Privacy Policy

Informing Service Users

Under the Data Protection Act, organisations are required to provide information to individuals about what information will be held about them, how it will be used and who is responsible for it. Under the Act this is known as fair processing but in recent years the term privacy notices has been adopted to describe the requirement. To assist in promoting good practice the Information Commissioner has produced the ‘Privacy notices code of practice’. The Code notes that information can be provided through a variety of media and that making ‘layers’ of information available is a realistic way of meeting differing needs.

A leaflet and poster entitled ‘Your information, your rights’ has been developed for all NHS organisations in Wales to use to ensure service users are aware how their information is processed and what their rights are with regards to their information.

Your information, your rights A3 poster (Web)

Data Sharing

The privacy of your information is very important to us. The Lifestyle Clinic will store your personal details in accordance with this Data Protection Policy and will always endeavour to keep your information secure.
It is important that patients know the difference between Local Data Sharing and Care Data, so that informed choice can be made about whether you are happy for your data to be shared, or whether you wish to opt out.

We want to be sure that we give you the opportunity to decide at what level you would like to opt out of data sharing and are aware of the implications. Please complete the opt out form via the attached link and return it to us so we can be clear about your wishes.

Local Data Sharing

A data sharing agreement exists between The Lifestyle Clinic and 8 other local GP practices that make up the Amman-Gwendraeth GP Cluster for the purpose of sharing clinical information on patients resident in this area. This would include clinical information such as blood test results and medication doses. The Lifestyle Clinic can also document any changes made directly into the patients’ notes to ensure best care and good communication. We use Heydoc clinical system for booking, questionnaires and clinical notes. Please find relevant GDPR documents by following this link:

If a patient does not opt out, their information will be shared when immediate patient care is needed.

Care Data

The NHS would like to link information from all the different places where patients receive care, to help provide a seamless package of care. It also allows the NHS to compare the care patients receive in one area against another so they can see what works best.

How patient information is used and shared is controlled by law and strict rules are in place to protect patient privacy.

If a patient does not opt out, their information will be shared; however a patient can opt out of or re-join the scheme at any time.

Information Governance and Caldicott

Information Governance is a framework related to how organisations and individuals handle information; it applies to sensitive and personal information, of employees, patients and service users, and also to information related to the business of the organisation.

Information Governance sits alongside clinical and corporate governance and while the key focus is on ensuring that information is handled in a confidential and secure manner, in the health context it is also very much about supporting the provision of high quality care by ensuring the right information is available to the right people, when and where it’s needed.

The definition of what Information Governance includes varies between organisations and sectors; in NHS Wales there are several other aspects aside from the security and confidentiality of information which are also of significance. Information Governance within NHS Wales is generally accepted to include (but is not limited to) the following standards and legal requirements :

  • Data Protection Act 1998
  • Caldicott Report
  • Common Law Duty of Confidentiality
  • Freedom of Information Act 2000
  • Information Sharing Protocols
  • Data quality
  • Information Security assurance – ISO 27001/2 Information security management (formerly BS7799)
  • Records Management

Caldicott is a key element of the Information Governance agenda in Wales, providing organisations working in Health and Social Care with a set of recommendations and principles to help ensure that person identifiable information (including that of patients, staff and service users) is adequately protected.


Access to Information

There are several pieces of legislation which provide individuals with rights of access to specific types of information which an organisation may hold. The links below provide further detail on the individuals rights, timescales to provide information, and the exemptions or exceptions to consider when a request is received.



This statement applies to all information collected or submitted on the website of The Lifestyle Clinic. It details what information we collect, how and why we collect them. If you have any comment or query, please submit your request via email ( quoting ‘privacy statement’.

As described within the provisions of the UK Data Protection Act 1998 (external website), we take appropriate measures to maintain the security of your data on our website. Information collected is governed by this privacy statement and use of this website signifies your agreement.


Information We Collect

Personal Information

When you voluntarily submit identifiable data on this website (this includes submission of feedback forms, weight measurements, subscriptions or questionnaires), the information submitted is used solely to respond to your queries and for its intended purpose. We are obliged to obtain data on certain parameters which include your name, address and contact details (including email and telephone numbers) age and date of birth, information regarding your physical and mental health, weight and waist circumference results, blood tests and information about medication for audit purposes. This will be anonymised so no individual person can be identified from the results. As clinicians and non-clinicians working for The Lifestyle Clinic on behalf of the NHS we are bound by strict confidentiality laws. This will then help us improve the clinic and provide evidence of the work that is undertaken. We do not share web user information with third parties.


What are Cookies?

Cookies are small files that websites put on your computer hard disk drive when you visit. Cookies pass information back to websites each time you visit. They are used to uniquely identify web browsers, track user trends and store information about user preferences. You can restrict/disable cookies on your browser; please note that some website features may not function properly without cookies.


How to Disable Cookies

To change your cookie settings:

Why We Collect User Statistics

By understanding user behaviour and preferences, we are able to improve our website content to meet user expectations and needs.

External Websites

This privacy statement does not apply to external links; collection of information by such sites is subject to relevant privacy policies. We are not responsible or liable for the privacy practices of external websites and use of such websites is at your discretion.