Privacy Policy

Our Commitment

At Halcyon Doctors Limited we take the security of personal data and other confidential information very seriously and are committed to complying with applicable data protection legislation and medical confidentiality guidelines. Personal data is any information that can be used, either by itself or together with other information, to identify an individual. We treat all information we hold about you as confidential information, whether it falls within the definition of personal data, or otherwise. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your personal data and confidential information either through our website(s), or otherwise through your engagement with Halcyon Doctors.

Any questions regarding this policy and our privacy practices should be sent by email to
[email protected].

Who do we collect personal data from?

We collect personal data from the following categories of people:
  • Patients and customers, and prospective patients and customers
  • Referring professionals and other third parties involved in the provision of care, e.g. GPs, solicitors, family members, carers, Lasting Power of Attorneys (LPAs) or Court Appointed Deputies (Deputies), fee payers etc.
  • Prospective referring professionals, e.g. solicitors, doctors, care homes, domiciliary care agencies, and other professionals who may make enquiries about our services
  • Doctors, clinicians, employees and other individuals who work with us
  • Prospective doctors, clinicians, employees or other individuals who may want to work with us

What personal data do we collect?

As set out in further detail below, we process two categories of personal data about you (where this applies):
  • Standard personal data (for example, information we use to contact you, identify you or manage our relationship with you)
  • Special categories of data (for example, health information, information about your race, ethnic origin and religion that allows us to tailor your care)
When using our services, or considering using our services, we may ask for your contact details and other basic personal data including name, address, email, telephone number, date of birth, as well as medical records and other clinical, legal, financial and social information. This may be collected directly from you or passed to us by third parties who you have authorised to share this information with us, such as your GP, solicitor, or a family member.
Examples of clinical, legal, financial and social information we may request from you or third parties on your behalf include:
  • Official medical records from GPs or other professionals, results of any investigations e.g. blood tests, scans etc.
  • Legal arrangements such as LPAs or Deputyships in place, wills or prospective wills
  • Information on your assets and value of your estate
  • Family background, history, housing situation, details about your family life, social life, religious beliefs, sexual orientation, race and nationality etc.
When using our website(s) or requesting further information through our “Contact Us” section you may be asked to provide your name, email address, mailing address, phone number, relationship to the patient or prospective patient, or other details to enable us to respond to you, as well as basic information regarding your enquiry.
When dealing with prospective referring professionals, as well as basic contact details, we may request your job title and area of specialism.
When dealing with prospective doctors, clinicians, employees and other individuals who wish to work with us, we request a number of pieces of information which are standard in a normal recruiting process in our industry, including, for example, basic personal data, CV, references, passport details, criminal record checks, DBS checks, GMC or regulatory body registrations, appraisals, CPD records, learning & development records, indemnity insurances details and occupational health records. Likewise, for doctors, clinicians, employees and other individuals who do work with us, we store the above-mentioned personal data, along with a photograph and biography details of such individuals, and we may display photographs and biographies on our website(s) for marketing purposes.

When do we collect information?

We collect information from you when you enter information on our website(s). We also collect information when you contact us directly by phone or email, or when we are instructed by a third party who you have authorised to share this information with us, such as your GP, solicitor, or a family member.
With regards to prospective referring professionals, we may collect your contact details from publicly available sources, such as your website(s).
With regards to prospective doctors, clinicians, employees and other individuals who wish to work with us, we may collect your contact details from publicly available sources, such as your website(s), or from third parties that you have authorised to share them, such as recruitment agencies.

What legal ground(s) do we rely on?

We have to identify which legal grounds we are relying on when we process personal data. Please note that we may process your personal data on more than one lawful ground depending on the specific purpose for which we are using your data. Examples of the lawful grounds we rely on are set out below but please contact us at [email protected] if you need further details about the specific legal ground(s) we are relying on to process your personal data.
  • Contractual obligations – generally we process your information on the basis that there is a contract between us and we need your personal information to comply with our contractual obligations.
  • Consent – in specific situations, we collect and process your information with your consent, for example, when you tick a box to receive information about our services from us. We do not process any special category data without your explicit consent unless we have a legal obligation to do so or there is a vital interest in us doing so because someone’s life is at risk.
  • Legal compliance – if the law requires us to, we may need to collect and process your personal information. For example, we can pass on details of people involved in criminal activity affecting Halcyon Doctors to law enforcement.
  • Legitimate interest – in specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests, including managing all aspects of our relationship with you, for marketing, to help us improve our services and products, and in order to exercise our rights or handle claims.

How do we use your information?

