Book an Appointment


GDPR


1. Introduction

Joy Lane Clinic (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This GDPR Policy outlines how we collect, use, store, and protect your personal data in compliance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

2. Data Controller

Joy Lane Clinic is the data controller responsible for your personal data.

3. Principles of Data Processing

We adhere to the following principles when processing your personal data: Lawfulness, fairness, and transparency: We process data lawfully, fairly, and in a transparent manner.

Purpose limitation: We collect data for specified, explicit, and legitimate purposes.

Data minimisation: We collect only the data necessary for the purposes of processing.

Accuracy: We ensure that personal data is accurate and kept up to date.

Storage limitation: We retain data only for as long as necessary.

Integrity and confidentiality: We protect data against unauthorised or unlawful processing, accidental loss, destruction, or damage.

4. Legal Basis for Processing

We process your personal data based on one or more of the following legal bases:

Consent: You have given us clear consent to process your personal data for a specific purpose.

Contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.

Legal obligation: Processing is necessary for compliance with a legal obligation to which we are subject.

Vital interests: Processing is necessary to protect someone’s life.

Legitimate interests: Processing is necessary for our legitimate interests or the legitimate interests of a third party, unless your rights and interests override those interests.

5. Types of Personal Data We Collect

We may collect the following types of personal data:

  • Contact information (name, address, E-mail address, phone number).
  • Medical history and health information.
  • Payment information.
  • Website usage data (IP address, browser type, etc.).
  • Any other information you provide to us.

6. How We Collect Personal Data

We collect personal data:

  • Directly from you when you book an appointment, fill out a form, or communicate with us.
  • Automatically when you visit our website (through cookies and similar technologies).
  • From third parties (e.g., referrals from other healthcare professionals, with your consent).

7. How We Use Your Personal Data

We use your personal data to:

  • Provide healthcare services.
  • Manage appointments and bookings.
  • Process payments.
  • Maintain medical records.
  • Communicate with you.
  • Improve our services and website.
  • Comply with legal obligations.

8. Data Sharing and Transfers

We may share your personal data with:

  • Healthcare professionals involved in your care.
  • Payment processors.
  • IT service providers.
  • Legal and regulatory authorities.
  • Any third party required by law.
  • We will not transfer your personal data outside the UK or European Economic Area (EEA) unless appropriate safeguards are in place.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, and destruction.

10. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for legal and regulatory compliance. Medical records are retained according to legal guidelines.

11. Your Rights Under GDPR

You have the following rights:

  • Right to access: You can request a copy of your personal data.
  • Right to rectification: You can request correction of inaccurate data.
  • Right to erasure (right to be forgotten): You can request deletion of your data.
  • Right to restrict processing: You can request limitations on processing.
  • Right to data portability: You can request to receive your data in a portable format.
  • Right to object: You can object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: You can withdraw consent at any time.
  • Right to lodge a complaint: You can lodge a complaint with the Information Commissioner’s Office (ICO).

12. Contact Information

If you have any questions or concerns about this GDPR Policy or your personal data, please contact us:

13. Changes to This Policy

We may update this GDPR Policy from time to time. We will post any changes on our website.

14. Information Commissioner’s Office (ICO)

You can find more information about your data protection rights on the Information Commissioner’s Office (ICO) website: www.ico.org.uk



Whitstable Clinic

Joy Lane Clinic
32 Saddleton Road
Whitstable
Kent CT5 4JQ
Tel: 01227 266439
Tel: 01227 779485
E: info@joylaneclinic.co.uk

Belgravia Clinic

Aichill Medical
Basement Studio
Chantry House
4 Ecclestone Street
Belgravia SW1W 0SS
Tel: 02030 534563
E: info@joylaneclinic.co.uk

Porthall Clinic

Brickfield House
Porthall
Lifford
Co. Donegal
Ireland F93 YH77
Tel: 07955 252074
E: info@joylaneclinic.co.uk


Website Terms & Conditions | Privacy Policy | Cookies Policy | GDPR


Joy Lane Clinic, © 2025.