Privacy Policy

This privacy policy sets out how Chiltern Health Centre (the Clinic) uses and protects any information that you give the Clinic when you use this website, supply information via a telephone call or email, or visit the clinic in person.

The Clinic is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

The Clinic may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 8 May 2018.

What we collect

We may collect the following information:

  • Name, date of birth, GP surgery, next of kin (or emergency contact) information, referral method.
  • Contact details including telephone numbers, email and postal addresses.
  • Other information relevant to customer surveys and/or offers.
  • Medical history and other clinical notes relating to your treatment(s)
  • Attendance at the clinic, including cancelled and missed appointments, correspondence with the clinic (via SMS message, email or phone call).

What we do with the information we gather

We require this information for administrative and business purposes and in particular for the following reasons:

  • Internal record keeping.
  • Contacting you about your appointments at the clinic.
  • We may use the information to improve our products and services.
  • We may periodically send promotional emails about new services, special offers or other information which we think you may find interesting using the email address which you have provided.
  • From time to time, we may also use your information to contact you for clinical audit purposes. We may contact you by email, phone or mail.

How we use cookies

The Clinic does not track your website activity other than to produce anonymous website statistics. Your IP address is not logged by the Clinic. However, if you use the ‘contact us’ or ‘appointment request’ form, we need a valid email address to respond to, and this may be stored for contacting you in the future. If you do not wish to receive email after the initial response to an enquiry, please make this clear in your message.

Third party vendors, including Google, use cookies to serve ads based on your prior visits to this website.

Google’s use of the DART cookie enables it and its partners to serve ads to you based on your visit to this site and/or other sites on the Internet.

Users may opt out of the use of the DART cookie by visiting the advertising opt-out page.

See the Google Privacy Policy at for the data that may be collected, and what it might be used for.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place appropriate technical and organisational measures to safeguard and secure the information we collect about you.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Your rights in relation to your personal information

  • To access your personal information and to be informed about its use.
  • To correct your personal information.
  • To have your personal information deleted, if you are not a client of the clinic.
  • To restrict the use of your personal information (for direct marketing purposes).

We will not sell, distribute or lease your personal information to third parties unless we are required by law to do so.

How long we retain your personal information

  • Medical records cannot be deleted before statutory requirements for data retention – 8 years (or until 25 years of age, for children).
  • Your contact details may remain on our database after you have been discharged to allow the business to be sold on as a going concern, unless you request that these details be removed after 8 years.
  • The Chiltern Health Centre retains clinical records and diagnostic images for longer than the statutory requirement. Keeping records from the initial consultation enables us to manage pre-existing and developing conditions more effectively. However if you would prefer for your records not to be kept longer than 8 years (or until 25 years of age, for children), then please inform us in writing.

Our details

The data controller in respect of the Clinic is Dr Brian Hammond. You can contact the data controller in writing or by sending an email to

You may request details about personal information which we hold about you under the Data Protection Act 1998 or General Data Protection Regulation (May 2018). A small fee may be payable. If you would like a copy of the information held on you please write to the Data Controller at The Chiltern Health Centre, 137 Brighton Road, Sutton, Surrey, SM2 5SW.

If you believe that any information we are holding on you is incorrect or incomplete, please let us know. We will promptly correct any information found to be incorrect.