Book
Your data

Privacy notice

How we collect, use and protect your personal and health information.

Last updated: 2026-06-07. We review this notice at least once a year.

Who we are

The data controller is NOSE LDN Ltd, trading as noseandsinus.md, at Suite 3b Lister House, 11-12 Wimpole Street, London W1G 9ST. NOSE LDN Ltd is registered with the Information Commissioner's Office under registration ZC079865. Mr Simon Gane (GMC 4591175) is the clinician and Registered Manager.

If you have any question about how we handle your information, contact us at office@noseandsinus.md, call 020 7435 8171, or write to us at the address above.

What information we collect

We collect only what we need to provide your care and run the practice. This may include:

  • Your name, contact details, and date of birth
  • Health information, including your symptoms, history, examination findings, investigations and treatment
  • Photographs and scans relevant to your care
  • Insurer or payment details where relevant to billing
  • Your correspondence with us, including messages sent by WhatsApp, email or our booking system

Why we use it and our lawful basis

We use your information to assess, diagnose and treat you, to communicate with you, to bill correctly, and to meet our professional and legal obligations.

Under UK GDPR, our lawful basis for processing your personal data is the performance of a contract for your care (Article 6(1)(b)) and our legitimate interests in running the practice (Article 6(1)(f)). Because health information is special category data, we also rely on Article 9(2)(h), the provision of health care and treatment by a health professional under a duty of confidentiality, together with the conditions in the Data Protection Act 2018.

How we use WhatsApp

We offer WhatsApp Business as one of three ways to contact the practice, alongside our booking system and phone line. This section explains what happens to the information you share with us through WhatsApp.

What we receive

When you message us on WhatsApp at 07985 727430, we receive:

  • The content of your message, including any photographs or attachments you send
  • Your WhatsApp display name and profile photograph
  • Your WhatsApp phone number
  • The time the message was sent

Why we use it

We use WhatsApp to answer questions about consultations, fees, insurer billing and the practice; to triage clinical questions before your appointment so we can prepare; to send appointment reminders and confirmations; and to share documents you have asked us to send.

We do not use WhatsApp for urgent or emergency communication. If you have an urgent medical concern, please telephone the practice during clinic hours or contact NHS 111. In a medical emergency, call 999 or attend A&E.

Who reads your messages

Messages are read by Mr Simon Gane's practice secretary, who is bound by the same confidentiality obligations as Mr Gane himself. Messages that are clinically significant are reviewed by Mr Gane and transcribed into your medical record on Semble (our clinic system). Where appropriate, attachments such as photographs are saved into your Semble record.

How long we keep messages

Where a WhatsApp message contains clinically significant information, the relevant content is transferred to your Semble medical record and retained in line with our medical-records retention policy (currently 30 years for adult records, or longer where required by law).

Messages on the WhatsApp Business account itself are retained for 12 months and then deleted. Photographs are deleted from the WhatsApp Business account once they have been saved into your Semble record, or within 30 days if they are not clinically relevant.

Where your WhatsApp data goes

WhatsApp is owned by Meta Platforms Ltd. When you send us a WhatsApp message, the message is end-to-end encrypted between your device and ours. Message metadata (your number, our number, the time of the message) is processed by Meta on infrastructure that may include servers outside the UK. Meta's own privacy policy applies to the data Meta processes about you as a WhatsApp user, and we do not control Meta's terms. If you do not want your information to be processed by Meta, please contact us by booking or by telephone instead.

How we store your information and who we share it with

Your clinical record is held in Semble, our secure electronic medical records system, which processes data on our behalf under a written agreement. We share your information only where necessary: with other healthcare professionals involved in your care, with your insurer where you have asked us to bill them, and where we are required to by law. We do not sell your data or use it for marketing without your consent.

How long we keep your records

We keep adult medical records for 30 years, or longer where the law requires. Other records are kept only as long as needed for the purpose for which they were collected.

Your rights

Under data protection law you have the right to:

  • See the personal data we hold about you, including WhatsApp messages
  • Ask us to correct anything that is inaccurate
  • Ask us to delete information that is no longer needed, where the law allows
  • Restrict or object to certain processing
  • Withdraw your consent to communicate by WhatsApp at any time, by telling us in any channel (we will then move to phone or email)

To exercise any of these rights, email office@noseandsinus.md or write to the practice address above.

Complaints

If you are unhappy with how we have handled your information, please contact us first so we can put it right. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or on 0303 123 1113.