Littleton Surgery Privacy Notice

Privacy Notice – Littleton Surgery

Who We Are
Littleton Surgery is an NHS General Practice providing primary care services to our patients under the NHS. We are the data controller for the personal information we collect and use about our patients.

Our Contact Details

  • Practice Address: Littleton Surgery, Buckland House, Esher Park Avenue, Esher, Surrey, KT10 0SP
  • Telephone: 01372 462 235
  • Email: syheartlandsicb.littletonsurgery@nhs.net
  • Data Protection Officer (DPO): Daniel Lo Russo: Surrey Heartlands, Block C, 1st Floor, Dukes Court, Duke Street, Woking, Surrey, GU21 5BH

What Information We Collect and Use
We collect and use a wide range of personal and health information including:

  • Your name, address, date of birth, and contact details
  • NHS number and medical history
  • Current and past diagnoses, treatments, and medications
  • Results of investigations (e.g. blood tests, imaging)
  • Information from other health and care providers
  • Details about your lifestyle and social circumstances when relevant to your care

We may also record telephone calls for training, monitoring, or complaint resolution purposes.

Why We Collect Your Data
We collect and process your data to:

  • Provide you with safe and effective medical care
  • Support preventive medicine and public health functions
  • to be shared with organisations that provide pre-referral advice and guidance
  • Manage and plan NHS services
  • Participate in clinical audits and service improvements
  • Fulfil legal obligations and comply with NHS policies

Lawful Basis for Processing
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on include:

  • Article 6(1)(e) – Performance of a task carried out in the public interest
  • Article 9(2)(h) – Provision of health or social care

Sharing Your Information
We may share your information with:

  • Other NHS organisations and professionals involved in your care
  • Local hospitals and community services
  • NHS Digital, NHS England, and the Department of Health
  • Social care providers and local authorities
  • External providers for referral, prescription, or diagnostic services
  • IT system providers and auditors, under strict contractual terms

We only share the minimum data necessary and always aim to protect your privacy.

How Long We Keep Your Information
We retain your personal data in line with the NHS Records Management Code of Practice, typically until 10 years after death or as otherwise required.

Your Rights
You have the right to:

  • Be informed about how your data is used
  • Access the information we hold about you
  • Request correction of inaccurate data
  • Request erasure or restriction of your data in certain circumstances
  • Object to the use of your data for non-direct care purposes
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

For more information, visit: https://ico.org.uk/

How to Complain
If you have concerns about how your information is handled, please contact our practice or our Data Protection Officer.

You can also contact the ICO:

Attachment

Littleton Surgery Privacy Notice

PDF, 704.2 KB

Date Published: 12th May, 2025
Date Last Updated: 12th May, 2025