Skip Navigation
Call us020 8340 0411
Register & Book

Our Privacy Policy

Your Local Vets Ltd t/a The Highgate Veterinary Clinic is committed to protecting the privacy and security of your personal data. This policy explains how and why we collect, use, and process your personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are (The Data Controller)

Your Local Vets Ltd
21 Pond Square
London
N6 6BA

020 8340 0411

contact@highgatevet.co.uk

www.highgatevet.co.uk

For the purposes of the UK GDPR, Your Local Vets Ltd is the Data Controller responsible for your personal data.

Data Protection Contact:

Robyn McCarthy - Practice Manager

practicemanager@highgatevet.co.uk

2. The Personal Data We Collect

We collect and process various categories of personal data about you to provide our veterinary services. This generally includes:

Category of DataSpecific Data Collected
Contact DataName, address, telephone number(s), email address.
Pet DataDetails of your pet(s) (name, species, breed, age, microchip number, insurance information if relevant). Note: UK GDPR applies to data about people, not animals, but we link your personal data to your pet's record.
Clinical DataYour pet's medical history, clinical notes, laboratory results, diagnostic images (e.g., X-rays, ultrasound), and treatment plans.
Financial DataWe do not store payment information directly. If you are a member of our pet health plan, your payment information will be collected and stored by our partner Vetsure Pet Insurance® which is a registered trading name of TVIS Ltd whose company registration no. is 06820979.
CorrespondenceRecords of communications with you (emails, letters, call recordings [if applicable]).
Marketing DataYour preferences in receiving marketing/promotional communications from us.

3. How and Why We Use Your Personal Data (Legal Basis)

We rely on several legal bases under the UK GDPR to process your personal data:

Purpose of ProcessingLegal Basis under UK GDPR
To Provide Veterinary Services (e.g., appointments, diagnosis, treatment, prescriptions, client registration)Performance of a Contract with you for veterinary care.
For Essential Pet Healthcare Reminders (e.g., vaccinations, flea/worm treatments)
For Essential Pet Healthcare Reminders (e.g., vaccinations, flea/worm treatments)Legitimate Interest in promoting animal health and welfare (this is generally considered a service update, not marketing).
Processing Insurance Claims and ReferralsLegitimate Interest in providing continuity of care or with your explicit Consent.
Billing, Account Management, and Debt RecoveryPerformance of a Contract and Legitimate Interest in ensuring timely payment.
Maintaining Accurate Clinical and Financial RecordsLegal Obligation (e.g., Veterinary Medicines Regulations, HMRC tax law) and Legitimate Interest in managing a professional business.
Sending Marketing/Promotional Materials (e.g., newsletters, offers)Consent (where required) or Legitimate Interest (for existing clients under a "soft opt-in").

4. Sharing Your Personal Data

We will never sell your personal data. We only share your data with trusted third parties where necessary for your pet's care or for legal/business purposes, including:

  • Other Veterinary Professionals: Referral practices, out-of-hours providers, or another vet if you transfer practices, always with your consent (or implied consent for emergency referrals).
  • Insurance Companies: To process a claim on your behalf, with your consent.
  • Laboratories: To send samples for testing (limited personal data provided for identification).
  • External Service Providers (Data Processors): For IT, practice management software ([e.g., VetIT, Robovet]), payment processing, and confidential shredding. We have contracts in place requiring them to protect your data.
  • Regulatory/Legal Bodies: When legally required to do so (e.g., HMRC, RCVS, police).
  • Debt Collection Agencies: In the event of unpaid fees, under our Legitimate Interest.

5. Data Security and Storage

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. This includes:

  • Electronic records being secured by password protection and encryption.
  • Hard copy records being stored in locked cabinets or secure areas.
  • Restricting access to your personal data to employees and third parties on a strict 'need-to-know' basis.

6. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Clinical Records: We typically retain client and patient clinical records for a minimum of [State your period, e.g., 7 years] after the last treatment, in line with RCVS guidance.
  • Financial Records: Retained for 6 years to comply with UK tax law (HMRC).

After the retention period, your data will be securely and confidentially destroyed or anonymised.

7. Your Legal Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right to be Informed: To be informed about our collection and use of your personal data (via this policy).
  • Right of Access: To request a copy of the personal data we hold about you (Subject Access Request).
  • Right to Rectification: To have inaccurate data corrected.
  • Right to Erasure ('Right to be Forgotten'): To request that we delete your data (where we have no legal or contractual reason to retain it).
  • Right to Restrict Processing: To limit the way we use your data.
  • Right to Data Portability: To have your data transferred to another organisation.
  • Right to Object: To object to the processing of your data, particularly for direct marketing.
  • Rights related to Automated Decision Making and Profiling: We do not use your data for automated decision-making.

To exercise any of these rights, please contact our Data Protection Contact using the details in Section 1. We will respond to your request within one calendar month.

8. Making a Complaint

If you are unhappy with how we have used your data, please contact our Data Protection Contact first so we can try to resolve the matter.

You also have the right to lodge a complaint with the supervisory authority for data protection in the UK:

Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline number: 0303 123 1113
Website: https://www.ico.org.uk