Privacy Policy

How we collect, use, and protect your information.

Last updated: April 2026

1. Introduction

Lambert Medical Practice ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our medical services.

We are registered with the Information Commissioner's Office (ICO) and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

Personal Information

We may collect the following types of personal information:

  • Name, address, email address, and telephone number
  • Date of birth and gender
  • NHS number (if applicable)
  • Emergency contact details
  • Payment information
Medical Information

As a healthcare provider, we collect special category data including:

  • Medical history and current health conditions
  • Test results and diagnoses
  • Medications and allergies
  • Consultation notes and treatment plans
  • Referral information

3. How We Use Your Information

We use your information for the following purposes:

  • Providing medical care and treatment
  • Managing appointments and bookings
  • Processing payments
  • Communicating with you about your care
  • Referring you to other healthcare providers
  • Complying with legal and regulatory requirements
  • Improving our services

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract: To fulfil our contractual obligations when providing medical services
  • Legal obligation: To comply with healthcare regulations and laws
  • Vital interests: In medical emergencies
  • Legitimate interests: For administrative purposes and service improvement
  • Consent: Where you have given explicit consent

5. Sharing Your Information

We may share your information with:

  • Other healthcare providers involved in your care
  • Laboratories and diagnostic services
  • NHS services when appropriate
  • Insurance companies (with your consent)
  • Regulatory bodies as required by law

We will never sell your personal information to third parties.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including:

  • Encrypted data storage and transmission
  • Secure access controls
  • Regular security assessments
  • Staff training on data protection

7. Data Retention

We retain medical records in accordance with NHS guidelines:

  • Adult medical records: 8 years after last contact
  • Children's records: Until the patient's 25th birthday or 8 years after last contact, whichever is longer
  • Maternity records: 25 years

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate information
  • Request erasure (subject to legal requirements)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent

9. Cookies

Our website uses cookies to improve your browsing experience. You can control cookie settings through your browser preferences.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

  • Data Protection Officer
  • Lambert Medical Practice
  • 47 Surbiton Road, Kingston, Surrey, KT1 2HG
  • Email: privacy@lambertmedical.co.uk
  • Phone: 020 8050 1234

11. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

www.ico.org.uk