top of page




Forest Edge Clinic does not collect Users (eg patients) personal data but may have responsibility to store it. We do collect data applicable to Renters (eg practitioners) and Enquirers (eg prospective renters)including sensitive data on the basis that such data is the clinics legitimate interest to do so; for example contact banking business & personal details to enable us to communicate with clients renters associates to establish identity and seek references.

We have no responsibility for Renters compliance with statutory or professional requirements.

We do not enter into any contractual relationship with Users.

Users of services should satisfy themselves when consulting a Renter that they are suitably qualified, carry adequate and appropriate professional insurance.


Users should satisfy themselves that a contract for services exists and that the Renter complies with all statutory requirements including, but not exclusively, Data Protection.

We take security seriously. Data is encrypted, stored in state-of-the-art facilities, access is restricted to those who have a need to know, and we regularly review our technology to maintain security. In the event that there is a breach and your Personal Information that we have collected directly is at risk, you will be notified within 72 hours of discovering the breach. You will be informed of what information is at risk, steps that we have taken to ensure your safety, and what action we are taking to rectify the breach.

The Clinic Director is responsible for keeping secure the information stored on in- house servers or by remote providers and original paper based documents in our secure locked filing cabinets. Our Service Provider undertakes to ensure that their service (and that of any subsequent processor) complies with the requirements of European Union GDPR 2016 and the United Kingdoms DPA 2018. Third party software suppliers undertake to maintain compliance with relevant legislation or regulation and do not themselves use or routinely access data collected by us.


Access to your data is restricted on a need to know basis, typically only our clinicians (eg practitioners) will have access to sensitive data. All providers (eg owners,employees) including our administrative staff and contracted providers understand their responsibility to ensure that the confidentiality and security of the information we hold is not breached.


All users accessing your personal data undertake to maintain best practice observing current clinic policies and procedures regarding the security of data whether accessing via in- house devices and networks or remotely using personal devices and internet connections.

The clinic undertakes regular compliance review to ensure that best practice regarding data security is followed. We will keep the Privacy Policy updated on our web site.


The clinic (Forest Edge Clinic) will share your sensitive data with other Clinic health professionals involved in your care or from whom an opinion is sought. We may also share your data with providers of your private health care scheme(s) but would typically seek prior permission from you to disclose in those circumstances.

In exceptional circumstances we may be obliged by law, or for example, to prevent fraud or in a medical emergency to share information with third parties without your permission.

Limited financial and operational data (non-sensitive) may be shared by the clinic with statutory bodies, tax authorities and our accountants, auditors, lawyers and other professional advisers

Your personal information may need to be shared with our service providers, which may involve transferring it to countries outside the European Economic Area (EEA). Where we do so, we will ensure that we do this in accordance with current data protection legislation by only transferring your data to jurisdictions in respect of which there is a European commission adequacy decision or, where this is not the case, by using model clauses approved by the European Commission.

The clinic keeps your electronic data, collected by us, securely for a minimum, of 7 years after the date of your last visit to the practice or if under age 16 at the date of your last visit until you reach the age of 21 years. Renters may ask you to provide current information and review existing or complete new documentation under their own name and registration with the.Information Commissioner's Office. The Clinic will not retain paper documents and your practitioner will be responsible for these and associated electronic data under their ICO (information Commissioner's Office) registration.


If we believe our contractual relationship has been violated, if we believe it is necessary to protect our rights or if, for example, the assets of the clinic were to be transferred to another party, or if we purchase any business assets, the clinic may disclose and transfer the data it holds to the prospective seller or purchaser of such business or assets.


The clinic will not lend or sell the data it holds to third parties.

The clinic may however sell the data if it comprises part of the clinics business assets on transfer of the business or its assets to another party.


The clinic does not use data which may be coincidentally collected by providers if you access our web site.


The clinic does not use your data for marketing purposes but may advise you of changes regarding the clinic, its services and products. You can decline to receive this information and communications such as appointment reminders at any time, see below. We may subsequently ask you to confirm your instruction by contacting you for validation.


You have the right to access the information we hold on you, to receive a copy, to correct any errors, to ask us to stop sending you reminders or information, to have us delete your data. For legal reasons the clinic may have to store sensitive data for some time and archive your data removing it from the active database. This is in order to comply with professional standards, legal obligation required of state registered health practitioners and legislation regarding the financial affairs of the clinic


Internet communication, which includes email, is not secure. Encryption of data is possible but protocol varies and the clinic cannot accept any responsibility for data loss or corruption or unauthorised access if internet communication is used. For sensitive data our preferred policy is delivery by surface mail or by hand. If we are asked by you to provide a copy of your data to you or to a third party we will ask you to cover our costs or to accept the risk associated with data transfer over the internet, for which we do not charge.


Any Questions, concerns? Please contact your Practitioner in the first instance. Alternatively contact Penny Waller

 Email: or tel: 078 8169 7986.


For advice: contact Information Commissioner.


bottom of page