, date of birth, address, contact details

  • Next of kin details

  • Payment and billing information

Medical information (special category data)

  • Medical history, symptoms, diagnoses

  • Consultation notes and correspondence

  • Test results and imaging reports

  • Prescriptions and treatment plans

Administrative information

  • Appointment records

  • Communication preferences

  • Membership or account details

How we collect your information

We collect information:

  • Directly from you (in consultations, forms, or online bookings)

  • From other healthcare providers (with your consent or where appropriate)

  • From laboratories or diagnostic services

  • From third parties involved in your care (e.g. insurers, where relevant)

How we use your information

We use your data to:

  • Provide safe and effective medical care

  • Maintain accurate clinical records

  • Arrange tests, referrals, and prescriptions

  • Communicate with you about your care

  • Manage appointments and billing

  • Comply with legal and regulatory obligations

Legal basis for processing

We process your personal data under the following lawful bases:

  • Provision of healthcare (UK GDPR Article 9(2)(h))

  • Performance of a contract (for private medical services)

  • Legal obligation (e.g. regulatory requirements)

  • Legitimate interests (for running our service effectively, where appropriate)

Sharing your information

We only share your information where necessary and appropriate, including with:

  • Laboratories and diagnostic providers

  • Pharmacies

  • Other healthcare professionals involved in your care

  • Regulatory bodies where required (e.g. CQC)

We do not sell your data to third parties.

How we store and protect your data

Your data is stored securely using electronic medical record systems and secure communication platforms. We take appropriate technical and organisational measures to protect your information from unauthorised access, loss, or misuse.

How long we keep your information

We retain medical records in line with UK guidance (typically at least 8 years after last contact, or longer where clinically appropriate).

Your rights

You have the right to:

  • Access your personal data

  • Request correction of inaccurate information

  • Request restriction of processing

  • Object to certain types of processing

  • Request a copy of your data (subject access request)

Please note that some rights may be limited where data is required for ongoing care or legal obligations.

Contact and complaints

If you have any questions about how your data is handled, please contact us using the details above.

If you are not satisfied, you have the right to complain to the Information Commissioner’s Office.

Updates to this notice

We may update this privacy notice from time to time. The latest version will always be available on our website.