Privacy Policy

About us 

When we refer to "LivingCare" in this document, we are refering to Living Care Group Ltd and its subsidiaries including Fountain Diagnostic Ltd, Livingcare Diagnostics Ltd , Laserslim Cosmetic Services Ltd T/A Skinfinity, Exceed Sports Group Limited and LivingCare Sheffield Limited.

We are LivingCare and we are the data controller for the information we hold about you. A data controller is the organisation that makes decisions about the personal data that is being collected and processed and we are ultimately in charge of and responsible for the processing.

You can contact us in relation to this policy and any queries about it and/or to access your rights by contacting us using the below details.

LivingCare, 4215 Park Approach, Thorpe Park, Leeds, LS15 8GB

Phone: 0113 2494655

Email:  dpo@livingcare.co.uk

We are registered with the Information Commissioners Office (ICO) and our registration number is: ZB586764

At LivingCare , we are committed to protecting and respecting your privacy, informing you of your rights under Data Protection legislation and giving you access to these rights. 

This Privacy Policy sets out important details about information that Living Care and staff responsible for your care and treatment may collect and hold about you, how that information may be used and your legal rights.

We will review this Privacy Policy on a regular basis, and we advise you to check back on our website for the latest version.

1. Who has information about me?

For your healthcare several care providers hold and share information about you, in order to provide safe and effective care.  In our locality for example this maybe shared with your local GP Practice.

Information is shared for your direct care purposes. There may be instances where we are required under legislation to share information, but we will only do so if we have a legal basis. 

2. What information does LivingCare hold about you?

We hold 2 types of data about you.

a) Personal data (data which Identifies you)

  • Personal data only includes information relating to natural persons, i.e. name, phone number, email address, address, date of birth, etc. 
  • Personal data may also include special categories of personal data or criminal conviction and offences data. These are more sensitive, and LivingCare may only process them in more limited circumstances.
  • Pseudonymised data can help reduce privacy risks by making it more difficult to identify individuals, but it is still personal data.

b) Special Category (sensitive data)

This sort of data could include:

  • racial or ethnic origin
  • political opinions
  • religious or philosophical beliefs
  • trade union membership
  • genetic data
  • biometric data (where used for identification purposes)
  • health
  • sex life
  • sexual orientation

3. Information we collect

The information we collect and process about you has either been provided by you or by others involved in your care and treatment (i.e., hospital, community, employers).

This is likely to include your personal data (see definition in section 2)

We may also hold more sensitive information about you (see definition in section 2)

We may collect information from you when:

a) You contact us via telephone calls which may be recorded and retained for a limited period for training and monitoring purposes and to help improve our services.
b) You communicate with us via email, SMS, social media or our website.
c)You visit our clinic for an appointment.

Sometimes we obtain information about you from:

  • other health care providers,

4. How will LivingCare use the information it holds about me?

We use information about you in connection with

  • treatment and/or care,
  • tests or assessments, and
  • medical examinations

We may use your phone number (or email address where you have provided it to us) to contact you in advance of an appointment for reasons connected with your care or treatment.  Where you have provided us with your mobile number or email address, we may send you confirmations/reminders of your appointments via text message or email and we may respond to your email enquiries via email.

We may also use information about you for:

  • quality assurance,
  • maintaining our business records,
  • developing and improving our products and services, and
  • monitoring outcomes where we believe there is a business need to do so and our use of information about you does not cause harm to you.

This may include our staff planning and workload management systems to help support our staff and clinicians to develop and plan the most appropriate levels of care to our patients and to ensure we have got the right levels of productivity and efficiency and good outcomes for patients.

We may also use information about you where there is a legal or regulatory obligation on us to do so (such as the prevention of fraud or safeguarding) or in connection with legal proceedings.

We may also use information about you where you have provided your consent to us doing so.

We do not carry out automated decision making or profiling.

