Skip to content

Privacy Policy

Privacy Policy

This privacy policy sets out how we use and protect your personal data and any information that you give us when you use our website, make a purchase, register for and use any of our services, contact us by phone, email or other electronic means (e.g. social media, text message, internet message, video message), or write to us.  We are committed to ensuring that your privacy is protected.  

This page, together with our website terms and conditions and our cookie policy, will let you know how we use and protect your personal information. If you have any questions about this just send us an email at [email protected].  Our postal address is Praze Surgery, School Road, Praze-an-Beeble, Camborne, Cornwall, TR14 0LB

Below we have answered a range of questions to help you better understand how we protect your personal information:

What information do we collect?

Personal information is any information that can be used to identify you. So, for example, if you request services or order products from us, we may collect and process the personal information that you’ve provided. This personal information may include your name, email address, postal address, telephone or mobile number and records of correspondence for instance emails regarding quotes, as well as how you came to find us.

 Our collection methods are:

  • Through our website
  • Through engagement with the business
  • Via responses to communications like emails, press releases
  • Networking and events
  • Through engagement of service providers
  • Through engagement on social media

We may also collect details of your visits to our website, for example your location data, other sites you’ve visited and the resources that you access. We use this to provide you with the information, services or products that you’re interested in and are most relevant to you.

To understand how we use information about the communications devices you use, such as IP address (the location of the computer on the internet) and cookies, please see our Cookies policy page.

How do we keep your data up to date?

We may from time to time, update your records to reflect any changes to your personal information. 

This information may come directly from you, or it may come from a third party that we consider is legitimate and trustworthy and in circumstances where it is appropriate and where you will have had a clear expectation that your details would be passed on for this purpose.

We may also combine the information you provide us with, with information we collect from trusted third parties and partners such as business partners, sub-contractors, advertising networks, analytics providers, search information providers as well as publicly available sources.

How do we use Cookies?

We use your cookies to give you a more personalised experience online. It helps us create a more effective website that reflects your needs. We may also collect and record information about how you use our site by collecting your IP address (in simple terms that just means a number that identifies a specific computer or other internet device). 

By continuing to use our site, you agree to our use of cookies – but these cookie files and IP addresses will never identify you as an individual. For more information on cookie files and IP addresses read our cookies policy. This page also includes instructions on how to disable cookies if you don’t want them to be used.

How we use your personal information?

We use information held about you in the following ways:

  • To analyse and improve the user experience on our website.
    This means we can provide you with the most user-friendly navigation experience we can, which may involve providing your information to third parties.
  • To provide you with information (such as our latest projects), on services or products you’ve requested or which we feel may interest you.
    Because we have a “legitimate interest” in doing so. (A “legitimate interest” may arise, for example, when we may have been given a business card but do not have your express consent, where you have purchased a similar product from us and we therefore have an existing business to business relationship with you.
  • To carry out our obligations arising from any contracts entered into between you and us;
  • To allow you to participate in interactive features of our service when you choose to do so, e.g. Downloading a document from our website.
  • To carry out necessary maintenance to our IT infrastructure.
  • And also to notify you about changes to our service.

 We may also use social media and may wish to process any comments made public by you.

  • To use your IP addresses to identify relevant information.
    This may include information such as your approximate location. It also helps us to block disruptive use or establish information like the number of visits to the website from different geographical areas.
  • To make our marketing campaigns more targeted and relevant

  • To process personal information and/or provide this to a third party for the purposes of profiling and understanding who visits our site.
    This could be analysing demographics to inform our campaign and marketing strategies.
  • To match information collected from you through different means or at different times.
    That could include using information collected online and offline, along with information obtained from other sources, including third parties and publicly available sources, to ensure that the information we hold about you is up to date and accurate.
  • If you do NOT want us to use your data for direct marketing purposes
    Please contact us by email [email protected] or call 01209 831386 so we can ensure this doesn’t happen.

Your rights Under the General Data Protection Regulations GDPR your rights are:

The right to be informed – We must make available this privacy notice with the emphasis on transparency over how we process your data.

The right of access – You are entitled to find out what details we may hold about you and why.

The right to rectification – We are obliged to correct or update your details.

The right to be forgotten

The right to restrict processing – You have the right to ‘block’ or suppress the processing by us of your personal data.

The right to data portability – You have the right to obtain and reuse your personal data that you have provided to us.

The right to object – You have the right to object to us processing your data in relation to direct marketing and or profiling.

Rights in relation to automated decision making and profiling – We do not use automated decision making or processing. 

How long will we keep your information?

We do not intend to keep your information for longer than necessary in relation to the purposes for which it was originally collected, or for which it was further processed, subject to certain legal obligations mentioned below. 

