This link will open in a new window This link will open in a new window


Open 9am - 6pm (Mon/Wed only)
020 8651 1542
10 Old Farleigh Road, CR2 8PB

Established in 2014, Farleigh Clinic is a private aesthetic
clinic providing medical facial treatments.

Privacy PolicyFeedback & Comments

Welcome to Farleigh Clinic

HomeAbout UsTreatmentsInfoBook OnlineContact Us

Farleigh Clinic data protection policy


Farleigh Clinic aims to meet the requirements of the Data Protection Act 2018, the EU General Data Protection Regulation (GDPR), the guidelines of the UK Information Commissioner’s website, as well as our professional commitments, guidelines and requirements.

The data controller at Farleigh Clinic is:

The Information Governance Lead is:

The Data Protection Officer is:

This Notice is available on the practice website at, at Farleigh Clinic's reception, or by request via email if you contact or by calling 020 8657 4477.

1. Personal data that we hold:

In order to provide our patients with the highest standard of care, we need to hold certain personal information about you. You will be asked to provide certain personal information when joining the practice. The purpose of us processing this data is to provide optimal care to you.

This personal data includes:

The categories of data we process in relation to our patients are:

Third Parties:

We never pass, sell, rent or lease your personal details to a third party unless we have a contract for them to process data on our behalf and will otherwise keep it confidential. If we intend to refer a patient to another practitioner or to secondary care such as a hospital we will gain the individual’s permission before the referral is made and the personal data is shared

Lawful basis for processing special category data such as patients’ health data:

Lawful basis for processing personal data such as name, address, email or phone number:

2. Why we hold information about you:

We need to keep comprehensive and accurate personal data about our patients in order to provide them with safe and appropriate care. Although Farleigh Clinic is an independent private clinic, we also need to process personal data about you in order to provide care should we need to refer patients to an NHS resource such as hospital, clinical specialist or other specialised resource.

3. How we process personal data that we hold about you:

Retaining information

The retention period for special data in patient records is a minimum of 10 years and may be longer for complex records in order to meet our legal requirements. The retention period for staff records is 6 years. The retention periods for other personal data is 2 years after it was last processed. Details of other retention periods are available in the Record Retention (M 215) procedure available from the practice.

You have the following personal data rights:

Further details of these rights can be seen in our Information Governance Procedures (M 217C) or at the Information Commissioner’s website (link:

Here are some practical examples of your rights:

4. Security of information

Personal data about you is held in the practice’s computer system and/or in a manual filing system. The information is not available or accessible to the public. Access is strictly controlled - only authorised members of staff have access to it. Our computer system has secure audit trails and information backups are carried out routinely.

Our website management partner does not have access to the practice's computer system or manual filing system. Any data requests made to our website management partner for patient information or personal data will be referred to the practice team for consideration or actioning.

Our website exists as a completely separate system to the practice's computer system.

Our website management partner may on occasion interact with a correspondent on our behalf in non-treatment matters, such as where an enquiry is made regarding the website or any social media channels we may use from time to time.

5. Information Disclosure

In order to provide professional and safe care, we may need to disclose personal information about you to any of the following:

-your general medical practitioner

 -the hospital or community services

 -other health professionals caring for you

 -the Inland Revenue

-a carer, parent or guardian, where a patient requires a carer, parent or guardian to be present to supervise the patient.

6. Comments, suggestions and complaints regarding data processing:

Please contact our designated Data Protection Officer, [name], at the practice for a comment, suggestion or a complaint about your data processing at or 020 8657 4477 or by writing to or visiting the practice at 10 Old Farleigh Road, Selsdon, South Croydon, Surrey, CR2 8PB. We take all complaints very seriously.

If you are not happy with our response to a request or enquiry, or if you require advice, you should contact the Information Commissioner’s Office (ICO). The ICO's telephone number is 0303 123 1113, and you can also chat with an advisor online at the ICO website. The ICO are able to investigate claims and take action against individuals or organisations that are found to have misused personal data. You can also visit their website for information on how to make a data protection complaint. The ICO website can be accessed at

See also:

Terms & Conditions and Integrated Privacy Policy