5. Staff access to your personal and sensitive data.

We carefully control who has access to your information.  Staff only have access where they are required to do so to provide direct care or support (i.e., Drs, Nurses, receptionist and secretary).  Where possible we limit the access that staff have on our clinical systems.  We also carry out spot checks and audits to see if there has been any inappropriate access. Where that occurs, disciplinary action may be taken against the staff, and in serious cases court action. If a data breach includes access to your information, we will contact you.  We also have an obligation if it is a serious data breach to inform the Information Commissioners Office.

To reduce risk of a data breach LivingCare have in place robust policies and procedures, and we carry out training for all staff on an annual basis.

All clinical staff providing direct care are registered with the appropriate professional and regulatory bodies, i.e., GMC, NMC, CSP and have a responsibility to uphold the highest standards when handling patient/client information.

6. How we keep your information safe and secure

  • LivingCare is required to complete the NHS Digital Data Security & Protection Toolkit. This is a tool that provides assurance that we are meeting standards on handling patient/client information.
  • We have Data Protection Policies in place to ensure staff understand the ‘must’ or ‘must not do’ with patient/client data.
  • Staff are required to complete induction training in Information Governance and to complete annual update training.
  • Spot checks are carried out across the practice.
  • Our IT is managed by in house IT Team who ensure that all safeguards are in place to protect data held on IT systems are protected and secure from unauthorised access, loss or damage.
  • Where incidents do happen, our investigations will include actions we take and lessons learnt.

7. Will LivingCare share information about me with others?

Yes, we set out these reasons below and assure you that in each case, we share only such information as is appropriate, necessary and proportionate.

Sharing information with those involved in your health assessment, care, or treatment.

  1. We will share your medical information with those involved in your health assessment, care or treatment (such as doctors, nurses and physiotherapists) for direct care purposes.
  2. We will also share information about you with other members of staff involved in the delivery of your direct care for administration purposes (such as our, medical secretaries, receptionists). This will be limited to what is required for them to fulfil their role.
  3. Local NHS hospitals and independent pathology/clinical laboratory services provide LivingCare with support services (such as blood tests) and we may share information about you with these hospitals where required in connection with your care.
  4. We may also share relevant parts of your medical information with other private organisations and the organisation paying for your treatment (for example your insurance company). 
  5. We may share information about you with anyone you have asked us to communicate with or whose details you have provided as an emergency contact (such as your next of kin).

8. Sharing information with third parties who are not involved in your health assessment, care or treatment

We may share information about you with external organisations such as:

  • our lawyers,
  • auditors,
  • Insurance companies
  • NHS organisations, and
  • regulatory bodies such as the CQC and ICO.
  • our marketing team

We will only do this where we have a legal basis to do so or with your consent

We may also share information about you with third party suppliers, which provide us with

  • electronic patient record systems
  • radiology imaging archiving and reporting systems.
  • Endoscopy management systems.

We may also share information about you with those providing us with information technology systems, this includes:

  • an incident management and recording system, and
  • a system for electronic prescribing as well as
  • other clinical and non-clinical software applications that are required for us to deliver our services

In each case, we would share only such information as was relevant, necessary and proportionate.

9. Sharing with regulators or because of a legal obligation

We may share information about you with our regulators, including the

  • Care Quality Commission.
  • Medicines and Healthcare products Regulatory Agency (which ensures medicines and medical devices used in the UK work and are acceptably safe).
  • NHS England (which leads the NHS in England) and the Department of Health (the government department responsible for health and adult social care policy).
  • Health & Safety Executive.
  • UK Health Security Agency.

Sometimes, we are required to disclose information about you because we are legally required to do so. This may be because of a:

  • court order
  • regulatory body has statutory powers to access patients’ or health assessment clients’ records as part of their duties to investigate complaints, accidents, or health professionals’ fitness to practise.

Before any disclosure will be made, we will satisfy ourselves that any disclosure sought is required by law or can be justified in the public interest.

Information about you may also be shared with the police and other third parties where reasonably necessary for the prevention or detection of crime.  On occasion, this may include the Home Office and HMRC.

10. Audits, surveys, and initiatives

In common with all healthcare providers (both NHS and private), we also look at the quality of the care we provide:

  • to patients and health assessment clients and participate in national audits and initiatives,
  • to ensure that patients are getting the best possible outcomes from their treatment and care, and
  • to help patients make informed choices about the care they receive.

We can assure you that your personal information always remains under our control. Any information we provide for national audits and initiatives outside LivingCare will not contain any information in which any patient can be identified unless it is required by law.  Any publishing of this data will be in anonymised statistical form. The Practice may partake in local audits where there has been a Serious Incident in order for to identify any potential clinical risks to yourself or other patients

11. What legal basis does LivingCare have for using information about me?

Data protection law requires that we set out the legal basis for holding and using information about you.  We have set out the various reasons we use information about you and alongside each, the legal basis for doing so.  Given that some information we hold about you is particularly sensitive (as described above), we need an additional legal basis which we have set out in the third column (entitled ‘legal basis for more sensitive information’) explaining our reason for this.

Processing shall be lawful only if and to the extent that at least one of the following applies:

a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
b) processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract.
c) processing is necessary for compliance with a legal obligation to which the controller is subject.
d) processing is necessary to protect the vital interests of the data subject or of another natural person.
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, where the data subject is a child.

For the purpose of delivering your direct health care within the Clinic and sharing your information we use Article 11e) above.

Where we have to share your information because we are required to do so under law, we use Article 11(c) above.

12. Where and for how long does LivingCare store information about me?

The information about you that we hold, and use is held securely in the United Kingdom and stored electronically and in paper format and on secure servers.

No records are stored outside the EEA. 

We retain your records for certain periods (depending on the record) under our records management policy.  LivingCare follows the recommend best practice contained in the NHS Records Management Code of Practice. This is to ensure that information is properly managed and is available whenever and wherever there is a justified need for that information, including:

  • to support patient care and continuity of care.
  • to support evidence-based clinical practice.
  • to assist clinical and other audits.
  • to support our public task
  • to meet legal requirements.

Your records may not be retained in hard copy form where a digital copy exists.

If you would like more detailed information on this, please email us at dpo@livingcare.co.uk.

13. What rights do I have?

Under certain circumstances, you have rights under data protection laws in relation to any personal information that we hold about you.

If you wish to exercise any of the rights set out below, please contact LivingCare using the contact details set out above.

14. Details of your rights are set out below.

  • The right to be informed. This privacy notice forms part of that, but we also aim to keep you fully informed during your consultations, and leaflets when appropriate
  • The right to access your personal information. You are usually entitled to a copy of the personal information we hold about you and details about how we use it.

Your information will usually be provided to you in the form you request, if we are unable to do that, we will inform you. If you have made the request electronically (e.g. by email) the information will be provided to you by electronic means where possible.

You are entitled to the following under data protection law.

Under data protection law we must usually confirm whether we have personal information about you. If we do hold personal information about you, we usually need to explain to you:

  • The purposes for which we use your personal information.
  • The types of personal information we hold about you.
  • Who your personal information has been or will be shared with.
  • Where possible, the length of time we expect to hold your personal information. If that is not possible, the criteria we use to determine how long we hold your information for.
  • If the personal data we hold about you was not provided by you, where we obtained the information from.
  • Your right to ask us to amend or delete your personal information (if appropriate).
  • Your right to ask us to restrict how your personal information is used or to object to our use of your personal information (if appropriate).
  • Your right to complain to the Information Commissioner’s Office.
  • We also need to provide you with a copy of your personal information.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity (this will be proportionate) and ensure your right to access your personal information (or to exercise any of your other rights). We may also contact you to ask you for further information in relation to your request to speed up our response.

We respond to all requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

The right to request correction of your personal information

We take reasonable steps to ensure that the personal information we hold about you is accurate and complete and up to date.  However, if you do not believe this is the case, you can ask us to update or amend it.

The right to request erasure of your personal information

In some circumstances, you have the right to request the erasure of the personal information that we hold about you.  This is also known as the ‘right to be forgotten’.  However, there are exceptions to this right and in certain circumstances we can refuse to delete the information in question.

The right to object to the processing of your personal information

In some circumstances, you have the right to object to the processing of your personal information. This would usually apply to processing for other purposes other than your direct health care i.e., research

The right to request a transfer of your personal information

In some circumstances, we must transfer personal information that you have provided to us to you or (if this is technically feasible) another individual/ organisation of your choice. The information must be transferred in an electronic format.

The right to object.

You can ask us to stop sending processing your information for any other purposes other than your health care.

The right not to be subject to automatic decisions (i.e., decisions that are made about you by computer alone)

You have a right to not be subject to automatic decisions (i.e., decisions that are made about you by computer alone) that have a legal or other significant effect on you.

The right to withdraw your consent

You have the right to withdraw your consent where we rely upon this as a legal ground for processing your information.

To apply any of the Individual Rights above please contact dpo@livingcare.co.uk.

15. DIRECT MARKETING - YOUR RIGHT TO OPT OUT

When you apply for a product with or through us, we may market to you with similar or like for like products.  If you do not want to receive direct marketing from us, we offer simple options to opt-out anytime. You can update your preferences via the unsubscribe link on any marketing emails we send to you.

If you unsubscribe from marketing, we will still send you statements and important information, such as notices that the law says we have to provide to you, as well as tell you about changes to your existing products and services to meet our legal obligations to you.

16. CCTV

We have installed CCTV to:

  • ensure the security of our and your property and the security of our patients and staff
  • monitor the security of our premises.

All CCTV is maintained and overseen by our in house IT department. They are responsible for carrying out compliance audits and reviewing the need for CCTV. CCTV footage may be shared for the detection and/or prevention of crime or fraud. Further information around our use of CCTV can be found in our CCTV policy.

Recordings

  • Telephone calls are being recorded for training and monitoring purposes only.
  • When the Surgery carries out video consultations. The consultation is not stored or recorded within the system; the clinical staff member is required to record observations and outcomes of the consultation directly into your patient’s record in the same way as during a face-to-face consultation

17. The right to complain to the Information Commissioner’s Office

You have the right to complain to the Information Commissioner’s Office if you are unhappy with the way that we have dealt with a request from you to exercise any of these rights, or if you think we have not complied with our legal obligations under data protection law.

Making a complaint will not affect any other legal rights or remedies that you have.

More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/ and the Information Commissioner’s Office can be contacted by post, phone, or email as follows:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 (if you prefer to use a national rate number)

Fax: 01625 524 510

Email: casework@ico.org.uk

For further questions or to exercise any rights set out in this Privacy Policy, please contact us on the contact details provided above to request to speak to the Data Protection Officer. 

Please note that this privacy policy applies to our organisation and the information we collect about you only. For any services, other parties or websites mentioned in this privacy policy or on our website, we do not accept liability and we advise you to read their privacy policies.  

18. HOW WE WILL KEEP YOU UPDATED

LivingCare keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 06 February 2025.

Explore

Treatments & ServicesCliniciansPatientsLocationsAboutArticlesCareersContact

Locations

Thorpe Park Clinic, Leeds
Canon Medical Arena, Sheffield
Robin Lane Health & Wellbeing Centre, Pudsey
Fountain Medical Centre, Morley
Northgate Medical Centre, Pontefract

Legal

Privacy Policy
Cookie Policy
Patient Access to Care
Accessible Information Standards
Feedback & Complaints
Public Interest Disclosure (‘Whistleblowing’)

© 2025 The LivingCare Group. All Rights Reserved

Site by North 53

close