Privacy Policy

Effective Date: November 9, 2025
Website: www.taylorgrey.com

Taylor Grey Healthcare (“Taylor Grey,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring that your personal data is handled safely, securely, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, and protect your information when you visit our website or contact us.

1. Who We Are

Taylor Grey Healthcare
43 Cheval Place, London, SW7 1EW
Email: privacy@taylorgrey.com
Website: www.taylorgrey.com

Taylor Grey Healthcare is a private healthcare provider offering wellness, longevity, and urgent care services. We act as the Data Controller for the personal data you provide to us.

2. Information We Collect on this Website

We may collect and process the following types of personal data:

a. Information You Provide Directly

• Name, email address, and contact number

• Details relating to your enquiry or appointment

• Medical or health-related information (only where relevant and with your consent)

• Marketing preferences and communication history

b. Information We Collect Automatically

When you visit our website, we may automatically collect:

• IP address, browser type, and device information

• Pages viewed, duration of visit, and referral source

• Cookie and analytics data (see Section 7 below)

c. Information from Third Parties

We may receive information from:

• Healthcare partners, labs, or referring clinicians (where you have provided consent)

• Payment processors or booking systems used by Taylor Grey Healthcare

3. How We Use Your Information

We process personal data only where we have a lawful basis to do so, such as:

• To respond to your enquiries or appointment requests

• To arrange and deliver medical, wellness, or longevity services

  • Lawful basis: Contract / Vital Interests

  • Example: Providing treatment, diagnosis, or ongoing patient care.

• To manage your appointments and communicate updates

  • Lawful basis: Legitimate Interest

  • Example: Sending appointment reminders, confirmations, or follow-ups.

• To maintain accurate medical and administrative records

  • Lawful basis: Legal Obligation / Public Interest in Healthcare

  • Example: Meeting Care Quality Commission (CQC) and clinical governance requirements.

• To send marketing communications (only if you have opted in)

  • Lawful basis: Consent

  • Example: Sharing clinic news, wellness updates, or exclusive offers.

• To comply with legal, regulatory, and safeguarding obligations

  • Lawful basis: Legal Obligation

  • Example: Sharing data when required by law or medical regulators.

• To improve our services and website experience

  • Lawful basis: Legitimate Interest

  • Example: Using anonymised analytics data to optimise patient experience.

4. How We Protect Your Data

We take appropriate technical and organisational measures to safeguard your personal data, including:

• Encrypted transmission of data (SSL/HTTPS)

• Secure, password-protected systems and restricted staff access

• Regular security updates and malware monitoring

• Encrypted cloud storage with UK or EEA-based providers

Sensitive medical information is handled in accordance with medical confidentiality standards, CQC regulations, and ICO guidance.

5. Sharing Your Information

We do not sell or rent your data to third parties.
We may share your data only where necessary and lawful, for example:

• With clinicians, medical specialists, or laboratories involved in your care

• With IT, booking, or CRM providers acting as Data Processors under signed GDPR-compliant agreements

• With regulators such as the Care Quality Commission (CQC) or Information Commissioner’s Office (ICO)where legally required

All third-party partners are required to handle your information securely and only for the purposes specified.

6. Retention of Data

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting obligations.
Medical records are retained in line with NHS and CQC retention guidelines, typically for at least eight years after the last treatment, unless otherwise required by law.

7. Cookies and Analytics

Our website uses cookies to improve user experience and analyse website performance.
Cookies are small files stored on your device when you visit our site.

We use:

• Essential cookies – required for core site functionality.

• Analytics cookies – to understand how visitors use our website (via Google Analytics with anonymised IP addresses).

• Marketing cookies – only if you consent, for remarketing and ad performance tracking.

You can manage or delete cookies through your browser settings.
For more details, see our Cookie Policy.

8. Marketing Communications

We will only send you marketing emails if you have given explicit consent.
You can withdraw your consent at any time by:

• Clicking “unsubscribe” in any marketing email, or

• Contacting us at support@taylorgrey.com

We will then remove you from all marketing lists within 10 working days.

9. Your Rights

Under UK GDPR, you have the following rights:

• Access – to request a copy of your personal data.

• Rectification – to correct inaccurate or incomplete data.

• Erasure – to request deletion of your data (“right to be forgotten”).

• Restriction – to limit how your data is processed.

• Portability – to request transfer of your data to another provider.

• Objection – to object to processing for marketing or legitimate interest purposes.

To exercise any of these rights, contact us at privacy@taylorgrey.com.
We may require verification of identity before fulfilling your request.

10. Data Transfers Outside the UK

We store data on secure servers located in the UK/European Economic Area (EEA).
If any data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent protection mechanisms.

11. Children’s Privacy

Our services are intended for individuals aged 18 and over. If you believe a child under 16 has provided personal data without parental consent, please contact us and we will delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legislation or our business operations. Any updates will be posted on this page with the revised effective date.

13. Contact Us

For any questions about this Privacy Policy or how your data is handled, please contact:

Data Protection Officer
Taylor Grey Healthcare
43 Cheval Place, London, SW7 1EW
Email: support@taylorgrey.com

If you are not satisfied with our response, you have the right to lodge a complaint with:
Information Commissioner’s Office (ICO) – www.ico.org.uk