Privacy policy

Neurofer is the trading name of Your Private Healthcare Ltd, a UK-registered company providing private ADHD and autism assessment, titration, and ongoing care. We are the data controller for the personal information collected through this website and through your care with us. Registered office and ICO registration details to be confirmed by counsel.

When you enquire or book with us, we collect contact information (name, email, phone), administrative information (date of birth, address), and clinical information necessary for your assessment (screening responses, medical history, your reasons for seeking assessment). When you use this website, we also collect basic usage information through cookies and analytics, a separate cookie notice covers this in full.

Personal and clinical information is used to deliver your assessment, write your report, manage ongoing treatment, communicate with you about appointments, handle billing, and meet our regulatory obligations. We do not use clinical information for marketing, profiling, or any purpose unrelated to your care.

Our lawful bases under UK GDPR are: the performance of a contract (your care with us); legitimate interests (responding to enquiries, improving our service); legal obligation (record-keeping required of regulated healthcare providers); and consent (where you've actively opted in, such as marketing communications). For special category clinical data, we additionally rely on Article 9(2)(h), the provision of healthcare.

We share your information only where necessary: with the clinician delivering your care, with your GP under a shared-care agreement (where you've agreed to that), with our regulated processors (booking, payment, secure messaging, electronic patient records), and where the law requires. We do not sell or rent your data. Personal data is stored within the UK or EEA, on infrastructure that meets healthcare-grade security standards. Retention periods follow professional record-keeping requirements, typically 8 years for adults and longer for children's records.

Under UK GDPR you have the right to access your data, correct inaccuracies, ask us to delete data we no longer need to hold, object to certain processing, and complain to the Information Commissioner's Office (ICO). Some rights have limits where they conflict with our duty to maintain healthcare records, we'll always explain why if we can't action a request in full.

For any privacy-related question, or to exercise a right under UK GDPR, email privacy@neurofer.co.uk. We respond within five working days. If you're unsatisfied, you can complain to the ICO at ico.org.uk, but we'd rather hear from you first.