(For treatment side effects and complications only)
For Covid-19 and your information please click here
The Clatterbridge Cancer Centre NHS Foundation Trust is one of the UK’s leading cancer centres providing highly specialist cancer care to a population of 2.3m people across Merseyside, Cheshire and the surrounding areas including the Isle of Man.
We are based in Wirral, Merseyside supported by a £17m radiotherapy treatment centre in Aintree, Liverpool. We also operate specialist chemotherapy clinics in eight of Merseyside’s district hospitals and deliver a pioneering Treatment at Home service.
Our Trust is registered with the Information Commissioner’s Office (ICO) to process personal and special categories of information under the Data Protection Act 2018 and our registration number is Z7367711.
Under data protection law we are legally required to provide information about how we use your information in a way that is:
Data protection law says the personal information we hold about you must be:
This privacy notice explains what we do with your personal information where we are or have provided care to you. It tells you:
Please note that the information contained in this privacy notice is applicable to all Clatterbridge Cancer Hospital NHS Foundation Trust sites.
General Data Protection Regulation
information relating to a natural (living) person or "data subject", which can be used to identify the person. This provides for a wide range of information to constitute personal data, for example:
social media posts
Special category personal data
information which is thought to be "extra sensitive", such as:
data concerning health
religious or philosophical belief
the organisation that determines or decides the purposes, conditions and means of the processing of personal data i.e. Clatterbridge Cancer Centre NHS FT
Anything that is done to the personal data we hold
the processing of personal data in such a way that the data can no longer be attributed to a specific person without the use of additional information (key).
Information Commissioner’s Office (ICO)
the body that regulates the Trust under data protection and freedom of information legislation.
Below are key examples of the purposes and rationale for why we collect and process information:
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service being provided.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute.
If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with NHS retention policy. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
For processing personal data:
For processing special categories of personal data:
We have entered into contracts with other companies/organisations to provide some services for us or on our behalf. These organisations are known as “data processors"
These organisations are subject to the same legal rules and conditions for keeping personal confidential data and secure and are underpinned by a contract with us.
Before awarding any contract, we ensure that organisations will look after your information to the same high standards that we do. Those organisations can only use your information for the service we have contracted them for and cannot use it for any other purpose.
General Data Protection Regulation
We will obtain your consent for this purpose, when you initially contact us to get involved in our engagement and consultation activities.
Where you submit your details to us for involvement purposes, we will only use your information for this purpose. You can opt out at any time by contacting us using our contact details at the end of this document
*For more information on the Cancer Registry please see the following websites:
Article 6(1)(e) - Necessary for the performance of a task carried out in
the public interest or in the exercise of official authority vested in the
In addition to the purposes listed above The Clatterbridge Cancer Centre NHS Foundation Trust may process information for specific purposes which are listed below:
We are committed to protecting your privacy and will only process personal confidential data in accordance with current Data Protection Laws, General Data Protection Regulations, the Common Law Duty of Confidentiality and the Human Rights Act 1998.
Personal confidential data describes personal information about identified or identifiable individuals, which should be kept private or secret and includes deceased as well as living people.
Examples of identifiable data are:
This is not an exhaustive list, and will depend on information you have provided to healthcare professionals.
In addition to the above, we may also hold special category personal information about you which could include:
Your personal information will only be kept for as long as necessary, in accordance with the Trust’s Record Management Policy. This is in line with the NHS Code of Practice: Records Management, which sets out the appropriate length of time each type of NHS record is held for.
The Clatterbridge Cancer Centre NHS Foundation Trust works closely with other organisations to support patient care. This means that information will be shared between the hospital and other organisations who may be caring for you or involved in your care. These may include:
In instances where the legal basis for sharing of confidential personal information relies on the patient's explicit or implied consent, you have the right at any time to refuse consent to the information sharing, or to withdraw your consent previously given.
In instances where the legal basis for sharing information without consent relies on HRA CAG authorisation under Section 251 of the NHS Act 2006, then you have the right to register your objection to the disclosure, and the Trust is obliged to respect that objection.
In instances where the legal basis for sharing information relies on a statutory duty/power, patients cannot refuse or withdraw consent for the disclosure
Where information is to be shared across organisational boundaries on a regular basis information sharing agreements should be in place between all of the sharing parties involved. For a list of current Information Sharing Agreements please click here
If we need to use your personal information for any reasons beyond those stated above, we will discuss this with you and ask for your explicit consent. The Data Protection Act 2018 gives you certain rights, including the right to:
i. Under the Data Protection Act 2018, we are authorised to process, i.e. share, your health records "for the management of healthcare systems and services"
ii. Your consent will only be required if we intend to share your health records beyond these purposes, as explained above
iii. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time
In certain circumstances you may also have the right to "object" to the processing (i.e. sharing) of your information where the sharing would be for a purpose beyond your care and treatment
i. For further information, please see the National data opt-out programme
National Data Opt-Out: GDPR information - NHS Digital
You have a choice about how you want your confidential patient information to be used. If you’re happy for us to use your information, you do not need to do anything.
If you choose to opt out, your confidential patient information will still be used to support your individual care.
To find out more about the wider use of confidential personal information and to register your choice to opt out if you do not want your data to be used in this way, visit the National Data Opt Out Programme. If you do choose to opt out you can still consent to your data being used for specific purposes.
You also have the right to ‘opt out’ of having your information used in any mandatory audits which the Trust is subject to.
If you are happy with this use of information you do not need to do anything. You can change your choice at any time.
Confidential patient-identifiable information is only shared with other organisations where there is a legal basis for it as follows:
When there is a Court Order or a statutory duty to share patient data;
When there is a statutory power to share patient data;
When the patient has given his/her explicit consent to the sharing;
When the patient has implicitly consented to the sharing for direct care purposes;
When the sharing of patient data without consent has been authorised by the Confidentiality Advisory Group of the Health Research Authority (HRA CAG) under Section 251 of the NHS Act 2006
This list is not exhaustive but indicative of the information recorded.
Your information will not be sent outside of the United Kingdom where the laws do not protect your privacy to the same extent as the law in the UK.
The Trust will never sell any information about you to other organisations for profit.
If you have any questions or concerns regarding how we use your information, please contact the Trust's Data Protection Officer:
The Information Governance ManagerThe Clatterbridge Cancer Centre NHS Foundation TrustClatterbridge Cancer Centre - WirralClatterbridge RoadWirralCH63 4JY
The Information Commissioner’s Office (ICO) is the body that regulates the Trust under data protection and freedom of information legislation.
ICO website(opens in new tab)
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the ICO.
How to make a complaint to the ICO
Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire, SK9 5AF
0303 123 1113
01625 545 745
A child friendly copy of this privacy notice is available to download from here