This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
1. Who are we?
A. R. G. C. Limited (t/a ARGC), a company registered in England (Companies House registration number: 04038272) and having our registered office at 124 Finchley Road, London NW3 5JS. (‘We’) are committed to protecting and respecting your privacy.
For the purposes of the Data Protection Act 1998, the General Data Protection Regulation (EU Regulation 2016/679) (GDPR) and any subsequent UK legislation enshrining the provisions of the GDPR in UK law (together the Data Protection Legislation), we are the data controller.
ARGC is registered with the Care Quality Commission (CQC) as an independent healthcare provider in England. We provide independent healthcare services in the form of the following regulated activities:
• Treatment of disease, disorder or injury
This includes private consultations, physical examinations, health assessments and prescribing of medicines in relation to treatment of male and female infertility, assisted conception treatments, and embryo freezing and storage. ARGC provides a comprehensive range of IUI/IVF/ICSI treatments as well as embryo/polar body biopsy for pre-implantation genetic screening and diagnosis.
• Diagnostic and screening procedures
These include diagnostic investigations such as hysteroscopies, blood tests and referrals to other healthcare specialists as necessary.
• Surgical procedures
We carry out minor surgical procedures using sedation anaesthesia such as egg collections, surgical sperm retrieval, trans vaginal egg collections, embryo transfers and cyst aspirations.
ARGC carries out consultations, examinations and IVF treatments in accordance with patients’ individual wishes but always subject to strict medical assessment for suitability and also in strict accordance with the Human Fertilisation and Embryology Authority (HFEA) Code of Practice.
2. Protecting your data and GDPR
Protecting data has always been a priority for ARGC. However, with the introduction of the General Data Protection Regulation (GDPR) on 25 May 2018 we have reinforced our commitment to ongoing data protection management. We have improved our policies, processes and systems in line with the requirements of the GDPR as we continue to make data protection a priority.
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. The GDPR was enforced in the UK on 25 May 2018.
GDPR is only a part of the overall data protection framework. The Government has introduced a Data Protection Bill into Parliament. Once the UK leaves the EU, the Bill will help ensure that the standards of the GDPR are enshrined in UK law, and it also extends data protection laws to areas which are not covered by the GDPR (such as law enforcement).
4. What we are doing in relation to GDPR?
ARGC handles personal data and we are committed to maintaining our compliance with the requirements of GDPR. Steps that we have taken, and are taking, include:
• Analysing and improving our internal systems and processes.
• Improving our privacy information in line with the new requirements.
• Training our staff on the new requirements and new internal procedures.
• Reviewing and updating all of our contracts where required.
5. Personal data
Personal data is defined by the GDPR as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular reference to another identifier’. In simpler terms, this means any information about you that enables you to be identified.
We will collect and process personal information about you that you give us verbally in consultation with our healthcare professionals, by filling in new patient registration forms or by corresponding with us or our third-party sub-contractors by phone or e-mail. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information.
We will also request personal information relating to your health and medical history; this is called Special Category Data.
An example is when we collect information from you when you register as a new patient at ARGC. We will ask you complete a registration form and answer some questions about your personal health. Once you see a doctor or healthcare professional during your appointment at ARGC, a healthcare record will be created about your personal health.
6. What type of information do we collect from you?
The personal information we collect includes your name, date of birth, home address, email address, contact telephone number, and emergency contact details. If you have attended ARGC for an appointment in the past, we will have a record of that previous contact.
The healthcare information we collect is specifically about your personal health. This includes information about your past medical history, any current medicines you are taking, and a description of any health issues that you are experiencing. If you have any tests carried out such as blood tests, X-rays or scans, we will keep the tests results in your healthcare record. If you have been referred to a healthcare specialist outside of ARGC, we will keep any correspondence from the specialist in your healthcare record.
7. How do we use your information?
ARGC collects and holds personal information for the sole purpose of providing a healthcare service to patients. Your personal information is used to identify you as a patient who has used the ARGC independent healthcare service.
Your healthcare information is used by our doctor and healthcare professionals to recommend the best treatment for you.
We use patients’ healthcare records to audit and monitor the quality of the ARGC service. For example, we may audit the records of patients who have had a particular treatment to see how well it has worked. When we carry out any audits, we never use any information that could identify a patient such as a name, address, or date of birth.
8. Who has access to your information?
The processing of your personal information and medical information is accessed only by the ARGC staff. Every member of staff who works for ARGC has a legal obligation to keep information about you confidential. Our staff include medical practitioners, a manager, administration and reception staff.
Your medical information may be shared with another healthcare specialist outside of the ARGC if our doctor or healthcare professionals feel that you would benefit from seeing a health specialist. Such healthcare specialists may be based within the National Health Service (NHS) or at an independent healthcare provider. However, this will only be done after this has explained this to you and only if you give your consent to do so.
We ensure that all information we hold is kept confidential. However, we are obliged to disclose personal information if it is required by law, or it is justified in the public interest.
Our external healthcare regulators, the CQC and the HFEA look at healthcare records as part of their inspection processes of the ARGC service.
We do not sell or rent your personal information to any third parties outside of ARGC. We do not share your information with any third parties for marketing purposes.
9. Consent and agreement
By agreeing to this privacy notice, you are giving ARGC permission to process your personal data specifically for the purposes identified. You are able to withdraw your consent at any time. Please contact us if you wish to discuss this.
10. Your rights and access to your information and correction
You have the right to make a request to ARGC for a copy of the information that we hold about you. If you would like a copy of some or all of your personal information please ask us by writing, telephoning or emailing us at:
13 Upper Wimpole Street
London W1G 6LP
Tel: 020 7468 1230
We want to make sure that your personal information is accurate and up to date and are very happy to remove or amend any information that you think is inaccurate.
If you would like a copy of the healthcare information, we hold about you, we may need to ask you some additional questions about your reasons for requesting the information. Healthcare information is known as sensitive data under GDPR regulations.
11. Data security
When you give us your personal information, we take steps to ensure that it is treated securely. Any information we hold about you in paper format is held securely in locked filing systems. Any information we hold about you in electronic format is held securely on our computer system.
12. Retaining your data
We adhere to the code of practice in managing healthcare records and will only hold your personal data for the minimum period necessary.
We will hold your personal health information for a period of 50 years after you have been discharged from the ARGC healthcare service. After this time, your records will be destroyed. For more information, please contact us.
13. Use of ‘cookies’