Get in touch or book

Privacy Policy

Effective Date: 15 November 2025
Jurisdiction: England & Wales
Controller: Marguerite Williams (sole trader)
Contact: midwifemarguerite@gmail.com | 07521 267789
Website: www.midwifemarguerite.com
Regulatory & Insurance: Registered Midwife (NMC 111E1039E), insured with Westminster & RCN

1. Who We Are

Call the Midwife Marguerite provides midwifery care, lactation support and tongue-tie assessment/division via in-person and virtual consultations.
We are committed to protecting your privacy and handling your information securely.

2. Legal Basis for Processing

We process personal data in accordance with the UK GDPR and the Data Protection Act 2018.

Our lawful bases include:

  • Consent
  • Contract (providing the service you have booked)
  • Legal obligation (record-keeping, safeguarding)
  • Vital interests (where necessary to protect life)
  • Legitimate interests (routine business administration)
Special Category Data (Health Information)

We process health information under Article 9(2)(h) of the UK GDPR for the provision of health or social care.

3. Data We Collect

We may collect the following types of information:

Personal data
  • Name, address, phone number, email
  • Emergency contact details
  • Payment and invoicing information
Special category data (health)
  • Pregnancy, birth, and feeding history
  • Parental health information
  • Relevant mental or physical health details
  • Tongue-tie assessments and clinical notes
  • Infant health information (provided by parent/guardian)
Images
  • Photos/videos only with explicit written consent
  • Used solely for purposes agreed (e.g., clinical assessment)
Communication data
  • Emails
  • WhatsApp messages
  • Website form submissions
  • Appointment booking information
Website & analytics data
  • Cookie preferences
  • Browsing data (e.g., page views, device type)

4. Purpose of Processing

Your data is used to:

  • Provide midwifery, lactation and tongue-tie services
  • Maintain accurate clinical records
  • Communicate with you about appointments and care
  • Manage invoicing and administration
  • Respond to enquiries
  • Fulfil professional and legal obligations
  • Ensure safe, evidence-based care

5. Children’s Information

Information about infants is collected only from their parent or legal guardian and forms part of the clinical record.

6. Sharing Your Data

Your data is shared only when necessary and only with:

Approved data processors, such as:
  • Email hosting providers
  • Cloud record/clinical note systems
  • Encrypted storage services
  • Invoicing and payment tools
  • Communications tools (e.g., WhatsApp)
  • Website analytics platforms

These processors act under strict contractual terms and do not use your data for their own purposes.

Healthcare professionals

Information may be shared with other healthcare providers only with your consent, except in safeguarding or legal requirements.

Safeguarding

If there are concerns for the welfare of a baby, child, or vulnerable adult, information may be shared with statutory services as required by UK law.

No data selling

We do not sell or trade your personal information.

7. Retention

  • Clinical records: 7 years, or until the child’s 21st birthday (whichever is later)
  • General enquiries: 12 months
  • Invoices and tax records: 6 years + current year
  • Photos/videos: retained only with consent, and only for the agreed purpose(s)

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Request correction of inaccurate data
  • Request deletion (where applicable)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time (for consent-based processing)
Clinical records

Deletion of clinical records may not always be possible where retention is required by law or professional guidance.

Complaints

You may complain to the Information Commissioner’s Office (ICO) at: www.ico.org.uk

9. Cookies & Analytics

This website may use essential cookies and optional analytics cookies.
For full details, please see the Cookie Policy.

10. Security

We use multiple safeguards to protect your data, including:

  • Encrypted devices and secure storage
  • Password protection and access controls
  • Secure email and cloud systems
  • SSL encryption on the website
  • Restricted access to clinical records
  • Professional, compliant practice management tools

11. Communications

WhatsApp and email are used for routine communication only.
These channels must not be used for urgent or emergency concerns.
For emergencies, contact 999, NHS 111, or go to A&E.

12. Website Hosting

Our website hosting provider stores data within the UK, US or EU and uses secure, encrypted connections. Website administration access is restricted.

13. Changes to This Policy

We may update this Privacy Policy periodically.
The latest version will always be available on this page.