We will retain personal data in accordance with our data retention policy, set out below. We review our data retention periods for personal information on a regular basis.

We hold personal information relating to:

    • Orders you have placed with us
      for 12 years since the date of your last order or contract with us, this is because of the indemnity insurance policies for our products
    • Requests for a quote
      for 5 years since the date of your last request
    • subscribing to a newsletter
      you can unsubscribe at any time

The law allows you to withdraw your consent to any particular usage of your data at any time without needing to specify a reason. You can withdraw your consent by emailing us at [email protected]or calling us on 01209 831386.

How will we handle your information and other organisations

We will not rent or sell your personal information to other organisations for use by them in any way, including in their own direct marketing activities.

However we may pass on your information to external service providers to contact you on our behalf. For example, we may pass on your personal information to market research companies to conduct research on our behalf.

We may ask external service providers to carry out tracking and analysis on our behalf as described in the cookies policy.


We may pass on your personal information to online advertising tools, including Facebook Custom audiences, Google Adwords Match and Google Analytics to carry out ‘remarketing activities’ – this is if you’ve already visited our website. We can direct you back to our website through ads shown on sites across the internet by third-party vendors, including Google and Facebook. These third party vendors may use cookies to serve these ads based on your past visits to our website. You can opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative’s opt-out page.

We may disclose your personal information to third parties if we are legally obliged to.

Following links to third party website

This website may include links to other websites, not owned or managed by Godolphin Health. Whilst we try our best to only link to reputable websites we cannot be held responsible for the privacy of data collected by sites not managed by Godolphin Health nor can we accept responsibility or liability for those policies. For this reason you should consult the privacy policy on any external website you link to before you submit any data to those websites.

Posting or sending inappropriate content

If you post or send any content that we believe to be inappropriate or content in breach of any laws, such as defamatory content, we may use your personal information to inform relevant third parties such as your internet provider or law enforcement agencies.

Where do we store your data?

The personal information collected from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by individuals operating outside the EEA who work for us or working on our behalf. This includes staff engaged in, among other things, the provision of support services. 

By submitting your personal data, you agree to this transfer, storing and processing at a location outside the European Economic Area.

We have taken all steps reasonably necessary to make sure that your data is treated securely and in accordance with this privacy policy. We have done our best to protect your personal data and ensured that it will be held in compliance with European data protection regulations.

Unfortunately, the transmission of information via the Internet is never 100% secure and we cannot guarantee the security of your data transmitted to our website. This means any such transmission is at your own risk.

In cases when we use external websites provided by other organisations such as Twitter, YouTube or Facebook, then we would ask you to consult their privacy policies.

Updates or changes to this Privacy Policy

We keep our privacy notice under regular review and changes may be made to it from time to time. The current version of our privacy notice will be posted on our website so that you are aware of its contents.


You have the right to complain about the processing of your personal information. Please contact us by emailing [email protected]or calling us on 01209 831386.

If you are still dissatisfied, you have the right to complain to the Information Commissioners Office.


Population Health Management

What is Population Health Management?

Population Health Management (or PHM for short) is aimed at improving the health of an entire population. It is being implemented across the NHS and this Practice is taking part in a project extending across Cornwall and the Isles of Scilly.

PHM is about improving the physical and mental health outcomes and wellbeing of people and making sure that access to services is fair, timely and equal. It helps to reduce the occurrence of ill-health and looks at all the wider factors that affect health and care.

The PHM approach requires health care organisations to work together with communities and partner agencies, for example, GP practices, community service providers, hospitals and other health and social care providers.

These organisations will share and combine information with each other in order to get a view of health and services for the population in a particular area. This information sharing is subject to robust security arrangements.

How will my Personal Data be used?

The information will include personal data about your health care. This information will be combined and anything that can identify you (like your name or NHS Number) will be removed and replaced with a unique code.

This means that the people working with the data will only see the code and cannot see which patient the information relates to.

If we see that an individual might benefit from some additional care or support, we will send the information back to your GP or hospital provider and they will use the code to identify you and offer you relevant services.

Examples of how the information could be used for a number of healthcare related activities include;

  • improving the quality and standards of care provided
  • research into the development of new treatments
  • preventing illness and diseases
  • monitoring safety
  • planning services

Who will my Personal Data be shared with?

Your GP and other care providers will send the information they hold on their systems to the South West and Central Commissioning Support Unit. SWC CSU are part of NHS England. More information can be found here

SWC CSU will link all the information together. Your GP and other care providers will then review this information and make decisions about the whole population or particular patients that might need additional support.

SWC CSU work in partnership with a company called Optum to help them with this work. Both SWC CSU and Optum are legally obliged to protect your information and maintain confidentiality in the same way that your GP or hospital provider is. More information about Optum can be found here

Is using my Personal Data in this way lawful?

