1. Introduction

At DeWinton Field Practice (“we”, “us”, “our”), protecting your privacy and personal data is important. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our website and services.

2. Who We Are

DeWinton Field Practice
Tonypandy Health Centre
DeWinton Fields, Tonypandy
Rhondda Cynon Taf, CF40 2LE

Telephone: 01443 432 112
We are the data controller for your personal information under UK data protection law.

3. Information We Collect

We may collect personal data when you interact with our website or services, including:

• Website usage information: browser type, IP address, pages visited

• Contact details: name, email, phone number from forms or emails

• Patient data: NHS number, medical and appointment details when you access clinical services

We only collect what is necessary to deliver healthcare and improve our services.

4. Why We Use Your Information

We use your data to:

• Provide and manage GP services

• Respond to your enquiries and online requests

• Administer appointments and prescriptions (including via the NHS Wales App) DWFP

• Improve our website and patient experience

• Fulfil legal, NHS, and regulatory requirements

5. Legal Basis for Processing

Under UK GDPR and the Data Protection Act 2018, we process your data using lawful bases including:

• Performance of a task in the public interest – providing NHS healthcare

• Legal obligation – meeting NHS and statutory duties

• Consent – where you give it (e.g., contact form submissions)

• Vital interests – where needed to protect your health

Health and medical information is considered special category data and processed for healthcare purposes.

6. How We Share Your Data

We may share your personal information with:

• Other NHS providers involved in your care

• NHS Wales and Cwm Taf Morgannwg University Health Board

• Care partners (e.g., pharmacies, hospitals) where clinically necessary

• Approved IT service providers with robust data protection

We do not sell your information.

7. Data Security and Retention

Your personal information is stored securely in the UK with safeguards to protect against loss, theft, and unauthorised access.
We retain data in line with NHS records management policy.

8. Cookies and Tracking

Our website may use cookies to help it function efficiently and to gather anonymous usage data.
You can manage cookie preferences via your browser settings.

9. Your Rights

You have the right to:

• Access the personal data we hold about you

• Correct inaccurate information

• Request restriction or deletion (where appropriate)

• Object to how your data is used

• Withdraw consent at any time

To exercise your rights, please contact the practice.

10. Complaints

If you have concerns about how your data is processed, you can contact the Information Commissioner’s Office (ICO):

ICO Contact:
Website: www.ico.org.uk
Phone: 0303 123 1113

We encourage you to contact us first so we can work with you to resolve any concerns.

11. Policy Changes

We may update this policy from time to time. Changes will be published on this page with the updated date.