This website uses cookies to function correctly.
You may delete cookies at any time but doing so may result in some parts of the site not working correctly.
 

GDPR/website privacy statement and patient privacy notice

Patient Privacy Notice

Website Privacy Notice

 

What information must be supplied?

Data obtained directly from data subject

Data obtained from a third party or sharing partner

Identity and contact details of the controller (and where applicable, the controller’s representative) and the data protection officer

YES    YES 

Purpose of the processing and the lawful basis for the processing

YESYES

The legitimate interests of the controller or third party, where applicable

YESYES

Categories of personal data

 

YES

Any recipient or categories of recipients of the personal data

YESYES

Details of transfers to third country and safeguards

YESYES

Retention period or criteria used to determine the retention period

YESYES

The existence of each of data subject’s rights

YESYES

The right to withdraw consent at any time, where relevant

YESYES

The right to lodge a complaint with a supervisory authority

YESYES

The source the personal data originates from and whether it came from publicly accessible sources

 

YES

Whether the provision of personal data part of a statutory or contractual requirement or obligation and possible consequences of failing to provide the personal data

YES

 

The existence of automated decision making, including profiling and information about how decisions are made, the significance and the consequences.

YESYES

 

 

 

 

 



 
Call 111 when you need medical help fast but it’s not a 999 emergencyNHS ChoicesThis site is brought to you by My Surgery Website