Privacy Notice for Quantock Vale Surgery

Quantock vale surgery Privacy Notice

 Last updated: November 2025

At Quantock vale surgery, we are committed to protecting your privacy and ensuring that your personal information is handled in a safe and secure way. This Privacy Notice explains what information we collect about you, how we use it, and what your rights are.

  1. Who We Are

Quantock vale surgery
Address: Mount street, Bishops Lydeard, Taunton. TA4 3LH
Telephone: 01823 432361
Data Protection Officer: Kevin Caldwell

(Email: somicb.GPDPO@nhs.net or Telephone: 01935 384000)

As a GP practice, we are a “data controller” under UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

  1. What Information We Collect

We collect and process the following types of personal data:

Personal information

  • Name, address, date of birth, NHS number, contact details
  • Emergency contact details

Health information (special category data)

  • Medical history and conditions
  • Medications, allergies, test results
  • Consultations, notes, referrals and treatment records

Other information

  • Communications with the practice (letters, forms, emails, phone recordings where applicable)
  • Information from other health and social care providers
  1. How We Use Your Information

We use your information to:

  • Provide safe and effective healthcare
  • Make referrals to hospitals or other healthcare providers
  • Prescribe medication
  • Carry out tests, examinations, and treatments
  • Maintain accurate and up-to-date clinical records
  • Communicate with you (e.g., appointment reminders, test results)
  • Support public health initiatives
  • Manage our services, including audits and quality improvement
  • Meet legal and regulatory obligations

We process health data under Article 6(1)(e) and Article 9(2)(h) of the UK GDPR (provision of health or social care).

  1. Sharing Your Information

We may share your information with:

  • NHS organisations (hospitals, community teams, mental health services)
  • Other GP practices (if you move practices)
  • Pharmacies and prescribing services
  • Social care providers
  • Diagnostic and screening services
  • NHS England, ICBs (Integrated Care Boards)
  • Out-of-hours and urgent care providers
  • Public health authorities (e.g., immunisation and disease monitoring)
  • Third-party service providers supporting our IT and administrative systems

We only share information when it is necessary, lawful, and proportionate.

 

  1. How We Store Your Information

Your medical records are stored securely on NHS-approved systems.
We retain data in line with NHS Records Management Code of Practice, typically:

  • GP medical records: retained until 10 years after death
  1. Your Rights

You have rights under data protection law, including:

  • Right to access your records
  • Right to correct inaccurate information
  • Right to object to certain processing
  • Right to make a complaint

To exercise these rights, please contact us at: somicb.quantock.vale@nhs.net

National data opt-out: The national data opt-out enables patients to opt-out from the use of their personal confidential data for research or planning purposes. To find out more or to register to opt out, please visit: NHS Your Data Matters Website https://www.nhs.uk/your-nhs-data-matters/

If you have any concerns about use of your data not covered by the National Data Opt out, please contact the practice.

You can also complain to the UK Information Commissioner’s Office (ICO):
www.ico.org.uk

  1. How to Contact Us

If you have questions about this Privacy Notice or how we handle your data, please contact:
Andy Adams (practice manager) or Dr David Yick (caldicott guardian)
Email: somicb.quantock.vale@nhs.net
Telephone: 01823 432361