Privacy Policy

KPI: Clinical Services (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you interact with us, including through our website, services, and communications.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Organisation name: KPI: Clinical Services

Registered address: Elder House West, 590 – 598 Elder Gate, Milton Keynes MK9 1LR

Email: info@kpi-access.com

Telephone: 01908 049574

We may collect and process the following categories of personal data:

• Identity data, such as name, job title, and organisation

• Contact data, such as email address, telephone number, and postal address

• Technical data, such as IP address, browser type, device information, and website usage data

• Professional data, such as role, qualifications, or service requirements

• Health or clinical information, only where necessary for the provision of clinical or advisory services and where lawful

We collect personal data through:

• Direct interactions, such as enquiries, referrals, contracts, or service delivery

• Website forms or email communications

• Cookies and similar technologies

• Third parties, such as partner organisations, referrers, or publicly available sources, where lawful

We process personal data under one or more of the following lawful bases:

• Performance of a contract

• Compliance with a legal obligation

• Legitimate interests, where these interests are not overridden by your rights

• Consent, where required

• Provision of health or social care, where applicable

We use personal data to:

• Provide and manage clinical and professional services

• Respond to enquiries and communicate with you

• Manage contracts, billing, and administration

• Improve our website and services

• Meet legal, regulatory, and professional obligations

We may share personal data with:

• Trusted service providers and professional advisers

• Regulatory bodies, where required by law

• Partner organisations involved in service delivery

• IT and system providers

All third parties are required to protect personal data and use it only for specified purposes.

We do not transfer personal data outside the UK unless appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses.

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, including legal, regulatory, and professional requirements.

Under data protection law, you have the right to:

• Access your personal data

• Request rectification of inaccurate data

• Request erasure of your data

• Restrict or object to processing

• Request data portability

• Withdraw consent, where processing is based on consent

To exercise your rights, contact us using the details above.

If you have concerns about how we handle your data, you may contact us directly. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).