top of page

Privacy Policy

Your personal data is data which by itself or with other data available to (Mr Daniel Shaerf) can be used to identify you as an individual. Daniel Shaerf, t/a, ICO registration ZB044498, is the data controller.

This Privacy Notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. You can contact our Data Protection Officer (DPO), Mr Daniel Shaerf by email to if you have any questions.

Types of personal data we collect and use may include:

  • Your name, address and contact details, including email address and home and mobile telephone numbers, date of birth and gender

  • Your previous and current medical health records

  • Information about medical or health conditions, test results and other clinically-relevant information (including information about medical or health conditions of your family)

  • The terms and conditions of your contract with us for the provision of healthcare and related services

  • Your financial information (including your bank account or credit card details) and/or the financial information of the company or individual who is responsible for the payment of invoices or bills relating to your care (e.g. insurer or sponsor)

  • Information about your marital status, next of kin, dependents, nominated and/or emergency contacts

  • Information received in response to any complaints or claims


Using your personal data and the legal basis for processing

  • We will process your personal data under Article 6 (1) and Article 9 (2) of the General Data Protection Regulations

  • To support the provision of your healthcare and decide how best to provide treatment to you.

  • As necessary to support the healthcare contract with you and to allow us to receive [full] payment for those services.

  • To keep your records up to date.


We will process your personal data under Article 6 (1) f of the General Data Protection Regulations:

1) As necessary for our own legitimate interests, including for good governance, accounting, and managing and auditing our clinical and business operations and to monitor emails, calls and other communications.

2) As necessary to comply with legal and regulatory obligations, including when you exercise your rights under Data Protection Laws and to investigate complaints, legal claims and data protection or clinical incidents.

3) Based on your consent, including if you ask us to disclose your personal data to other people or organisations such as a company handling a claim on your behalf; or otherwise agree to disclosures, including to employers. You are free at any time to change your mind and withdraw your consent. The consequence might be that we cannot continue to provide full healthcare services to you.

How we collect data
We may collect and process information that you provide directly to Mr Shaerf or his staff as part of the process of arranging an appointment, in forms completed during the registration process or on our website (, at consultations and through correspondence (by post or email) with the patient, other clinicians (including GPs) and in communication with insurance companies or other funders. By providing this information you consent to Dan Shaerf, t/a, retaining it for valid use. We store patient information in a fully compliant secure and paperless practice management system. Your data will only be stored for as long as necessary. Our office undertakes to ensure appropriate security, integrity and confidentiality of your personal data.

Sharing of your personal data
Subject to applicable Data Protection Laws we may share your personal data with:

  • Consultants, doctors and other healthcare professionals who provide treatment to you, or to whom we are referring you

  • Sub-contractors and other persons who help us to provide healthcare products and services to you

  • Our legal and other professional advisors, including our auditors

  • Fraud prevention agencies, credit reference agencies and debt collection agencies

  • Courts, to comply with legal requirements, and for the administration of justice

  • Third parties in an emergency or to otherwise protect your and others’ vital interests.

  • Payment systems and providers.

  • Anyone else where we have your consent or as required by law.

bottom of page