top of page

Privacy Policy

Privacy Policy
​

Last updated: 30 September 2025

Flux Medical Limited (“we”, “our”, “us”) is committed to protecting your privacy and ensuring your personal information is handled securely and lawfully. This Privacy Policy explains what information we collect, how we use it, your rights under data protection law, and how to contact us with any concerns.

1. Who we are

Flux Medical Limited, trading as Lazomis, provides online and in-person healthcare services in the United Kingdom. We are registered in England and Wales (Company No: [insert]) with our registered office at [insert address].

We are a Data Controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information we collect

We may collect and process the following types of personal data:

  • Identity details: name, date of birth, gender.

  • Contact details: address, phone number, email.

  • Health information: medical history, test results, prescriptions, symptoms, consultations, and other special category health data.

  • Financial information: payment details if you purchase services.

  • Technical data: IP address, browser type, and device information when using our website or app.

  • Communication records: emails, messages, or calls with us.

3. How we use your information

We use your data to:

  • Provide healthcare services, advice, and treatment.

  • Arrange investigations, prescriptions, and referrals.

  • Communicate with you about your care, appointments, and results.

  • Manage our relationship with you, including billing and payments.

  • Improve our services and ensure patient safety.

  • Meet our legal, regulatory, and contractual obligations.

We will not use your personal data for marketing without your explicit consent.

4. Legal basis for processing

Under GDPR, we rely on the following legal bases:

  • Consent – when you agree to us processing your data (e.g., marketing opt-in).

  • Contract – to deliver healthcare services you request.

  • Legal obligation – to meet regulatory or reporting duties.

  • Vital interests – where urgent medical care is required.

  • Public interest in healthcare – when processing is necessary for medical diagnosis, treatment, and health management.

Special category data (health information) is processed under Article 9(2)(h) GDPR: provision of health or social care.

5. How we share your information

We only share your data when necessary, and always with appropriate safeguards. This may include:

  • Other healthcare professionals involved in your care.

  • Laboratories, pharmacies, or diagnostic providers.

  • Regulators or authorities when legally required.

  • Technology partners who host or secure our systems.

We do not sell your personal data.

6. Data storage and security

  • Data is stored securely in the UK or within approved jurisdictions.

  • We use encryption, access controls, and secure servers.

  • Staff receive data protection and confidentiality training.

  • We follow NHS and ICO guidance on handling health data.

7. Data retention

We retain your health records in line with NHS retention schedules and legal requirements. Other personal data is held only for as long as necessary to fulfil the purposes outlined in this policy.

8. Your rights

Under UK GDPR, you have the following rights:

  • Access – request a copy of the information we hold about you.

  • Rectification – ask us to correct inaccurate or incomplete data.

  • Erasure – request deletion of your data where legally possible.

  • Restriction – limit how we process your data.

  • Portability – receive your data in a portable format.

  • Objection – object to certain types of processing, including marketing.

  • Withdraw consent – at any time, where processing is based on consent.

To exercise your rights, contact us at [insert email].

9. International transfers

Where we transfer data outside the UK, we ensure it is protected by using adequacy decisions, contractual safeguards, or other lawful mechanisms.

10. Cookies and website use

Our website uses cookies to improve functionality and analyse usage. You can manage cookies through your browser settings. See our Cookie Policy for details.

11. Complaints

If you are concerned about how we handle your data:

  • Please contact us first at [insert DPO email].

  • You may also lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk.

12. Contact us

For questions about this Privacy Policy or your data rights, please contact:

Data Protection Officer
Flux Medical Limited
Email: admin@fluxmedical.co.uk
 

bottom of page