Weavers Medical is the Controller of your personal data. We collect basic personal data about you such as name, address and contact details (e.g., email, mobile number), as well as location-based information.

We also collect sensitive confidential data known as “special category personal data”, including health information, religious belief (if required in a healthcare setting), ethnicity and sex life information, where relevant. We may also receive this information about you from other health providers or third parties.

Healthcare professionals who provide you with care maintain records about your health and any treatment or care you have received. These records help ensure the best possible healthcare and treatment. Records may be electronic, paper-based or a mixture of both, and are kept confidential and secure. These records may include:

• Personal details (e.g., address, emergency contact)
• Contact the surgery has had with you
• Notes and reports about your health
• Details of your treatment and care
• Test results (e.g., blood tests, x-rays)
• Information from other health professionals, relatives or carers

We process your personal and special category data to provide healthcare services under the UK GDPR, relying on:

• Article 6(1)(e): Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
• Article 9(2)(h): Processing is necessary for medical diagnosis, the provision of health or social care or treatment, or the management of health or social care systems.

This Privacy Notice applies to the personal data of our patients and any data you have given us about your carers/family members.

This involves using NHS data tools to assess risks to health and support prevention and targeted interventions. Identifiable information is used under strict controls, and you have the right to opt out.

We may review prescriptions with support from the ICB’s Medicines Management Team to ensure optimal treatments.

We may contact you using your provided contact details to inform you about NHS services or health-related information. You can opt in or out of specific communication methods.

With your consent, we may use your mobile number for appointment reminders or health screening notifications.

Our website uses cookies. More information can be found at:

• Weavers Medical Cookies
• Mawsley Medical ookies

To determine which Integrated Care Board (ICB) funds your treatment, limited personal data may be used in a secure environment for billing purposes only.

You may be offered appointments outside normal hours. We will share your medical record with health professionals involved. Your consent will be sought before booking.

We process personal data to safeguard children and vulnerable adults, based on:

• Article 6(1)(e)
• Article 9(2)(b)

Information may be shared with local authorities, police or other professionals to ensure safety and care.

We use approved third parties for services such as IT support, appointment systems and telecommunications. Contracts ensure data is kept secure and used only as instructed.

We use ANIMA, a secure NHS-assured digital platform, to assist in the processing and management of patient documents. ANIMA is used to support the clinical and administrative workflow by helping the practice manage and assign incoming documents efficiently.

Documents received by the practice (e.g., hospital letters, referrals, investigation results) are securely transferred to the ANIMA platform, where they are reviewed and processed by clinical and administrative staff. Once processed, the documents are filed directly into the patient’s medical record within SystmOne, our core clinical system.

Yes. Patient information transferred to and processed within ANIMA Docs is handled securely in line with NHS standards. All data is encrypted during transfer and storage. Access to ANIMA Docs is restricted to authorised staff only, and all actions are logged and auditable.

Processing of your data via ANIMA is necessary for the provision of healthcare and is carried out under the UK GDPR and Data Protection Act 2018 on the following legal bases:

• Article 6(1)(e): Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
• Article 9(2)(h): Processing is necessary for the provision of health or social care or treatment.

We adhere to the UK GDPR, DPA 2018, and other relevant laws and NHS codes. Staff are legally obliged to keep your information confidential.

With your explicit consent, we may use your information for research purposes. You can opt out at any time.

You can opt out of your confidential information being used for research or planning or call 0300 303 5678.

Data is processed in the UK. If data is hosted elsewhere, it is only in countries with adequate protection standards approved by the UK Government.

We may share data with:

• NHS Trusts/Foundation Trusts
• GPs and PCNs
• ICBs, NHSE, NHS Digital
• Social care services, police, ambulance, fire services
• Approved voluntary and private sector providers

We use a clinical system shared securely with other clinicians involved in your care. You may opt out if based on consent.

We may share data without consent where required by law, e.g., to prevent serious harm, safeguard others, or comply with court orders.

Data is retained as per the NHS Records Management Code of Practice for Health and Social Care 2021.

• Right to be informed
• Right of access
• Right to rectification
• Right to erasure (where applicable)
• Right to restrict processing
• Right to data portability
• Right to object
• Rights related to automated decision-making

You can contact us to exercise these rights. We aim to respond within one month.

We may share your information with practices in our PCN to improve care.

To access your data:

• Submit a request to the practice
• Provide ID and necessary details
• We provide copies free of charge within one month

Let us know promptly if your personal information changes.

Contact our Practice Manager:

Mrs Jo Barker
Practice Manager
Weavers Medical
Prospect House
121 Lower Street
Kettering, NN16 8DN

If unsatisfied, contact the Information Commissioner’s Office or call 0303 123 1113.

Provided by Midlands and Lancashire Commissioning Support Unit

• Email: mlcsu.ig@nhs.net
• NHS Midlands and Lancashire website

We may update this notice. Updates will be published on our website and in the surgery.