Privacy Policy

A legal disclaimer

Privacy Policy

Effective Date: January 2026

Data Controller: Sargeant Orthopaedics Ltd

1. Introduction

Sargeant Orthopaedics Ltd ("we," "us," or "our") is committed to protecting the privacy and security of your personal and health information. This policy explains how we collect, use, and safeguard your data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

To provide specialist orthopaedic care, we collect two types of information:

Personal Data: Your name, date of birth, address, email, telephone number, and emergency contact details.
Special Category Data: Health records, medical history, clinical notes, imaging (X-rays/MRI/CT scans), and details of previous treatments or medications.
Administrative Data: Private health insurance details (e.g., Bupa, AXA) or payment information for self-funding patients.

3. How We Collect Your Data

We collect information through:

Direct interactions (phone calls, emails, and clinic consultations).
Our website contact forms and online booking systems.
Referral letters from your GP, other consultants, or allied health professionals (physiotherapists).
Clinical data from hospitals where you receive treatment (Kings Park Hospital and Tayside Complete Health).

4. Lawful Basis for Processing

Under UK GDPR, we process your data based on:

Medical Diagnosis and Treatment: Article 9(2)(h) for the provision of healthcare and clinical management.
Contractual Necessity: To fulfill our agreement to provide medical services to you.
Legal Obligation: Where required by law to maintain medical records or report specific data.

5. How We Use Your Information

Your information is used solely to:

Provide accurate clinical diagnosis and surgical/non-surgical treatment.
Communicate with you regarding appointments and recovery.
Share necessary updates with your GP or referring clinician.
Process payments and manage insurance claims.
Comply with clinical audit requirements and professional standards set by the GMC and Royal College of Surgeons.

6. Data Sharing and Disclosure

We maintain strict confidentiality. Your data is only shared with:

Healthcare Professionals: Doctors, nurses, and physiotherapists directly involved in your care.
Hospitals: Kings Park Hospital or Tayside Complete Health for the purpose of your admission and treatment.
Insurance Providers: Only data required to authorize and settle the costs of your care.
Legal/Regulatory Bodies: Only if required by law or to protect the safety of yourself or others.

We will never sell your personal information or use it for third-party marketing without your explicit consent.

7. Data Retention

We retain medical records in accordance with the BMA and NHS Records Management Code of Practice. Typically, adult orthopaedic records are kept for a minimum of 8 years after the conclusion of treatment, or longer if clinically necessary.

8. Your Rights

You have the following rights regarding your data:

Access: You can request a copy of your medical records via a Subject Access Request (SAR).
Correction: You can ask us to rectify any inaccurate or incomplete information.
Objection: You can object to certain types of processing (though this may impact our ability to provide care).
Withdrawal of Consent: Where you have given consent for specific data usage, you may withdraw it at any time.

9. Security

We employ robust technical and organisational measures—including encrypted storage and secure clinical software—to protect your data from unauthorized access, loss, or disclosure.

10. Contact Us & Complaints

If you have questions about this policy or wish to exercise your rights, please contact our Data Protection Officer:

Sargeant Orthopaedics Ltd Registered Office: Inverey, 11 West Park Road, Cupar, Fife, Scotland, KY15 5DJ

Email: [Insert Practice Email Address]

If you are unsatisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO):

Website: www.ico.org.uk
ICO Registration Number: