Privacy and cookies policy

We are committed to protecting the privacy of all individuals using this website and our services

The following statement is the privacy notice of Preventicum UK Limited. Preventicum UK Limited is part of the InHealth Group. It sets out how and why we may collect and use your personal data including when you are using the Preventicum website. Preventicum owns and operates this website.

Introduction and general terms

We are committed to protecting and respecting your privacy and ask that you read this notice carefully. It explains when and why we collect personal data about you, how we use it, the conditions under which we may disclose it and how we keep it secure.

Who are we?

We are Preventicum UK Limited, registered in England and Wales under company number 05149731 with our registered office at Burnham Yard, London End, Beaconsfield, Buckinghamshire, England, HP9 2JH

What type of personal data do we collect and how do we do it?

Personal data is any information that relates to you and can be used to identify you.

We may collect and process personal data when you engage with us including:

  • When you use our website, including filling in forms
  • When you communicate with us about our services
  • In the course of receiving services, such as providing information to our staff or responding to requests from staff during a scan
  • If you respond to a request from us to a survey

The types of personal data that we may collect from you include the following:

  • Name and contact information such as email, address and phone number
  • Information related to your job if it is relevant to your care and treatment
  • Details of the services you have accessed
  • Treatment notes and reports about your health and any treatment you have received
  • Your feedback and treatment outcome information
  • Information surrounding complaints and incidents which may have arisen
  • Recordings of calls, inbound and outbound
  • Any other personal information we collect in the ordinary course of providing our services or in operating our business or in connection with your enquiry or healthcare pathway

We collect personal data about you so that we can:

  • Identify you
  • Manage your enquiry
  • Deliver our services to you
  • Improve our services by statistical analysis

Information about your health, racial or ethnic origin, genetic and biometric data and sexual orientation is classified as ‘special category data’. We will only process this information on the basis that it is necessary for medical diagnosis, the provision of health care services, for research purposes, or with your consent.

If you give us data on behalf of someone else, you confirm that the other person has appointed you to act on their behalf and has agreed that you can:

  • Give consent on their behalf to the processing of their personal data
  • Receive on their behalf any data protection notices

Most of the personal data we process is provided to us directly by you. However, sometimes we will receive personal data and special category personal data from third parties.

In these cases, you will typically have consented to the sharing of your personal data by such persons for the purpose of your treatment. We will use your personal data to improve our services to you. We may share this data with such persons or third parties as are necessary to enable your healthcare to be delivered.

Under data protection legislation (including Data Protection Act 2018 and the UK General Data Protection Regulation), we may only process your personal data if one of the following lawful bases applies, which will be considered on an individual basis.

(a) We have your consent.

(b) We have a contractual obligation with you that requires us to process your personal data

(c) We have a legal obligation to process your personal data

(d) We have to protect your vital interests

(e) We need it to perform a public task

(f) We have a legitimate interest to process your personal data

The lawful basis we will usually apply for processing your personal data is our legitimate interest to do so.

The legitimate interest is for the purpose of delivering services to you. Processing is necessary to achieve this where we are acting asa data controller of health data and we need to book patients for appointments and perform, and report, clinical practice.

What we do with the information we have?

The purpose we need to process your data is for some or all the following reasons:

  • For the purpose of your treatment
  • Compliance with legal, regulatory and corporate governance obligations and good practice
  • Gathering information as part of inspections by regulatory bodies or legal proceedings or requests
  • Operational reasons, such as recording services, training, and quality control
  • Staff administration and assessments, monitoring staff conduct, disciplinary matters
  • Improving our services by conducting statistical analysis and research (in this case your data will be anonymised meaning your data will not be identifiable to you)
  • Enabling us to meet your healthcare pathway generally

Monitoring and recording communications

We may monitor and record communications with you (such as telephone conversations and emails) for quality assurance, training, fraud prevention, and compliance purposes.

How is your personal data used and stored?

Your personal data is securely stored on locations which are strictly governed by our data security framework. This provides appropriate organisational and technical security measures to prevent unauthorised accessor unlawful processing of your personal data and to prevent personal data being lost, destroyed or damaged. We continually strive to ensure our data security framework offers a robust defence against breaches of data security including through audits. InHealth Group is accredited with ISO9001 Quality Management System and ISO27001 Information Security Management Standard.

Your personal data will not be transferred outside the UK unless:

The country or territory (such as the European Economic Area) is deemed by the UK government to provide an adequate level of protection for personal data; or

One of the mechanisms set out in the legislation has been put in place, e.g. where one of the ‘appropriate safeguards’ listed in data protection legislation has been put in place or a specific exception applies.

For how long do we hold your personal data?

We will hold your personal data on our systems only for as long as is necessary to respond to and manage your enquiry. Should you engage with our services, we will process your data in accordance with our Privacy Notice.

We will hold your personal data only for as long as it is necessary in accordance with the InHealth Data Retention Policy which is available on request.

Where you have provided consent for us to process your personal data, you have the right to withdraw your consent at any time.

Who has access to your personal data?

We may disclose your personal data to our parent company InHealth Limited for billing and payment purposes only. We will not pass on your personal data obtained through our website to any third party except as required by law.

Use of cookies

A cookie is a small text file which is placed onto your computer (or other electronic device) when you use our website. We use cookies on our website.

Google Analytics uses cookies to collect visitor information, including your IP address from our website. We can then access this information to help us understand how visitors use our site and to improve the website.

If you would like to find out more about cookies, or how you can stop their use in your browser (although please be aware that this may mean that some functions of the site are no longer available to you), please visit www.allaboutcookies.org or view information from Google here.

What rights do you have?

Under data protection legislation, you have rights including:

Right of access: you have the right to ask us for copies of your personal data. This is called a “Subject Access Request”.

Right to rectification: you have the right to ask us to rectify personal data you think is inaccurate or to complete information you think is incomplete.

Right to erasure: you have the right to ask us to erase your personal data in certain circumstances.

Right to restriction of processing: you have the right to ask us to restrict the processing of your personal data in certain circumstances.

Right to object to processing: you have the right to object to the processing of your personal data in certain circumstances.

Right to data portability: you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

Right not to be subject to solely automated decisions: you have the right including related to profiling not to be subject to processes that do not involve human intervention.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

We will need to verify your identity by reference to your driving licence, passport, and utility bill or similar showing your name and address. To exercise any of these rights please contact us.

Lodging a complaint

If you have reason to complain about how your personal data has been controlled and/or processed by us, please contact us by email at complaints@preventicum.co.uk.  We shall try to resolve your queries promptly and, if you remain unsatisfied, you have the right to contact the Information Commissioner’s Office.

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk

How to exercise your data protection rights and contact us

If you have any questions about this privacy notice or the personal data we hold about you or you wish to exercise any of your rights, please contact us on:

Name: Data Protection Officer

Address: Preventicum, Cursitor Street, off Chancery Lane, London WC2A 1EN

Phone: +44 (0) 20 7605 6900

Email: info@preventicum.co.uk

Do Not Track (DNT)

Please note that this website does not monitor or respond to Do Not Track browser requests.

Changes to the Privacy Notice

We may change this Privacy Notice from time to time. You should check this notice occasionally to ensure you are aware of the most recent version that will apply each time you access this website.

Last Revised  |  June 2025

Schedule a call with our Client Relations Team

Talk to us