Privacy Policy

Veridian Clinic is a UK-based private healthcare provider offering GP-led longevity, metabolic health and preventive medicine services. For the purposes of UK data protection law, Veridian Clinic acts as the data controller for the personal data described in this policy, except where another organisation is clearly identified.

This policy explains how we collect, use, share, store and protect your personal information when you visit our website, enquire about our services, join our waitlist, complete forms, or become a patient.

We may collect identity and contact information such as your name, email address, telephone number, date of birth and address.

We may collect health and clinical information you choose to share with us, including symptoms, medical history, medications, test results, lifestyle details, goals, and information relevant to suitability for treatment or clinical assessment.

We may collect technical and website usage information such as IP address, browser type, device type, operating system, referring pages, pages viewed, and approximate location derived from your IP address.

We may also collect marketing and communication preferences, enquiry details, appointment history, payment-related records where relevant, and any correspondence you send to us.

We collect information directly from you when you complete forms, subscribe to updates, book an appointment, contact us by email or phone, submit clinical questionnaires, or communicate with our team.

We also collect limited technical information automatically through cookies and similar technologies when you use our website. More detail is available in our Cookie Policy.

In some cases, we may receive relevant information from third parties involved in your care, such as laboratories, payment providers, technology platforms, or other clinicians, where this is appropriate and lawful.

We use your personal data to respond to enquiries, manage bookings, provide requested services, deliver clinical care, assess suitability for treatment, communicate with you about appointments, and maintain appropriate medical records.

We may use your information to operate, improve and secure our website and services; to monitor performance and service quality; to comply with legal, regulatory and professional obligations; and to investigate or respond to incidents, complaints, or safeguarding concerns.

Where you have given permission, we may also use your contact details to send relevant service updates, educational content, or marketing communications. You can unsubscribe from marketing at any time.

We process personal data where it is necessary for our legitimate interests, such as running and improving our services, provided those interests are not overridden by your rights.

We process data where it is necessary to take steps at your request before entering into a contract, or to perform a contract with you, such as arranging consultations or delivering paid services.

We process data where it is necessary to comply with legal or regulatory obligations, including medical, tax, accounting, safeguarding and CQC-related requirements.

Where special category health data is involved, we rely on the relevant lawful bases and conditions permitted under UK GDPR and the Data Protection Act 2018, including the provision of health care and management of health services. In some circumstances we may also rely on your explicit consent.

We only share your information where there is a clear need and lawful basis to do so. This may include sharing with clinicians involved in your care, diagnostic laboratories, secure technology providers, payment processors, website and analytics providers, regulators, insurers, legal advisers, and other service providers who help us operate the clinic.

We may also share information where required by law, court order, regulatory request, safeguarding duty, or to protect the vital interests of a patient or another person.

We do not sell your personal information.

Some of the suppliers we use may process personal data outside the UK. Where this happens, we take reasonable steps to ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent protective measures.

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, regulatory and clinical record-keeping requirements.

Clinical records may need to be retained for extended periods in line with professional standards and applicable law. Website analytics and marketing data are typically retained for shorter periods unless a longer retention period is required for security, compliance or dispute resolution.

We use appropriate technical and organisational measures designed to protect your information against accidental loss, misuse, unauthorised access, disclosure, alteration or destruction. These measures may include access controls, encryption, secure hosting, audit logging, role-based permissions and contractual controls with our suppliers.

No online system can ever be guaranteed completely secure, but we work to maintain security practices that are appropriate for the sensitivity of the information we handle, particularly health-related data.

Subject to the limits set by law, you may have the right to request access to the personal data we hold about you, ask for inaccurate information to be corrected, request erasure in certain circumstances, restrict or object to processing, and request portability of certain information.

If we rely on consent, you also have the right to withdraw that consent at any time. Withdrawal will not affect processing already carried out lawfully before that point.

To exercise your rights, please contact us using the details below. We may need to verify your identity before responding.

Our website may use cookies and similar technologies to enable core functionality, understand site usage, improve performance and support relevant marketing activity. For detailed information about the cookies we use and how to manage them, please read our Cookie Policy.

Our services and website are generally intended for adults. We do not knowingly collect personal data from children through the website without appropriate authority or legal basis. If you believe a child has provided personal information inappropriately, please contact us so we can investigate.

We may update this Privacy Policy from time to time to reflect legal, clinical, operational or technology changes. The latest version will always be posted on this page with the effective date shown below.