Central London Healthcare Ltd (CLH)

Privacy Notice – Booking Summary

We collect your personal data to manage training bookings, communicate with you about the training, and issue certificates where applicable. 

Your data will be used only for legitimate service delivery purposes and will not be sold to third parties. 

Some data may be shared with trusted providers such as payment processors or IT hosting services where necessary to deliver the training. 

Your information is stored securely and retained only for as long as necessary for legal and operational purposes (typically up to six years). 

You have rights under UK GDPR including the right to access, correct, or request deletion of your data. 

For questions or to exercise your rights, contact: clh.corporate@nhs.net.

Introduction

Central London Healthcare Ltd (“CLH”, “we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy.

This Privacy Notice explains how we collect, use, store and protect personal data relating to individuals who:

• purchase or attend our training

• register for events or programmes delivered by us

• contact us about our services

• interact with our website

This notice is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

Central London Healthcare Ltd is the data controller responsible for the personal data described in this Privacy Notice.

For questions about this notice or how we process personal data please contact:

Email: clh.corporate@nhs.net

You also have the right to contact the Information Commissioner’s Office (ICO), the UK regulator for data protection matters.

What Personal Data We Collect

We collect and process personal data necessary to provide training and related services.

This may include:

• Name and title

• Job role or professional role

• Organisation or employer

• Email address and telephone number

• Organisation address

• Training bookings and event registrations

• Attendance records and certificates issued

• Communications relating to training

• Billing and payment information where payments are processed

• Feedback or evaluation forms

Website usage data may also be collected, including IP address, browser type, device type, and pages visited.

How We Collect Personal Data

Personal data may be collected when:

• you book training with us

• your organisation registers you for training

• you contact us by email or telephone

• you complete forms on our website

• you provide feedback following training

• you use our website (via cookies or analytics tools)

Lawful Basis for Processing

We process personal data under the following lawful bases:

Contract – to deliver training services and manage bookings.

Legitimate Interests – to respond to enquiries and improve services.

Legal Obligation – to comply with financial, regulatory, or legal requirements.

Consent – where you opt in to receive marketing or training updates.

Sharing Personal Data

We may share personal data with trusted third parties where necessary to deliver services or comply with legal requirements.

This may include:

• payment processors

• IT hosting and support providers

• website analytics providers

• training facilitators or partners

• accreditation bodies where certificates are issued

• regulators where legally required

We do not sell personal data to third parties.

International Transfers

Personal data is not routinely transferred outside the United Kingdom. 

If transfers occur, appropriate safeguards will be implemented in accordance with UK GDPR.

Data Retention

Personal data will only be retained for as long as necessary for the purposes described in this notice.

Typical retention periods include:

• training and booking records – up to 6 years

• financial records – 6 years for accounting purposes

• marketing data – until consent is withdrawn

• website analytics – according to analytics platform settings

Data Security

We implement appropriate technical and organisational measures to protect personal data.

These include secure systems, restricted access controls, encryption where appropriate, contractual safeguards with service providers, and staff training on confidentiality and data protection.

Your Rights

Under UK GDPR you have the right to:

• access your personal data

• request correction of inaccurate data

• request deletion where appropriate

• restrict or object to processing

• request transfer of your data

• withdraw consent where applicable

To exercise these rights please contact: clh.corporate@nhs.net

Complaints

If you have concerns about how your personal data has been handled, please contact us first.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

www.ico.org.uk

Cookies

Our website uses cookies to enable functionality and understand how visitors interact with the website.

Cookies are small text files placed on your device when you visit a website. 

You can control cookies through your browser settings.

Further information about cookies is available at:

www.aboutcookies.org

Changes to This Privacy Notice

We may update this Privacy Notice from time to time. Updated versions will be published on our website.

Contact

CLH Corporate Team

Email: clh.corporate@nhs.net