Your Data and Your Rights
This page explains how we look after the personal and health information we hold about you. It tells you how to see your record, change what we share, and complain if you have concerns.
The full legal detail is in our Patient Privacy Notice and its Appendix A.
How we use and share your information, and your choices
We collect information about your health and care so we can look after you. We share it with other parts of the NHS where they need to know, and we use it to support public health, NHS planning and approved research.
Most sharing is for your direct care. For example, we send referrals to hospitals, prescriptions to your pharmacy, and we can see information from out-of-hours services. Some of your information is also used for wider NHS purposes.
You have choices about some of this sharing, including the Type 1 opt-out, the National Data Opt-out, and your Summary Care Record.
The way we use your information is set out in law. We follow the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the common law duty of confidentiality.
How we use and share your information, and your choices
Your rights over your information
You have the right to:
- see the information we hold about you (this is called a Subject Access Request)
- ask us to correct anything that is wrong
- ask us to limit how we use your information in some situations
- object to some types of sharing, including for research and planning
You can also see most of your record online through the NHS App.
How to ask for a copy of your record
Technology we use in your care
We use a range of digital tools to help us look after you. This includes an AI assistant that helps your clinician take notes during consultations, and a system for messaging you and managing online requests.
We tell you what we use, why, and what choices you have.
Technology we use in your care
If you are unhappy: complaining about how we handle your data
If you have concerns about how we have used or shared your information, please tell us first so we can put it right. We will acknowledge your complaint within 30 days and tell you the outcome as soon as we can.
You can also complain to the Information Commissioner’s Office, which is the UK regulator for data protection.
How to complain about how we handle your data
Freedom of Information
You can ask for non-personal information about how the practice is run, like our annual reports or some of our policies. This is called a Freedom of Information (FOI) request.
If you want a copy of your own medical record, that is a Subject Access Request, not an FOI request.
Make a Freedom of Information request
Useful contacts
Practice Manager
The Practice Manager is your first point of contact for Subject Access Requests, data complaints, and most other queries about your information.
Practice Caldicott Guardian
Dr Jason Bolton, GP Partner. The Caldicott Guardian protects the confidentiality of patient information across the practice.
Practice Information Governance Lead and Clinical Safety Officer
Dr James Murdoch, GP Partner. Dr Murdoch oversees information governance and the safe use of clinical IT systems.
Data Protection Officer
Laura Taw, NHS South, Central and West Commissioning Support Unit.
Information Commissioner’s Office (ICO)
The ICO is the UK’s independent regulator for data protection. You can contact them on 0303 123 1113 or at ico.org.uk/make-a-complaint.
Read the full detail
Our Patient Privacy Notice sets out the legal detail of how we use your information. The Appendix A lists every system, organisation and data flow involved in your care, with the legal basis for each.
This page was last updated in May 2026.
