Privacy policy.

Introduction

Dr. Shweta Mehta (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with us, visit our website, or use our services. It complies with the General Data Protection Regulation (GDPR) and other applicable UK data protection laws.

Please read this Privacy Policy carefully. By using our services, you consent to the practices described in this policy.

1. Information We Collect

Personal Data

We may collect the following personal data from you:

  • Contact details: Name, email address, phone number, and postal address.

  • Medical information: Relevant health data required for consultations and treatments.

  • Financial information: Payment details for billing purposes.

  • Communication data: Information you provide when contacting us, including emails or messages sent through our website.

Technical Data

When you visit our website, we may automatically collect:

  • IP address

  • Browser type and version

  • Operating system

  • Pages you view and the time you spend on our site

2. How We Use Your Information

We process your personal data to:

  1. Provide and manage our services, including medical consultations and treatments.

  2. Respond to your inquiries and communicate with you.

  3. Manage appointments, bookings, and billing.

  4. Comply with legal and regulatory obligations.

  5. Improve our website, services, and user experience.

  6. Send marketing communications if you have opted to receive them (you may unsubscribe at any time).

3. Legal Basis for Processing

Under GDPR, we rely on the following legal bases to process your personal data:

  • Consent: Where you have explicitly consented to our use of your information.

  • Contractual obligation: To fulfill the services you have requested.

  • Legal obligation: To comply with laws, such as maintaining medical records.

  • Legitimate interests: To improve our services and manage our business.

4. Sharing Your Data

We do not sell or share your personal data with third parties, except in the following circumstances:

  • Service providers: We may share your data with trusted third-party service providers who help us deliver our services, such as IT support or payment processors.

  • Legal obligations: We may share your information to comply with legal or regulatory requirements.

  • Professional obligations: Where necessary, we may share medical data with other healthcare professionals involved in your care.

All third-party processors are bound by confidentiality and are required to process your data in accordance with GDPR.

5. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

  • Medical records: Retained for a minimum of 8 years, as required by UK law.

  • Financial data: Retained for 7 years for tax and audit purposes.

  • Marketing data: Retained until you opt out or withdraw consent.

6. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of your personal data.

  • Rectification: Request corrections to inaccurate or incomplete data.

  • Erasure: Request deletion of your data (“right to be forgotten”).

  • Restriction: Request limited processing of your data.

  • Portability: Request transfer of your data to another service provider.

  • Objection: Object to processing for specific purposes, such as direct marketing.

  • Withdraw consent: Withdraw your consent at any time, where applicable.

To exercise these rights, please contact us at privacy@drshwetamehta.com. We will respond within one month of receiving your request.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. These measures include:

  • Secure servers and encrypted communications (SSL).

  • Restricted access to personal data on a need-to-know basis.

  • Regular review of security practices and protocols.

8. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small files stored on your device that help us analyze traffic and improve functionality.

  • Essential cookies: Required for the website to function properly.

  • Analytics cookies: Help us understand how users interact with our site.

You can manage cookie preferences through your browser settings. For more details, please see our Cookie Policy.

9. Third-Party Links

Our website may include links to external sites. We are not responsible for the privacy practices or content of these third-party websites. Please review their privacy policies independently.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. The most recent version will always be available on our website.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:

Dr. Shweta Mehta
Email: privacy@drshwetamehta.com
Clinic Address: 24 Redwood Close, Surrey GU1 2NP, United Kingdom

You also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office (ICO), at www.ico.org.uk.