Privacy policy

Effective Date: 12/04/2025

HealthMax Clinic is committed to safeguarding the privacy of all individuals whose personal data we collect and process. This Privacy Policy explains how we handle your personal information when you visit our website, interact with our clinic, or use our services, in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable UK privacy legislation.

By using our website (www.healthmaxclinic.co.uk), you agree to the terms of this Privacy Policy.

1. Data Controller

The data controller responsible for your personal data is:

HealthMax Clinic
45 Belvoir Street
Leicester
LE1 6SL
United Kingdom

Telephone: 0116 226 0681 / 0758 8300 093

2. Information We Collect

We may collect and process the following types of personal data:

a. Personal and Contact Information

  • Full name

  • Telephone number

  • Email address

  • Postal address

b. Health and Medical Information

  • Medical history and treatment details relevant to the care we provide

  • Information voluntarily shared during consultation or enquiry

c. Technical and Usage Information

  • Internet Protocol (IP) address

  • Browser type and version

  • Operating system and platform

  • Website usage data collected via cookies and tracking tools

d. Appointment and Transaction Information

  • Booking history

  • Payment method and transaction details (excluding full card details)

3. How We Use Your Information

We process personal data for the following purposes:

  • To schedule and manage appointments

  • To provide clinical assessments and treatments

  • To respond to your enquiries and provide customer support

  • To send appointment confirmations, reminders, and relevant service information

  • To process payments securely

  • To comply with regulatory and legal obligations

  • To monitor website performance and improve user experience

We will not use your personal data for marketing purposes unless you have explicitly provided your consent.

4. Legal Bases for Processing

We rely on the following lawful bases under the UK GDPR to process your personal data:

  • Consent – where you have given us clear permission to process your data for a specific purpose

  • Contractual necessity – to provide a service you have requested or entered into a contract for

  • Legal obligation – to comply with statutory or regulatory requirements

  • Legitimate interests – for purposes such as ensuring the security of our systems and improving our services, where your rights and freedoms do not override those interests

5. Data Sharing and Disclosure

We will not sell, rent, or lease your personal data to third parties. We may share your information with:

  • Healthcare professionals involved in your care

  • Service providers who support our operations (e.g., booking platforms, payment processors), bound by strict confidentiality agreements

  • Regulatory bodies, insurers, or law enforcement, where required by law or regulation

All data sharing is conducted in compliance with applicable data protection laws.

6. Data Storage and Security

We are committed to ensuring the confidentiality, integrity, and availability of your personal information. Measures include:

  • Secure storage systems with restricted access

  • Encryption and password protection where applicable

  • Staff training on data protection and confidentiality

  • Regular monitoring and security audits

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Medical records: minimum of eight (8) years from the date of the last treatment, or longer if required by law or regulatory bodies

  • Enquiries and contact forms: retained only as long as necessary to respond and follow up

When data is no longer required, it is securely deleted or anonymised.

8. Your Rights

Under data protection legislation, you have the following rights:

  • Right of access – to request a copy of the personal data we hold about you

  • Right to rectification – to request correction of any inaccurate or incomplete information

  • Right to erasure – to request deletion of your data in certain circumstances

  • Right to restrict processing – to request limitation of processing under specific conditions

  • Right to data portability – to receive your data in a structured, commonly used format

  • Right to object – to object to processing based on legitimate interests

  • Right to withdraw consent – at any time, where processing is based on your consent

To exercise any of the above rights, please contact us at: [Insert privacy email address]

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your rights have been violated:
www.ico.org.uk

9. Cookies

Our website uses cookies and similar tracking technologies to enhance user experience and analyse website performance. You can control or disable cookies through your browser settings. Please refer to our separate Cookie Policy for further details.

10. External Links

Our website may contain links to external websites. We are not responsible for the content or privacy practices of third-party sites and encourage users to review their respective privacy policies.

11. Policy Updates

We may update this Privacy Policy periodically to reflect changes in legislation or our operations. Any changes will be posted on this page with a revised "Effective Date."

We encourage you to review this policy regularly.

12. Contact Information

If you have any questions or concerns regarding this Privacy Policy or the handling of your personal data, please contact:

HealthMax Clinic