Privacy Policy
1. Who We Are
We are Stirling Private Medical Group Limited (“SPMG”) is a private limited company registered in Scotland.
Company Registration Number: SC812092
Registered Office: Balallan House, 24 Allan Park, Stirling, Scotland, FK8 2QG
VAT number: GB472981259
Data Protection Registration number: ZB739566
Unless we say otherwise, we use the terms "SPMG", "we", "our” and "us" to refer to Stirling Private Medical Group Limited throughout our website.
As a Data Controller, we care about your privacy and are committed to processing your personal data fairly, transparently, and in accordance with all applicable data protection law, including the Data Protection Act 2018 and the General Data Protection Regulation (including, from 1 January 2021, the General Data Protection Regulation as transposed into domestic UK law).
1. Why we collect Personal Data
We collect and process personal data for the sole purpose of providing healthcare services to our patients.
2. When we collect Personal Data
We collect and process personal data that you provide when you request information about our services.
3. What personal Data we collect
We may collect and process personal data including:
identity data, including title, name, date of birth, address, email and telephone numbers.
clinical data, including Summary Care Record, appointments, treatment, and any relevant information from other health professionals, relatives or those who care for you.
marketing and communications data, including email and telephone numbers.
transaction data, including payment card details, payments to and from you, and other details of products and services you have purchased from us.
4. How we use personal Data
Purpose: to respond to a query or request for services.
Lawful basis for processing: Consent and Legitimate Interest, which we have balanced with the interests of our customersPurpose: to respond to a query or request for services.
Lawful basis for processing: Consent and Legitimate Interest, which we have balanced with the interests of our customersPurpose: to provide services.
Lawful basis for processing: Consent, ContractPurpose: to maintain customer records.
Lawful basis for processing: Consent and Legitimate Interest, which we have balanced with the interests of our customers
5. When we disclose personal Data
We do not share your personal data with any other healthcare organisation without your express permission. and we don’t share it with anyone else, unless required by law.
6. Your personal data rights
Individuals have the following rights to their personal data under the UK GDPR:
Informed - the right to know what personal data is being processed, and for what purpose.
Access - the right to access the personal data we may hold about you.
Rectification - the right to have inaccurate personal data rectified or completed.
Erasure - the right to request us to delete any of your personal data.
Restrict processing - the right to request the restriction or suppression of personal data.
Data portability - the right to obtain and reuse personal data for their own purposes across different services.
Object - the right to object to the processing of personal data in certain circumstances.
Rights related to automated decision-making, including profiling.
If you would like to exercise any of these rights, or are in any way concerned about the way we collect and use personal data, please contact us at dpo@stirlingprivatemedicalgroup.com and we’ll do our best to help.
If you are unhappy with the way in which we’ve handled your personal data, you have the right to contact the Information Commissioner’s Office.
7. How we keep youR personal Data safe
We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal data we process.
However, despite our safeguards and efforts to secure your data, no electronic transmission over the Internet or information storage technology is infallible, so we cannot guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
Although we will do our best to protect your personal data, transmission of personal data to and from our Services is at your own risk. You should only access the Services within a secure environment.
8. How long we retain personal data
We only keep your personal data for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law.
When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymise it.