Privacy Policy

Children's Privacy Notice

Coleridge Medical Centre has a legal duty to explain how we use any personal information we collect about you, as a registered patient, at the organisation. Staff at this organisation maintain records about your health and the treatment you receive in electronic and paper format.


What is a privacy notice and why does it apply to me?

A privacy notice tells people how organisations use information that they hold about them. A new law called the UK General Data Protection Regulation 2016, also known as GDPR, says that we need to provide you with this privacy notice and let you know:

  • What information we hold about you
  • How we keep this especially important information safe and secure and where we keep it
  • How we use your information
  • Who we share your information with
  • What your rights are
  • When the law gives us permission to use your information


Why does the law say you can use my information?

The law gives us permission to use your information in situations where we need it to take care of you. Because information about your health is very personal, sensitive and private to you, the law is very strict about how we use it. 

So, before we can use your information in the ways we have set out in this privacy notice, we have to have a good reason in law which is called a ‘lawful basis’.  Not only do we have to do that, but we also have to show that your information falls into a special group or category because it is very sensitive. By doing this, the law makes sure we only use your information to look after you and that we do not use it for any other reason. 

If you would like more information about this, please ask to speak to our data protection officer (DPO) mentioned in this privacy notice who will explain this in more detail.


About us

We at Coleridge Medical Centre are responsible for collecting, storing and handling your information when you are registered with us as a patient. Because we do this, the law says we are the data controller. Sometimes we may use your information for a particular purpose and, when we do so, the law says we are the data processor.


What information do we hold about you?

Personal information is anything that identifies you as a person and we all have personal information. Personal information that tells us something about you includes:

  • Your name
  • Address
  • Mobile number
  • Information about your parent(s) or person with parental responsibility
  • All your health records
  • Appointment records
  • Treatments you have had
  • Medicines prescribed for you and any other information to help us look after you


How do we keep it safe?

  • The law says that we must do all we can to keep your information private, safe and secure.
  • We use secure computer systems and we make sure that any written information held about you is under lock and key and kept in a safe place. This includes taking great care with any passwords we use which we change on a regular basis. We also train our staff to respect your privacy and deal with your information in a manner that makes sure it is always kept and dealt with in a safe way.


What do we do with your information?

  • We only usually use your information to help us care for you. That means we might need to share your information with other people who are concerned and involved with looking after your health.
  • We might need to share your information with the police, courts, social services, solicitors and other people who have a right to your information, but we always make sure that they have a legal right to see it (or have a copy of it) before we provide it to them.


Who else will see my information?

Usually only doctors, nurses and other people who work with us are allowed to see your information.

Sometimes though, if you need to go to the hospital or be seen by a special doctor, we will share your information with them but this is only so that we can take care of you.

  • Sometimes we might be asked to take part in medical research that might help you in the future. We will always ask you or your parent(s) or adult with parental responsibility if we can share your information if this happens.
  • Possibly the police, social services, the courts and other organisations and people who may have a legal right to see your information.


What if I want to see my information you hold about me?

  • If you want to see what information we hold about you then you have a right to see it and you can ask for it.
  • To ask for your information you will usually need to put your request in writing and tell us what information you want us to give you.
  • We usually need to answer you within one month. Your parent(s) or adult with parental responsibility can help you with this if you need help.
  • We will give this to you free of charge.
  • If you think there are any errors in the information we hold about you then you can ask us to correct it but the law says we cannot remove any of the information we hold about you even if you ask us to. This is because we need this information to take care of you.
  • You have a right to ask us not to share your information.
  • If you would like to talk to us about not sharing your information, even if this means you do not want us to share your information with your parent(s) or adult with parental responsibility, please let us know. We will be happy to help.


What if I want to opt out of sharing my data?

National opt-out facility

You can choose to opt out of sharing your confidential patient information for research and planning. There may still be times when your confidential patient information is used; for example, during an epidemic where there might be a risk to you or to other people’s health. You can also still consent to take part in a specific research project.

Your confidential patient information will still be used for your individual care. Choosing to opt out will not affect your care and treatment.

You do not need to do anything if you are happy about how your confidential patient information is used.

If you do not want your confidential patient information to be used for research and planning, you can choose to opt out by using one of the following methods:

Photocopies of proof of applicant’s name (e.g., passport, UK driving licence etc.) and address (e.g., utility bill, payslip etc.) need to be sent with the application.  It can take up to 14 days to process the form once it arrives at NHS, PO Box 884, Leeds, LS1 9TZ.

Note: Unfortunately, the national data opt-out cannot be applied by this organisation

General practice data for planning and research opt-out

The NHS needs data about the patients it treats to plan and deliver its services and to ensure that the care and treatment provided is safe and effective. The General Practice Data for Planning and Research data collection will help the NHS to improve health and care services for everyone by collecting patient data that can be used to do this. For example, your data can help the NHS to:

  • Monitor the long-term safety and effectiveness of care
  • Plan how to deliver better health and care services
  • Prevent the spread of infectious diseases
  • Identify new treatments and medicines through health research

GP practices already share patient data for these purposes but this new data collection will be more efficient and effective. Contributing to research projects will benefit us all as better and safer treatments are introduced more quickly and effectively without compromising your privacy and confidentiality.

