BioFit Health Privacy Policy
Effective Date: 01/09/2025
At BioFit Health, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
BioFit Health is a CQC-registered private healthcare provider offering doctor and practitioner consultations, minor injury management, nutrition advice, medical laboratory testing, gastrointestinal diagnostics, and weight management support.
We comply with the Care Quality Commission’s (CQC) regulations and governance requirements.
2. Information We Collect
We may collect and process the following personal data about you:
Personal identifiers: Name, date of birth, address, contact details.
Medical information: Health history, symptoms, test results, prescriptions, and treatment plans.
Financial information: Payment details for consultations and services.
Appointment data: Records of visits, referrals, and communications.
Technical data: Website usage (cookies, IP address, browsing behaviour) if you use our website.
3. How We Use Your Information
We use your information to:
Provide safe and effective healthcare services.
Arrange consultations, investigations, and treatments.
Process payments and issue invoices.
Refer to third-party laboratories or pharmacies where needed.
Communicate with you regarding appointments, results, or follow-up care.
Meet our legal, regulatory, and safeguarding obligations.
4. Lawful Basis for Processing
We rely on the following lawful bases:
Provision of healthcare (Article 9(2) UK GDPR).
Consent with assessment, diagnosis and treatment.
Legal obligation (e.g. safeguarding, record keeping).
Legitimate interests (e.g. improving services, responding to enquiries).
5. Sharing Your Information
We only share your information when necessary and with your consent (unless required by law). This may include:
Accredited laboratories (e.g. for blood or stool testing).
Pharmacies (for prescriptions such as weight management medication).
Healthcare professionals involved in your care.
Regulatory authorities such as the Care Quality Commission (CQC), General Medical Council (GMC), Nursing and Midwifery Council (NMC), Health and Care Professions Council (HCPC), and other statutory bodies if required.
We never sell your personal data to third parties.
6. Data Storage & Security
Electronic records are stored securely with restricted access.
Paper records (if used) are kept in locked storage.
We apply encryption, secure servers, and regular monitoring to protect your data.
7. How Long We Keep Your Data
We keep your personal and medical records for as long as necessary to provide care and meet legal requirements (typically up to 8 years after your last treatment, or longer if required for children’s records).
8. Your Rights
Under UK GDPR, you have the right to:
Access your data.
Request correction of inaccuracies.
Request deletion of your data (where legally possible).
Restrict or object to certain processing.
Data portability.
Withdraw consent (where processing is based on consent).
To exercise your rights, contact us using the details below.
9. Cookies & Website Use
If you use our website, cookies may be used to enhance your browsing experience. You can adjust cookie settings via your browser.
10. Contact Us
If you have any questions about this Privacy Policy or how we use your data, please visit our ‘contact us’ page.
You also have the right to complain to the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data: www.ico.org.uk