07538 431643

Privacy Policy

Updated 11/7/2022

We at Windsor Cardiac Clinic are committed to provide our website users an online experience with useful information, resources and services. We are committed to respecting and protecting your privacy when dealing with your personal information.

Data Protection Laws set out the obligations Windsor Cardiac Clinic has to you for the processing of your personal data. When we use or disclose your personal data we will comply with these laws. Your personal data, by itself or with other data available, can be used to identify you as an individual. Windsor Cardiac Clinic are the Data Controller's and fully complies with UK data protection law.

This privacy and cookie notice provides details about the information we collect about you, how we use it, how we protect it and about your rights. You can contact our Data Protection Officer (DPO), by email at admin@windsorcardiacclinic.co.uk, if you have any questions.

When we refer to ‘we’, ‘us’ and ‘our’, we refer to Windsor Cardiac Clinic.

What personal data may we collect from you?

When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual. Accordingly, we may hold and use personal data about you as a customer, a patient or in any other capacity, for example, when you visit one of our websites, complete a form, access our services or speak to us.  Depending on what services you receive from us this may include sensitive personal data such as information relating to your health.

Personal data we collect from you may include the following:

  • Your name, address and contact details, including email address and home and mobile telephone numbers. If you provide these details, we may use them to contact you unless you ask us not to.  This could include emails, text or voicemail messages
  • Date of birth and gender
  • Your previous and current medical health records whether provided by yourself or third parties
  • The name and contact details (including phone number) of your next of kin. Where you have named someone as your next of kin and provided us with personal data about that individual, it is your responsibility to ensure that that individual is aware of and accepts the terms of this Privacy Policy.
  • Details of referrals, quotes and other contact and correspondence we may have had with you.
  • Personal data about you from third parties, such as insurer providers, referral agencies, sponsors, checks permitted by law.
  • Details of services and/or treatment you have received from us or which have been received from a third party and referred on to us.
  • Medical notes and reports about your health and any treatment and care you have received and/or need, including about clinic and hospital visits and medicines administered.
  • Information obtained from customer surveys
  • Recordings of calls we receive or make.
  • Patient feedback and treatment outcome information, you provide.
  • Information about complaints and incidents.
  • Information you give us when you make a payment to us, such as financial or credit card information.
  • Other information received from other sources, including from your use of websites and other digital platforms we operate or the other services we provide, information from business partners, advertising networks, analytics providers, or information provided by other companies who have obtained your permission to share information about you.

Where you use any of our websites, we may automatically collect personal data about you including:

  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  • Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.

The data that we request from you may include sensitive personal data. This includes information that relates to mental or physical health, racial or ethnic origin (which may include children’s data). By providing us with sensitive personal data, you give us your explicit consent to process this sensitive personal data for the purposes set out in this Privacy Policy.

When do we collect personal data about you?

We may collect personal data about you if you:

  • Visit one of our websites
  • Enquire about any of our services or treatments
  • Register to be a customer or patient with us or book to receive any of our services or treatments
  • Fill in a form or survey for us
  • Carry out a transaction on our website
  • Participate in a marketing activity
  • Make online payments
  • Contact us, for example by email, telephone or social media
  • Participate in interactive features on any of our websites.

In the interests of training and continually improving our services, calls to Windsor Cardiac Clinic Ltd and its agents may be monitored or recorded.

How do we use your personal data?

Your personal data will be kept confidential, secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws, clinical records retention periods and clinical confidentiality guidelines. Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with UK laws and guidelines of professional bodies or for the purpose of clinical audits (unless you object).

Further details on how we use health related personal data are given below.  We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it.  Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.

We may use your personal data to:

  • Enable us to carry out our obligations to you arising from any contract entered into, between you and us, including relating to the provision by us of services or treatments to you and related matter such as, billing, accounting and audit, credit or other payment card verification and anti-fraud screening
  • Provide you with information, products or services that you request from us
  • To notify you about changes to our products or services
  • Respond to requests where we have a legal or regulatory obligation to do so
  • Check the accuracy of information about you and the quality of your treatment or care, including auditing medical and billing information for insurance claims as well as part of any claims or litigation process
  • Support your doctor, nurse or other healthcare professional
  • Assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise, so that these can be properly investigated
  • To conduct and analyse market research
  • To ensure that content from any of our websites is presented in the most effective manner for you and for your computer

The security of your personal data

We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable UK laws.

Personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Where we transfer your personal data outside the EEA, we will ensure that there are adequate protections in place for your rights, in accordance with Data Protection Laws. By submitting your personal data, and in providing any personal data to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.

All information you provide to us is stored securely. Any payment transactions on our website will be processed securely by third party payment processors. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our website, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.

The transmission of information via the internet cannot be guaranteed as completely secure however we aim to ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.