Health and Social Care Providers are permitted by data protection law to use personal information where it is ‘necessary for medical purposes’. This includes caring for you directly as well as management of health services more generally.

Some of the work that happens at a national level with your personal information is enabled by other legislation. Sharing and using your information in this way helps to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law and, in the majority of cases, anonymised data is used so that you cannot be identified.

For more information, speak to our Data Protection Officer who will be happy to help with any queries you may have.

What will happen to my Personal Data when the Personal Health Management project is finished?

The PHM project is time-limited to 20 weeks. This will provide enough time to evaluate the benefits of PHM. Once the project has completed all personal information processed by SWC CSU / Optum will be securely destroyed. This will not affect any personal information held by your GP or other health or social care providers.

Can I object to my Personal Data being used as part of the Personal Health Management project?

You have a right to object to your personal information being used in this way. If you do choose to ‘opt out’ please contact our Data Protection Officer in the first instance. If you are happy for your personal information to be used as part of this project then you do not need to do anything further, although you do have the right to change your mind at any time.

You also have a number of other rights relating to how your personal information is used. See our main privacy policy for more information [insert link to practice website].

If you still have concerns, you can also contact the Information Commissioner’s Office directly at the following link


Devon and Cornwall Care Record

Health and social care services in Devon and Cornwall have developed a system to share patient data efficiently and quickly and, ultimately, improve the care you receive.

This shared system is called the Devon and Cornwall Care Record.

It’s important that anyone treating you has access to your shared record so they have all the information they need to care for you. This applies to your routine appointments and also in urgent situations such as going to A&E, calling 111 or going to an out-of-hours appointment.

It’s also quicker for staff to access a shared record than to try to contact other staff by phone or email.

Only authorised health and care staff can access the Devon and Cornwall Care Record and the information they see is carefully checked so that it relates to their job. Also, systems do not share all your data – just data that services have agreed is necessary to include.

For more information about the Devon and Cornwall Care Record, please go to


Coronavirus (COVID-19) response transparency notice

NHS Digital are undertaking a range of work to support the government response to the coronavirus outbreak. NHS Digital is collecting personal data from General Practices. The following notice details NHS Digital’s legal bases for processing personal data in the course of this work. Coronavirus (COVID-19) response transparency notice – NHS Digital


Brave AI

At Godolphin Health, we are committed to protecting your privacy and ensuring the confidentiality of your information.

We want to provide you with insight into how BRAVE AI is utilised across Primary Care Networks in Cornwall & Isles of Scilly and its potential impact on your healthcare. BRAVE AI serves as a clinical decision support tool, empowering clinicians to make well-informed decisions about individualised care plans. It’s essential to understand that the tool itself does not autonomously make decisions regarding interventions; instead, it assists healthcare professionals in their decision-making process.

BRAVE AI employs sophisticated computer algorithms to evaluate the complexity of each patient’s health needs within our practice. By assigning a score, it helps identify individuals at risk of deteriorating health, potentially necessitating hospitalisation. This innovative tool enhances our ability to recognise patients who may otherwise be overlooked, including those with borderline health indicators or infrequent medical interactions.

It’s crucial to emphasize that BRAVE AI does not utilise identifiable patient data. However, the provision of NHS numbers enables our practice to pinpoint individual patients who may benefit from interventions. Furthermore, all data processed by BRAVE AI is stored securely within NHS network servers, inaccessible from external sources. Confidential patient information is exclusively disclosed to clinical teams directly involved in patient care.

The primary objective of BRAVE AI is to promote preventive healthcare practices over reactive treatments. It facilitates proactive discussions with patients regarding their overall wellbeing, extending beyond mere medical concerns. These conversations may involve various healthcare professionals, including Health Coaches and nurses, in addition to GPs.

Should you have any questions or concerns regarding the processing of your data alongside BRAVE AI, we encourage you to contact us at [email protected]


Targeted Lung Health Check

Peninsula Cancer Alliance is introducing the Targeted Lung Health Check (TLHC) programme to Cornwall. The service aims to invite people identified as being at increased risk of lung cancer due to their age and smoking history, for a lung health check. Depending on the results, people may then be offered a CT scan in a convenient place, close to home.

The programme builds on several landmark studies, including the 2018 NELSON study, which has reported a 26% reduction in lung cancer deaths when high-risk patients had a lung health check and CT scan. It also follows successful trials in Manchester, Liverpool, and Nottingham. During the Manchester trial, 65% of lung cancers were diagnosed at stage 1 and 13% at stage 4, compared to 18% at stage 1 and 48% at stage 4 before the trial.

