top of page
privacy notice

Suggested for patients aged 12  and over, and adults who have parental responsibility for a patient under 18.


There is a short privacy notice, suggested for younger children and those who need simpler language, at the end of this page.

We are aware that we store and process highly personal and sensitive data about our patients/clients, who are often under 18, and their families.

We want you to be clear why and how we do this, and know your rights.

The new data protection law (GDPR) that  come into force in May 2018 expands the rights of individuals to control how personal information is collected and processed and updates the law for our digital world.

Our privacy policy is compliant with this and  also meets the rigorous standards set for the medical profession by our regulator, the General Medical Council, regarding confidentiality, consent and respect.

Where we get your data  

We collect data that you, your parent or legal guardian have freely given to us. This includes:


  • From our website inquiry form

  • Completion of the self referral form

  • Email contact from you

  • Verbal communication on the phone and in person during appointments

  • Background information (reports, letters,questionnaires) you supplied.


We may be given information by third parties, usually other professionals such as your GP, school or health insurance company, and will store this information securely also.


The data collected includes

  • Standard personal information e.g. contact details, date of birth, payment details

  • Special category information e.g. physical and mental health, criminal records, ethnic background

why we collect, store & Process personal data  


  • to ensure quality and consistency of care via medical records that comply with professional standards

  • Communication with GPs and other professionals

  • Billing and accounting

  • Seeking feedback and outcome monitoring to maintain good service or improve service

  • For audit and our continuing professional development, including professional supervision; for this purpose personal data is anonymised


When you, or your Doctor/another professional on your behalf, request a service from us - usually for an appointment - we require personal, sensitive information (such as your address, date of birth, medical background) in order to provide you with the service. This information needs to be processed and stored  by us. Therefore,  the legal basis for information storage is the ‘contract’ for us to provide you with a service. Occasionally there are other reasons for your data to be stored, but this is rare.

Seeing your personal information     

You are entitled to see the data we hold on you/ your child. Please request this in writing to us via or Dr Pia Menzies, Helios Medical Centre, 17 Stoke Hill, Bristol, BS9 1JN. 

There is usually no fee payable for this information, in line with the GDPR 2018.


We will comply with the request within a month, or, in the very unlikely event that we refuse, will provide you with the reasons why in writing. In this case, you may complain to the Information Commissioner’s Office (ICO) where the decision will be reviewed.

How long do we store personal data for?

We do not wish to keep your personal information for longer than necessary and retain it for the period set out by NHS and GMC guidance:







Medico-legal reports and related documents are kept for 5 years.

Whether paper or digital records, your personal information will then be safely and securely disposed of.

Data retention for age of patient (at case closure) 

  • 0 to 16 years until 25th birthday

  • 17 to 18 years until 26th birthday

  • 18+ years - 8 years from last contact

When do we share your personal information? 

Your personal information will never be passed on for marketing purposes.

It will only be shared with third parties where this is necessary by law (this is rare), for the safety of an individual (this is rare), or to provide you with a service. It is standard practice for GPs to be kept informed about treatment. However, we will discuss sharing information with GPs and other professionals with you and copy you into standard letters written about you/your child.

what are your rights?
  • To be informed about how we use your personal data

  • To request to access your personal data

  • To request your personal data is amended if it is inaccurate or incomplete

  • To request your data is erased when there is no longer a compelling reason for it's continued processing

  • To request restricted processing of your data

  • To object to your personal data being processed

  • When the processing of your data is based on your consent, you have the right to withdraw this consent at any time

To see out more detailed Data Protection Policy or ask any questions, feel free to:

Privacy Notice

(suggested for younger children)


  • Dr Pia Menzies keeps notes about you, to help with your treatment

  • You can see them if you would like to - ask me or your parent

  • Dr Pia Menzies will keep information about you safe

  • This information will only be shown to people who need to see it

  • The information we have about you will be deleted or shredded when it is no longer needed

  • Please let me know, or tell your parent, if there is anything you are unhappy about in your care and treatment - I will try to fix it

bottom of page