At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email.  Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.

Disclosure of your personal data

Sensitive personal data (including information relating to your health) will only be disclosed to third parties in accordance with this Privacy Policy. This may include the following:

  • A doctor, nurse, carer or any other healthcare professional involved in your treatment
  • Other members of support staff involved in the delivery of your care, such as receptionists and administrative staff
  • Anyone that you asks us to communicate with or provide as an emergency contact, for example your next of kin or carer
  • NHS organisations
  • Department of Health
  • Other private sector healthcare providers
  • Your GP
  • Your dentist
  • Your referring clinician (including their medical secretaries)
  • Third parties who assist in the administration of your healthcare, such as insurance companies
  • Private Healthcare Information Network
  • National and other professional research/audit programmes and registries
  • Government bodies, including the Ministry of Defence, the Home Office and HMRC
  • Care Quality Commission
  • The police and other third parties where reasonably necessary for the prevention or detection of crime
  • Our insurers
  • Debt collection agencies
  • Credit referencing agencies
  • Our third-party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, document management providers and tax advisers
  • Selected third parties in connection with any sale, transfer or disposal of our business
  • We may communicate with these third parties in a variety of ways including, but not limited to, email, post, fax and telephone

Where a third-party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws. We may also disclose your personal data to third parties in the event that we sell or buy any business or assets or where we are required by law to do so.

What do we do with any non-personal information collected when accessing the website?

Certain information which you submit may also be collected to enable us to better understand our customers, to improve our website, to inform general marketing and to help provide a better experience of our services.  We may use cookies to do this. We may also use other companies to set cookies on our websites and gather cookie information for us – please refer to the information detailed below. From time to time we may also analyse Internet Protocol (IP) addresses or other anonymous data sources.


Our websites use cookies to distinguish you from other users of our websites. This helps us to provide you with a good experience when you browse our websites and also allows us to improve our websites. By law, website operators are required to ask for a website user’s permission when placing certain kinds of cookie on their devices for the first time. 

A cookie is a small file which asks permission to be placed on your device computer's hard drive when you visit a website. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual like letting you navigate between pages efficiently, remembering your preferences, and generally improving your user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.

Category 1 Cookies
These cookies are essential in order to enable you to move around our websites and use its features, such as accessing secure areas of the websites. We use these types of cookies. Without these cookies, services you have asked for cannot be provided. Your consent is not required for the delivery of those cookies which are strictly necessary to provide services requested by you.

Category 2 Cookies
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages and used to improve how a website works.. These cookies don’t collect information that identifies a visitor. Information collected us aggregated and anonymous. Web analytics that use cookies to gather data to enhance the performance of a website fall into this category. We use these types of cookies. By using our website and online services you agree that we can place these types of cookies on your device.

Category 3 Cookies
These cookies allow our websites to remember choices you make (such as your user name, language or the region you are in) and provide enhanced and personalised features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video. The information these cookies collect is generally anonymised and they cannot track your browsing activity on other websites. We use these types of cookies. By using our websites these you agree that we can place these types of cookies on your device.

Category 4 Cookies
These cookies are used to personalised adverts. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of an advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Targeting or advertising cookies will often be linked to site functionality provided by other organisations. We do not use these cookies on our website.

Definitions used above are consistent with those supplied by the International Chamber of Commerce ‘ICC UK Cookie Guide’ April 2012.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies however if you use your browser settings to block all cookies (including essential Category 1 Cookies) you may not be able to access all or parts of our websites.  For information on how to delete cookies, please refer to: use https://ico.org.uk/for-the-public/online/cookies


It is our policy not use your data for marketing purposes

Accessing and updating your information

The law gives you certain rights in respect of the personal data that we hold about you. Below is a short and not exhaustive overview of the most commonly-used rights. With some exceptions designed to protect the rights of others, and subject to payment of a small administrative fee (currently £10, or up to £50 for paper-based health records), you have the right to a copy of the personal data that we hold about you.

You have the right to have the personal data we hold about you corrected if it is factually inaccurate. It is important to understand that this right does not extend to matters of opinion, such as medical diagnoses. If any of your personal data has changed, especially contact information such as: email address, postal address and phone number please get in touch with us at admin@windsorcardiacclinic.co.uk so we can ensure your personal data is kept up to date.

If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email admin@windsorcardiacclinic.co.uk In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to such a request.

If you are not satisfied with how we handle your request, you can contact the Information Commissioner’s Office on 0303 123 1113 or visit their website (http://www.ico.org.uk).

Changes to our Privacy Policy

We keep our Privacy Policy under regular review and as a result it may be amended from time to time without notice. As a result, we encourage you to review this Privacy Policy regularly.


If you have any questions in relation to our privacy policy, please e-mail us at admin@windsorcardiacclinic.co.uk