Privacy Policy
Effective Date: 24/06/2025
At Lumina Clinic, we are committed to protecting your privacy and handling your personal data with care, transparency, and integrity. This Privacy Policy outlines how we collect, use, and protect your information in accordance with the UK GDPR and Data Protection Act 2018.
1. Information We Collect
We may collect and process the following data:
- Personal Information: Name, date of birth, contact details, address.
- Health Information: Medical history, ultrasound reports, test results.
- Payment Details: Card information (processed securely via third-party payment gateways).
- Website Data: IP address, browsing activity, and cookies.
2. How We Use Your Data
We use your data to:
- Book and manage appointments.
- Deliver medical services and generate reports.
- Communicate with you about your care or clinic updates.
- Comply with legal obligations (e.g., health record retention).
- Improve our services and website user experience.
3. Lawful Basis for Processing
We process your personal and health data under the lawful bases of:
- Consent: For marketing or non-essential services.
- Contract: To provide medical services you’ve booked.
- Legal obligation: To meet regulatory requirements.
4. Data Sharing
We do not sell your data. Your data may be shared with:
- Internal medical staff and administrative teams.
- Third-party laboratories (e.g., for blood tests).
- IT providers for secure system management.
- Legal or regulatory authorities, when required.
5. Data Retention
We retain your medical records for a minimum of 8 years or longer where legally required.
6. Your Rights
You have the right to:
- Access your data.
- Request rectification or deletion.
- Withdraw consent at any time.
- Lodge a complaint with the ICO.
7. Contact
For privacy concerns, please contact our Data Protection Officer:
0207 129 6584