SAME-DAY APPOINTMENTS AVAILABLE  •  MEMBERSHIP FROM £30/month  •  020 7736 7557  •  29 BASUTO ROAD, LONDON, SW6 4BJ

Basuto Medical Centre

PRIVATE GP • FULHAM • SW6

Book an Appointment

Privacy Policy

How Basuto Medical Centre collects, uses, and protects your personal and medical information.

Last updated: March 2026

1. Who We Are

Basuto Medical Centre is a private GP practice located at 29 Basuto Road, Fulham, London SW6 4BJ. We are registered with the Care Quality Commission (CQC) and operate under the oversight of a GMC-registered medical practitioner.

For data protection purposes, Basuto Medical Centre is the data controller. Our website address is https://hormonetherapy.uk. You can contact us at 020 7736 7557 or by writing to the address above.

2. What Data We Collect

We collect the following categories of personal data:

Identity and contact data: name, date of birth, address, email address, telephone number, NHS number (where applicable).

Medical data: clinical notes, diagnoses, prescriptions, test results, referral letters, vaccination records, and other health-related information necessary for your care. This constitutes special category data under UK GDPR.

Financial data: payment card details (processed securely via our payment provider), membership and billing records.

Website data: IP address, browser type, pages visited, and cookies (see Section 8 below).

3. How We Use Your Data

We process your personal data for the following purposes:

Provision of medical care: to diagnose, treat, and manage your health. Legal basis: legitimate interests and vital interests; for medical data, the processing is necessary for the provision of health care (UK GDPR Article 9(2)(h)).

Appointment management: to book, confirm, and remind you of appointments. Legal basis: performance of a contract.

Membership and billing: to manage your membership subscription and process payments. Legal basis: performance of a contract.

Communication: to respond to your enquiries, send appointment reminders, and provide health updates relevant to your care. Legal basis: legitimate interests.

Legal and regulatory obligations: to comply with CQC requirements, safeguarding duties, public health reporting, and other legal obligations. Legal basis: legal obligation.

4. Who We Share Your Data With

We may share your personal data with:

Other healthcare providers: specialist consultants, hospitals, laboratories, pharmacies, and your NHS GP (with your consent) as part of your ongoing care.

Regulatory bodies: the CQC, GMC, and public health authorities where legally required.

Service providers: our appointment booking system (Semble), payment processor (Stripe), and website hosting provider. These processors act only on our instructions and are contractually bound to protect your data.

We will never sell your personal data to third parties or share it for marketing purposes without your explicit consent.

5. How Long We Keep Your Data

Medical records are retained in accordance with NHS and Department of Health guidelines, typically 10 years after your last interaction (or until the patient reaches age 25 for paediatric records, whichever is longer). Financial records are retained for 7 years as required by HMRC. Website analytics data is retained for 26 months.

6. Your Rights

Under UK GDPR, you have the right to:

Access your personal data (Subject Access Request).

Rectify inaccurate data we hold about you.

Erase your data in certain circumstances (note: medical records may be exempt).

Restrict or object to processing in certain circumstances.

Data portability — receive your data in a structured, machine-readable format.

To exercise any of these rights, contact us at 020 7736 7557 or write to us at the address above. We will respond within one calendar month.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal and medical data, including encrypted storage, access controls, staff training, and regular security reviews. All electronic medical records are stored in systems that comply with NHS data security standards.

8. Cookies

Our website uses essential cookies required for site functionality. We may also use analytics cookies (such as Google Analytics) to understand how visitors use our website. You can manage cookie preferences through your browser settings. No cookies are used for advertising or tracking across other websites.

9. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

10. Complaints

If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113.

Book Online020 7736 7557