What patient data is shared about you with NHS Digital?

Patient data will be collected from GP medical records about:

  • Any living patient registered at a GP practice in England when the collection started – this includes children and adults
  • Any patient who died after the data collection started, and was previously registered at a GP practice in England when the data collection started

They will not collect your name or where you live. Any other data that could directly identify you, for example NHS number, General Practice Local Patient Number, postcode and date of birth, is replaced with unique codes which are produced by de-identification software before the data is shared with NHS Digital.

Opting out of NHS Digital collecting patient data (type 1 opt-out)

If you do not want your identifiable patient data to be shared outside of your GP practice for purposes except for your own care, you can register an opt-out with your own GP practice. This is known as a Type 1 Opt-out.

You can register a Type 1 Opt-out at any time and you can also change your mind at any time and withdraw a Type 1 Opt-out.


What if I have a question?

Should you have any questions about our privacy policy or the information we hold about you, you can:

  • Contact the organisation via email at GP practices are data controllers for the data they hold about their patients
  • Write to the data protection officer c/o
  • Ask to speak to the practice manager or the duty manager

The data protection officer (DPO) for Coleridge Medical Centre is Bex Lovewell.


What if I have a serious complaint about how you look after my information?

In the unlikely event that you are unhappy with any element of our data processing methods, do please contact the practice manager at Coleridge Medical Centre in the first instance. If you feel that we have not addressed your concern appropriately, you have the right to lodge a complaint with the ICO. For further details, visit and select “Raising a concern” or telephone: 0303 123 1113.

The Information Commissioner’s Office is the regulator for the General Data Processing Regulations and offers independent advice and guidance on the law and personal data including your rights and how to access your personal information.

Covid-19 Privacy Notice

This notice describes how we may use your information to protect you and others during the Covid-19 outbreak. It supplements our main Privacy Notice which is available

The health and social care system is facing significant pressures due to the Covid-19 outbreak. Health and care information is essential to deliver care to individuals, to support health and social care services and to protect public health. Information will also be vital in researching, monitoring, tracking and managing the outbreak. In the current emergency it has become even more important to share health and care information across relevant organisations.  

Existing law which allows confidential patient information to be used and shared appropriately and lawfully in a public health emergency is being used during this outbreak. Using this law the Secretary of State has required NHS Digital; NHS England and

Improvement; Arms Length Bodies (such as Public Health England); local authorities; health organisations and GPs to share confidential patient information to respond to the Covid-19 outbreak. Any information used or shared during the Covid-19 outbreak will be limited to the period of the outbreak unless there is another legal basis to use the data. Further information is available on and some FAQs on this law are available  

During this period of emergency, opt-outs will not generally apply to the data used to support the Covid-19 outbreak, due to the public interest in sharing information. This includes National Data Opt-outs. However in relation to the Summary Care Record, existing choices will be respected. Where data is used and shared under these laws your right to have personal data erased will also not apply. It may also take us longer to respond to Subject Access requests, Freedom of Information requests and new opt-out requests whilst we focus our efforts on responding to the outbreak.  

In order to look after your health and care needs we may share your confidential patient information including health and care records with clinical and non clinical staff in other health and care providers, for example neighbouring GP practices, hospitals and NHS 111. We may also use the details we have to send public health messages to you, either by phone, text or email.

During this period of emergency we may offer you a consultation via telephone or video- conferencing. By accepting the invitation and entering the consultation you are consenting to this. Your personal/confidential patient information will be safeguarded in the same way it would with any other consultation.  

We will also be required to share personal/confidential patient information with health and care organisations and other bodies engaged in disease surveillance for the purposes of protecting public health, providing healthcare services to the public and monitoring and managing the outbreak. Further information about how health and care data is being used and shared by other NHS and social care organisations in a variety of ways to support the Covid-19 response.

NHS England and Improvement and NHSX have developed a single, secure store to gather data from across the health and care system to inform the Covid-19 response. This includes data already collected by NHS England, NHS Improvement, Public Health England and NHS Digital. New data will include 999 call data, data about hospital occupancy and A&E capacity data as well as data provided by patients themselves. All the data held in the platform is subject to strict controls that meet the requirements of data protection legislation. 

In such circumstances where you tell us you’re experiencing Covid-19 symptoms we may need to collect specific health data about you. Where we need to do so, we will not collect more information than we require and we will ensure that any information collected is treated with the appropriate safeguards.

We may amend this privacy notice at any time so please review it frequently. The date at the top of this page will be amended each time this notice is updated.