Privacy Policy

ISD/9158/2/03.04.26

ENT AT 150 LTD (trading as London Hearing)

PRIVACY POLICY

  1. Introduction

ENT at 150 Ltd (trading as London Hearing) (“we”, “us”, “our”) are committed to protecting and respecting your privacy and handling your personal data in a lawful, fair and transparent manner.

This Privacy Policy explains how we collect, use, store and protect your personal data when you:

  • visit our website
  • contact us
  • book appointments
  • receive hearing or audiology services
  • purchase hearing aids or related products
  • otherwise interact with us

This policy is intended to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

  1. Data Controller

The data controller responsible for your personal data is:

ENT at 150 Ltd (trading as London Hearing)
Company Number: 08737656

150 Harley Street
London
W1G 7LQ
England

Email: [email protected]

Telephone: +44 (0)20 3075 3150

  1. Personal Data We Collect

We may collect and process the following categories of personal data:

Personal Details

Name, address, email address, telephone number, date of birth, and other contact details.

 

 

Appointment and Service Information

Appointment bookings, consultation notes, treatment information, hearing test records and audiology service records.

Medical and Hearing Information

Hearing test results, audiology records, ear examinations, treatment records, hearing aid prescriptions and related medical information.

This information constitutes special category personal data under UK GDPR because it relates to your health.

Payment and Financial Information

Payment details, invoices, transaction records and purchase history.

Communications

Records of communications with you including emails, letters, telephone notes and appointment correspondence.

Website and Technical Data

IP address, browser type, pages visited, website usage data and other information collected through cookies and analytics tools.

  1. How We Collect Personal Data

We collect personal data in a number of ways, including:

  • when you contact us by email, telephone or through the website
  • when you complete website forms
  • when you book appointments
  • when you attend consultations
  • when you purchase hearing aids or services
  • through website cookies and analytics tools
  • from third parties such as insurers, healthcare providers or hearing aid manufacturers where relevant
  1. How We Use Personal Data

We use your personal data for the following purposes:

  • providing hearing tests and audiology services
  • arranging and managing appointments
  • supplying hearing aids and related products
  • maintaining medical and clinical records
  • communicating with you regarding appointments, services and products
  • responding to enquiries
  • processing payments and invoices
  • managing our business operations
  • improving our website and services
  • complying with legal, regulatory and professional obligations
  • marketing our services where permitted by law
  1. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Contract – where processing is necessary to provide services to you or to take steps at your request before entering into a contract.
  • Legal obligation – where we are required to comply with legal, accounting, regulatory or professional requirements.
  • Legitimate interests – for the operation and administration of our business, maintaining records, improving services and responding to enquiries.
  • Consent – where you have given consent, for example for marketing communications.
  • Healthcare purposes – we process health and medical data as special category personal data for the purposes of medical diagnosis, provision of healthcare, treatment and management of healthcare services in accordance with the UK GDPR and the Data Protection Act 2018.
  1. Medical Records and Health Data

We maintain medical and clinical records relating to hearing tests, audiology assessments, treatment, hearing aid prescriptions and related healthcare services.

These records are confidential and are only accessed by authorised personnel and healthcare professionals involved in your care or the administration of our services.

Health and medical information is treated as special category personal data and is processed only where necessary for healthcare and treatment purposes or where required by law.

  1. Sharing Your Personal Data

We may share personal data with third parties where necessary, including:

  • hearing aid manufacturers and laboratories
  • IT service providers and website hosting providers
  • payment processors and accountants
  • professional advisers including lawyers and insurers
  • healthcare professionals and medical practitioners
  • regulators, government authorities or law enforcement where required by law

We require all third parties to respect the security of personal data and to treat it in accordance with the law.

  1. International Transfers

Where personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place in accordance with data protection law, including the use of approved contractual clauses where necessary.

 

  1. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, regulatory and medical record keeping purposes.

Medical and patient records are typically retained electronically and/or in paper form for a minimum of six years from the date of the last treatment or appointment, and longer where required by medical, legal or regulatory requirements.

Financial and accounting records are retained for at least six years for tax and accounting purposes.

Website and technical data may be retained for shorter periods.

After the relevant retention period expires, personal data will be securely deleted or anonymised.

  1. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • secure IT systems and password protection
  • restricted access to personal data
  • secure storage of medical records
  • confidentiality obligations for staff and contractors
  • secure email and electronic communication systems
  • data backup and security procedures

We take reasonable steps to protect personal data from loss, misuse, unauthorised access, disclosure or alteration.

  1. Marketing Communications

We may send information about our services, products or promotions where permitted by law. You may opt out of marketing communications at any time by contacting us or using the unsubscribe option in emails.

  1. Your Rights

Under data protection law you have the right to:

  • request access to your personal data
  • request correction of inaccurate personal data
  • request deletion of personal data
  • request restriction of processing
  • object to processing
  • request transfer of your personal data
  • withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the contact details in paragraph 18 below.

  1. Subject Access Requests

You have the right to request a copy of the personal data we hold about you. This is known as a Subject Access Request.

Requests should be made in writing by email or post. We may need to verify your identity before providing information. We will respond within one month in accordance with data protection law.

  1. Children’s Personal Data

We may collect and process personal data relating to children where hearing tests or audiology services are provided to minors. In such cases, personal data will normally be provided by and processed with the consent of a parent or legal guardian.

  1. Automated Decision Making

We do not carry out automated decision making or profiling that produces legal or similarly significant effects on individuals.

  1. Cookies

Our website uses cookies and similar technologies. Please see our Cookies Policy for further details.

  1. Contact

If you have any questions about this Privacy Policy or how we handle your personal data, please contact:

The Practice Manager
150 Harley Street
London
W1G 7LQ
England

Email: [email protected]

Telephone: +44 (0)20 3075 3150

  1. Complaints

If you have any complaint about how we handle your personal data, please contact us in the first instance so that we can try to resolve the issue.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, if you believe that we have not complied with applicable data protection laws.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
United Kingdom

Telephone: 0303 123 1113
Website: www.ico.org.uk

  1. Changes to This Policy

We may update this Privacy Policy from time to time. Any updated version will be published on our website.

 

 

Version 1.0
Date: April 2026
ENT at 150 Ltd