Who we are
Mr George Reese FRCS trading as Z&G Consulting Ltd provide General and colorectal surgery consultations and treatments.
What is a privacy notice?
This notice also explains what rights you have to control how we use your information.
You have the right to make a compliant at any time to the Information Commissioner’s Office (ICO), who is the supervisory authority for data protection issues in the UK (phone: 0303 123 1113 or at www.ico.org.uk/concerns).
It is important that the personal data that we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Why and how we collect information about you?
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity of the individual has been removed (anonymous data).
We may process personal information about you which will be used to support delivery of appropriate care and treatment. This is to support the provision of high quality care. These records may include but are not limited to:
- Basic details, such as name, address, date of birth, next of kin.
- Contact we have had, such as appointments and home visits
- Details and records of treatment and care, including notes and reports about your health
- Results of x-rays, blood tests, etc.
We may also process sensitive personal data or special category personal data such as sexuality, race, your religion or beliefs, and whether you have a disability, allergies or health conditions. It is important for us to have a complete picture, as this information assists staff involved in your care to deliver and provide improved care, deliver appropriate treatment and care plans, to meet your needs.
Where we need to collect personal data by law, or under the terms of a contract that we have with you, and you fail to provide that data where requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services). In this circumstance we may have to cancel the provision of our services with you, but we will notify you if this is the case.
We use different methods to collect personal data from and about you including through:
- Direct interactions: You may provide us with your personal data by filling in forms, discussing matters with us and by otherwise corresponding with us by post, phone, email or otherwise.
- Automated technologies or interactions: As you interact with our website and our services, we may automatically collect personal about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
- Third parties or publicly available sources: We may receive personal data about you from various third parties, including via referral from your GP or healthcare professional or the hospital provider you have received treatment or services from.
How we use your personal data
We will only use your personal data when law allows us to. Most commonly, we will use your personal data in the following circumstances:
- With your consent and please note that you have the right to withdraw your consent at any time by contacting us at firstname.lastname@example.org.
- Where we need to perform a contract we are about to enter into, or have entered into, with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
- Where it is necessary for the purposes of:
- Preventative or occupational medicine;
- Medical diagnosis;
- The provision of health care or treatment;
- The provision of social care; and/or
- The management of health care systems or services or social care systems or services.
- To help inform decisions that we make about your care.
- To ensure that your treatment is safe and effective.
- To work effectively with other organisations who may be involved in your care.
- To support the health of the general public.
- To ensure our services can meet future needs.
- To review care provided to ensure it is of the highest standard possible.
- To train healthcare professionals.
- For research and audit.
- To prepare statistics on private healthcare performance measures.
It helps you because;
- Accurate and up-to-date information assists us in providing you with the best possible care.
- If you see another healthcare professional, specialist, they can readily access the information they need to provide you with the best possible care.
- Where possible, when using information to inform future services and provision, non-identifiable information will be used.
We will only use your personal data for the purposes set out above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you would like us to explain how the new processing is compatible, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and explain our legal basis for doing so. Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.
How information is retained and kept safe?
Information is retained in secure electronic and paper records and access is restricted to only those who need to know.
It is important that information is kept safe and secure, to protect your confidentiality. There are a number of ways in which your privacy is shielded; by removing your identifying information, using an independent review process, adhering to strict contractual conditions and ensuring strict sharing or processing agreements are in place.
Technology allows us to protect information in a number of ways, in the main by restricting access. Our guiding principle is that we are holding your information in the strictest confidence.
We have put in place procedures to deal with any suspected personal data breach and we will notify you and any applicable regulator of a breach where we are legally required to do so.
We can only keep your personal data for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. The precise length of time we hold your personal data for varies depending on the individual circumstances, but in determining the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We regularly review our retention periods to ensure that we are not keeping your data for longer than necessary. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us using at email@example.com.