We may use the information we collect in the following ways:
  • To provide highly bespoke clinical and medico-legal services to our customers and patients, and support to families and carers. In order to deliver our services to the highest quality, we take a holistic approach and meet our patients and customer needs in a tailored and specific way, and this requires us to have sufficient background information about our patients and customers.
  • To allow us to provide the specific services to you that we have been requested to provide.
  • To request feedback about our services to enable us to improve and to better provide services to our patients and customers.
  • To respond to customer/patient feedback or enquiries.
  • To analyse data trends, for example customer enquiry to patient conversion rates which allows us to better understand what our patients need.
  • To provide prospective referring professionals with information about relevant events, webinars, teaching and learning, and service updates.
  • To assess candidates for suitability of roles, arrange job interviews, and other general HR purposes.
  • To share doctors’/clinicians’ details with patients prior to appointments.
  • To share doctors’/clinicians’ details with prospective referring professionals as part of marketing our services.
Generally, we do not send any marketing or promotional communications to customers or patients.
We never sell the data we hold to any third parties or use the data to help third parties market to you in any way.

How do we store and protect your information?

Your personal information is contained in secure networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
We use cloud-based systems to keep all our patient and customer records in a secure environment. The systems we currently use are Lumeon, the security of which is ISO-certified and Microsoft OneDrive.
Where personal data is in hard copy, this is shredded as soon as possible. Where hard copy data must be retained, it is kept in locked filing cabinets, in locked offices.

Who do we share your personal data with?

We take care to ensure that your personal data and other confidential information is treated in the strictest confidence, and is only shared with others, both internally within Halcyon Doctors, and externally with third parties, on a need-to-know basis.
Personal data relating to patients, customers, doctors, clinicians, etc. may be shared internally in order to provide services to you. For example, we will have to provide your basic contact details and medical records to the doctor/clinician who has been assigned to you.
As part of the services we provide, we may be required to share certain personal data with third parties, for example:
  • Patients’/customers’ data may be shared with GPs as part of the prospective or ongoing provision of medical care.
  • Patients’/customers’ data may be shared with solicitors are part of legal proceedings regarding your health or medico-legal care.
  • Patients’/customers’ data may be shared with external healthcare providers, e.g. for the purpose of carrying out MRI scans or blood tests.
  • Doctors’/clinicians’ basic contact details and patient details may be shared with the consulting rooms that we hire, e.g. Lister Hospital, Queen Square in order to make appointments on doctors’/clinicians’ behalf.
Your personal data may also be shared with website hosting partners and other parties who assist us in operating our website(s), conducting our business, or serving our users, so long as those parties agree to keep the information confidential. We may also release information when its release is appropriate to comply with the law, enforce our policies, or protect ours or others’ rights, property or safety. Data may be shared through the use of standard email encryption i.e. email is encrypted whilst in transit by means of TLS where possible failing over to SSL or HTTPS if the recipient does not support TLS.

How long do we keep your personal data for?

We are committed to our legal obligation to retain your personal data for only as long as is reasonably necessary. In some instances, we are required by law to retain certain personal data for a minimum period of time.
We are legally obliged to retain patients’/customers’ medical data, including deceased patients/customers, for a minimum period of seven years. Further, with regards to other personal data, it may be reasonable for us to retain it for some time, including potentially following the death of a patient, in the event that there are any regulatory requirements or legal issues, such as contentious probate.
In addition, we are legally required to retain certain personal data in relation to contracts that we are performing, for example in relation to employment contracts and patient/customer service contracts to allow us to perform those contracts.
With regards to prospective patients and customers, we may retain your contact details for up to two years as this is generally the maximum period during which an enquiry from a prospective patient/customer converts into an actual patient/customer. Any other personal data that has been provided to us at the enquiry stage is normally only retained for up to three months.
With regards to prospective doctors, clinicians and/or other employees, we will retain your personal data for a reasonable period following a decision by either party not to proceed with your engagement with Halcyon Doctors.
With regards to doctors, clinicians and/or other employees who provide services on behalf of Halcyon Doctors, we will retain your personal data for the duration of your engagement with us, and for a reasonable period after, for the purposes of responding to potential claims, HMRC enquiries etc.

How can you access and update your information?

The accuracy of your information is important to us. If you wish to review and/or correct the information that we hold about you at any time, please email us: [email protected].
You have the right to ask for a copy of the information we hold about you (we may charge for information requests to cover our costs in providing you with details of the information we hold about you).

Your preferences

You have a choice about whether or not you wish to receive communications from us. If you do not want to receive communications from us, then please notify us by contacting [email protected]. Please note however, that if you choose to cease communications from us, this may have an impact on how we can continue to provide services to you.
In certain circumstances, and where this does not contradict with our legal requirements as described above, you have the right to have information that we hold about you deleted or destroyed and you can contact us at any time to request this by email: [email protected].

Care Quality Commission Rating

Overall Rating: Good

Location: Unit 1, Cam Centre, Wilbury Way, Hitchin, SG4 0TW

Date: 5 May 2022

See the report
See the report

HALCYON

DOCTORS

+44 (0)203 7000 163
[email protected]

Halcyon Doctors
Unit 1 The Cam Centre
Wilbury Way
Hitchin
SG4 0TW

© Halcyon Doctors 2025— All rights reserved.

+44 (0)203 7000 163
[email protected]

Halcyon Doctors
Unit 1 The Cam Centre
Wilbury Way
Hitchin
SG4 0TW

© Halcyon Doctors 2025— All rights reserved.