Privacy Policy


Last reviewed: 4th April 2022

Next review due: 4th April 2023


By using this website, you expressly agree to the collection and use of your information for the purposes set out in this privacy policy. 


All Health Matters (AHM) as both the Data Controller and Data Processor is committed to protecting the rights of the individual and acknowledge that any personal data of yours that we handle will be processed in accordance with the General Data Protection Regulations (GDPR) 2018. Please read this privacy policy carefully as it contains important information about our use of your information. It explains what information we collect about you, and how we use it, including when we might disclose it to third parties. 




We take no identifiable user based data without consent on our website.

The only data taken that will include user identifiable data is from submitted forms from our contact (to enquire about how we can help your business or serve you personal medical requirements), recruitment (to apply for any vacancies that we have advertised).

Google Analytics: No identifiable data is taken via Google Analytics on our website, please visit to find out more about Google’s position on privacy and data protection.

We will never contact you apart from as a response to our email form unless you have given us express permission (via the radio button on the contact form on the contact page).


What Data will be collected


So that you can enquire about our services you may choose to submit your personal contact information including your name, company, email address, and contact number to us using our website enquiry form. We will process your information on the basis that you have given us your explicit consent to contact you about our services. The information you provide will only be used to contact you about our occupational health and private medical services, as outlined in your accompanying message.   


We will also ask you at the time of submitting your website enquiry, whether you would like to receive our company newsletter. If you select yes then you will also receive our standard company newsletter no more frequently than monthly. 


We may also collect data about your use of our website automatically using cookies. Please see our Cookie Policy for more information. 


The following data may be collected, held and shared by All Health Matters if you are an employee of an AHM client: 

  • Personal information (e.g. Name, Address, Date of Birth) 

  • Characteristics (ethnicity, gender) 

  • Past and present Job roles 

  • Health Records 


If you send us any sensitive personal data, including information about your health (such as a medical condition) or your disability, we may use that information to provide the services to our client/s. We will do this in line with any notices provided or consent that AHM or our client obtains from you and otherwise in compliance with relevant legislation. This includes data protection and equality laws. Where appropriate, it also includes ethical guidelines issued by the General Medical Council, Faculty of Occupational Medicine and others. We may also contact the author of information you send us to confirm it is accurate. 


We will take appropriate measures to protect such sensitive personal data at all times. We and any third parties who host or maintain our website or online systems may need to manage the information about you and/or your computer to maintain our systems effectively. Every care has been taken to ensure that the suppliers we work with comply with GDPR by way of due diligence checks and regular enquiry to ensure that their services remain compliant and secure. 


Where will it be collected from

  • Directly from you

  • Human Resources

  • Managers

  • Employees

  • Occupational Health Physicians

  • Other Medics


How will it be collected

  • Web form

  • Post

  • E mail

  • Verbal

  • Fax


Why is it collected

  • Article 9 of GDPR states that processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health and social care or treatment, or the management of health and social care systems. It is collected to ensure the health and safety of the employees at work and to allow consideration of any adjustments that may be required to support their ability to work.

  • Data may also be used for research, audit or statistics but will be anonymised if this is the case.

Lawful Basis for processing sensitive information

  • Lawful basis for processing this sensitive personal information is to provide information and services as requested by you.

  • To provide management information with regard to fitness for work.

  • Additional condition - Article 9(2)(h) specifically authorises processing of data as Occupational Medicine is a special category thus "processing is necessary for the purposes of Occupational Medicine" and Article 9(3) which states that processing is permitted "When these data are processed by a regulated health professional"

  • To comply with the legal requirement to store Health Data/ Outcomes under Health Surveillance (HS) legislation.

How long will data be held for

  • Management referral information will be held for 6 years after the employee has left their job or 75 years of age (whichever is soonest) as recommended by the British Medical Association (BMA)

  • Pre placement medicals will be discarded after 2 years if the employee doesn't take up the offer of the job

  • 40 – 50 years in relation to Health Surveillance as required by the Health and Safety Executive (HSE)

  • Client information will be held for the duration of our business relationship with you, and for 3 years following last contact unless otherwise agreed.

  • Private travel customers' data will be held for 2 years following date of last vaccine.

How will the data be stored

  • Your records will be stored in accordance with medical records storage on electronic management systems which complies with GDPR regulations. Paper records are stored in accordance with DPA medical records storage.

Who will my information be shared with

  • We will not share information about you with third parties without your consent unless the law allows us to.

What are your rights

  • You have the right to see any information we hold about you in your occupational health record. The request should be made in writing and should be responded to within 4 weeks without charge. You can also request that an amendment is attached to your health record if you believe any of the information held by All Health Matters is inaccurate or misleading, subject to legislative clauses.

Changes to privacy policy

  • We reserve the right to add to or change the terms of this privacy policy in our sole discretion, without prior notice to you. If we change this privacy policy, we will post the new privacy policy on the website, and it will become effective from the time of posting to the website. Please visit this privacy policy on a regular basis to make sure you have read the latest version and you understand what we do with your information. Wherever possible, we will give you notice of any changes prior to their implementation.

Links to other websites

  • This website contains links to other websites. Please be aware that we are not responsible for the privacy policies of such other sites. We encourage users to be aware when they leave the website and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies solely to information collected by this website and AHM.


If you have any questions about our privacy policy or the information we hold about you, please contact us at the address or telephone number on our contact us page here.

See also: Cookie Policy