Privacy Policy

KONCEPT® Medical Clinic

Last updated: 20/01/2026

How We Use Your Information

This Privacy Notice explains how KONCEPT® Medical Clinic (“we”, “us”, “our”) collects, uses, stores, and protects personal information about our patients and website users.

KONCEPT® Medical Clinic is committed to protecting your privacy and managing personal data responsibly, transparently, and lawfully.

We process personal data in accordance with:

UK General Data Protection Regulation (UK GDPR)
Data Protection Act 2018
Human Rights Act 1998
Common Law Duty of Confidentiality
Health and Social Care Act 2012

Who We Are

KONCEPT® Medical Clinic is a private medical clinic providing:

GP services
Dermatology services
Aesthetic treatments
Laser treatments
Occupational health services

KONCEPT Medical Clinic is the Data Controller for the personal data it collects and processes.

Website: https://konceptmedicalclinic.com
Email: info@konceptmedicalclinic.com

Our Duty of Confidentiality

All healthcare professionals working at KONCEPT® Medical Clinic have a legal, professional, and ethical duty to protect patient confidentiality.

We ensure that personal confidential data is:

Processed fairly and lawfully
Used only for legitimate purposes
Accessed strictly on a need-to-know basis
Kept secure at all times

What Information We Collect

We may collect and hold the following information:

Personal details (such as name, address, date of birth, contact details, next of kin)
Medical history and other health information
Appointment, consultation, and treatment records
Medical questionnaires completed prior to appointments
Results of investigations, tests, or procedures
Communications between you and the clinic
Payment and billing-related information (we do not store full card details)

Health information is classified as special category data and is afforded additional protection under UK GDPR.

How We Collect Your Information

We collect information:

When you book appointments online or in clinic
When you complete medical questionnaires prior to appointments
During consultations, examinations, and treatments
Through secure patient portals
Via enquiry forms on our website
Through email, telephone, or written communication

Consent for treatment is obtained in clinic prior to consultations or procedures.

How Your Information Is Used

Your information is used to:

Provide safe and effective medical care
Maintain accurate and complete medical records
Communicate with you about appointments, treatment, and follow-up
Support patient safety and clinical governance
Process payments for services
Improve the quality of services we provide
Meet legal, regulatory, and professional obligations

Data Sharing

We only share personal information when it is necessary and lawful to do so. This may include sharing information with:

Healthcare professionals involved in your care
Diagnostic and laboratory service providers
Payment processing providers
IT, software, and clinical system providers
Regulatory or legal authorities where required by law

All third parties are required to handle personal data securely and in accordance with data protection legislation.

You may object to certain types of data sharing; however, this may affect the services we are able to provide. This will be explained to you where relevant.

Data Storage and Security

Patient information is stored securely within GDPR-compliant clinical systems used by the clinic.

Access to personal data is restricted to authorised staff and is limited to what is necessary for their role.

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.

Website Use, Cookies & Analytics

Our website uses cookies and similar technologies to:

Improve website functionality
Understand how visitors use our website
Support marketing and advertising activity

This includes the use of analytics and social media tracking tools.

You can manage or disable cookies through your browser settings or via our cookie notice.

Marketing Communications

We may send you marketing communications by email where you have chosen to receive them.

You can opt out of marketing communications at any time by:

Clicking the unsubscribe link in any marketing email
Contacting us at info@konceptmedicalclinic.com

Opting out of marketing communications will not affect your access to medical care or services.

How Long We Keep Your Information

Medical records are retained in line with legal, regulatory, and professional guidance.

Other personal data is kept only for as long as necessary for the purpose for which it was collected.

Your Rights Under UK GDPR

You have the right to:

Access your personal data
Receive a copy of the data we hold about you
Request correction of inaccurate or incomplete data
Request deletion of personal data where legally permitted
Request restriction of processing
Object to certain types of processing
Withdraw consent where processing is based on consent
Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, please contact:
📧 info@konceptmedicalclinic.com

Access to Your Records (Subject Access Requests)

You have the right to request access to personal data that we hold about you.

If we hold information about you, we will:

Explain what data we hold
Explain why we hold it
Explain who it may be shared with
Provide a copy in an intelligible format

Requests are normally provided free of charge, unless they are manifestly unfounded or excessive.

Changes to This Privacy Notice

Any changes to this Privacy Notice will be published on our website and made available at the clinic.

Complaints

If you have any concerns about how your personal data is handled, please contact us first at:
📧 info@konceptmedicalclinic.com

You also have the right to raise a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk

Data Controller

KONCEPT® Medical Clinic is the Data Controller responsible for keeping your personal information secure and confidential.