Because this is a clinical service, I hold more sensitive information about you than most websites you visit — your medical history as well as your name and contact details. This policy explains what I collect, why, who it is shared with, how long it is kept, and the rights you have over it. It is written to meet the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, and I have tried to keep it in plain English.

Who is responsible for your information

The data controller is Lucy's Prescribing Ltd, registered in England and Wales (company number 14782301). Registered office: [registered office address]. The clinic is run by Lucy, an NMC-registered nurse and independent prescriber, and she is the only person with routine access to clinical records.

Lucy's Prescribing Ltd is registered with the Information Commissioner's Office (ICO), registration number [ICO registration number].

For anything relating to your information, contact hello@lucysprescribing.co.uk or call +44 7700 900 118.

What I collect

If you are a client

If you are a referring practitioner

If you contact me through the website

Where your information comes from

Directly from you; from your referring practitioner as part of the referral; and, where relevant to your care and with your knowledge, from the dispensing pharmacy or your GP.

Why I use it, and the legal basis

I do not send marketing. If that ever changes, it would only be with your prior consent, and you could withdraw it at any time.

Who your information is shared with

Your information is never sold or shared for advertising. Where service providers (such as email or secure storage) process data on my behalf, they do so under contract and, if any processing happens outside the UK, only with the safeguards UK GDPR requires.

Cookies and this website

This website sets no cookies and runs no analytics or tracking. The fonts are loaded from Google Fonts, which means your browser requests those files from Google's servers and Google sees your IP address as part of serving them — see Google's privacy policy. Nothing else on the site sends data anywhere.

How long I keep it

How it is protected

Records are stored electronically with encryption and access controls, and any paper documents are locked away and scanned into the record. Access is limited to Lucy. Email is used for correspondence; anything clinically sensitive is sent using password protection or a secure sharing method wherever possible.

Your rights

To use any of these rights, email hello@lucysprescribing.co.uk. I will respond within one month. There is no fee unless a request is clearly unfounded or excessive.

Changes to this policy

Any changes will be published on this page with a new "last updated" date. Significant changes affecting current clients will be flagged directly.