Please read this Privacy Notice carefully as it sets out the basis on which any personal data we process will be handled. This Notice sets out the types of personal data that we collect about you and will explain how and why your personal data is used. We will also explain how long your data will be kept and when, why and with whom your data may be shared.

The Notice sets out the legal basis we have for processing your personal data and explains the effects of refusing to provide the personal data requested. We will also explain the various rights and choices that you have when it comes to your personal data and how you can contact us.

What personal data do we collect about you and where from?

Information from your telephone triage appointment, nurse appointment and possible CT scan and your GP Practice will be kept on a register of people who meet the eligibility criteria to provide this service and monitor your needs and the quality of care provided. The register holds your full name, NHS number, gender, date of birth, ethnic group, phone numbers, correspondence addresses, and details of your GP Practice, as well as details of your medical record related to your lung health.

Who do we share your personal data with?

The Lung Health Check Service will keep information about you and your lung care to ensure we deliver a safe and quality service. The register is maintained by InHealth Ltd and their subsidiary, InHealth Intelligence, both companies are NHS Business Partners contracted by the NHS to deliver this service.

If you are eligible for a CT scan, your images will be securely transferred directly to Aidence, a sub-contracted automated lung nodule detection tool, then onto Heart & Lung Health (HLH) a sub-contracted Radiologist reporting service and then communicated to InHealth and the local hospital trust Radiology departments. InHealth will issue the results to you directly via letter.

Dispatch of Invitation and Result Letters

To send appointment and result letters, InHealth use a letter dispatch service provided by iMail (formerly UK Mail) who securely print and dispatch our letters via Royal Mail business class. The letter information is only retained for a short period which allows printing and dispatch. Once dispatched, data is retained for 90 days to allow for monitoring of service performance and is deleted afterwards. Notify Service/Voodoo Notify/Voodoo provides a text messaging service which is used by InHealth to send text messages to patients in relation to their appointments. To support this, your mobile telephone number and time/venue of your appointments is shared with Notify/Voodoo. This data is used only for this purpose and is retained for a short period to allow for monitoring of service performance.

How long do we keep your personal data for?

We will keep your information for the length of the contract of the Cornwall Targeted Lung Health Check service. After this time, we (including Aidence and HLH) will securely transfer your data and images to the new provider under instruction from the NHS Commissioner, then delete all personal data in a secure manner.

Who has access to your personal data?

The security arrangements that protect your privacy ensure that your data is only accessed by staff involved in the delivery of the Lung Health Check Service, and healthcare professionals involved in your care working for InHealth, Aidence, HLH or the NHS and only for the purposes of direct care.

How will we communicate with you?

We will communicate with you via letter and text (SMS) message regarding your Lung Health Check. If you wish to talk to us about your communication preferences, please call the Bookings Office.

What legal basis do we have for using your information?

InHealth have been commissioned by the Peninsula Cancer Alliance to deliver this service in support of your direct patient care. Patients are referred to the service via your GP Practice. You can opt-out of the service by letting the Bookings Office know. If you are eligible for a CT scan the images will be provided to Aidence, HLH and your local hospital trust and we will provide results back to your GP Practice and yourself. If you do not qualify for a CT scan, we will provide the results to your GP Practice and in writing to yourself.

How do we protect your information?

We aim to ensure all personal data is held and processed in a secure way and we only let healthcare professionals who have a legitimate interest in your care access to your data. Examples of our security include:

  • Encryption – meaning that the information is hidden so that it cannot be read without special knowledge (such as a password)
  • Controlling access to systems and networks, this allows us to stop people who are not allowed to see your data from accessing it
  • Controlling access for different user roles, so only certain data required for a specific role is accessible
  • Training our staff to ensure they know how to responsibly and securely handle data including how and when to report if something goes wrong
  • Regular testing of our technology including keeping up-to-date on the latest security updates.
  • No personal data will be transferred outside the UK.
  • Can you access the information we hold?
  • Of course, please email the Data Protection Officer (details below) to request a Subject Access Request Form.
  • Where can I get further information?
  • If you have any queries or concerns about how we handle your personal data, please contact:
  • Mr Michael Pennington (Data Protection Officer)
  • InHealth Intelligence, Universal House, E.r.F Way, Middlewich, Cheshire, CW10 0QJ
  • Email: [email protected]
  • Telephone: 01270 765124
  • For independent advice about data protection, privacy and data sharing issues, the Information Commissioners Officer (ICO) are always happy to help:
  • Information Commissioner’s Office
  • Wycliffe House, Water Lane
  • Wilmslow, Cheshire, SK9 5AF
  • Website:
  • Telephone: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
We use cookies to improve your experience and deliver personalised content. By using our site, you agree to our Cookies policy.

Read cookie policy