Effective: 8 May 2026

This notice explains how BestHear collects, uses, and protects information about the patients we treat and the visitors who use our website. We’ve written it in plain English and tried to keep it as short as the law allows. If anything is unclear, please contact us on the details at the end.

1. Who we are

BestHear is the trading name of Platinum Audiology Ltd, a private audiology practice with two clinics in South Wales:

  • BestHear at Parkway Clinic, Lamberts Road, SA1 Waterfront, Swansea SA1 8EL
  • BestHear at The Health Hut, 67 Talbot Road, Talbot Green, Pontyclun CF72 8AE

Platinum Audiology Ltd is registered in England and Wales, company number 11936742. Our registered office is on file at Companies House.

For the purposes of UK data protection law (the UK GDPR and the Data Protection Act 2018), Platinum Audiology Ltd is the data controller for the personal information described in this notice.

Our lead audiologist and clinical lead is Mr Armaj Ali, dual-registered with the Health and Care Professions Council (HCPC) as a Hearing Aid Dispenser and with the Academy for Healthcare Science (AHCS) as a Clinical Audiological Scientist. Armaj is the named contact for any privacy or clinical-records query.

2. The information we collect about you

We collect information that’s necessary to provide audiology care and to run our practice. The categories below cover everything we routinely hold:

Identification and contact details — your name, date of birth, postal address, email address, telephone numbers, GP’s name and surgery, emergency contact, and any reference number provided by an insurer or referring clinician.

Clinical information — your audiological history and presenting complaints, audiogram results, otoscopy and tympanometry findings, speech-in-noise scores, hearing aid prescription targets and Real Ear Measurement verification data, fitting notes, follow-up records, tinnitus consultations, paediatric assessments, microsuction earwax removal records, photographs or video otoscopy images of the ear canal where clinically indicated, and any correspondence with your GP or ENT consultant.

Service-history information — the appointments you’ve attended, missed, or rescheduled; the products you’ve purchased; any consents you’ve signed; aftercare and warranty correspondence.

Communications — copies of emails, SMS messages, and recorded telephone calls. Calls into and out of our clinic numbers (01792 940032 and 01443 706855) are recorded for clinical-record completeness, training, and dispute resolution.

Financial information — the records needed to take payment, raise invoices, and account to HMRC. We do not store full card numbers ourselves; payments are processed through PCI-compliant providers (currently Dojo) who handle card data on our behalf.

Website and digital information — when you use besthear.co.uk we may collect information about your visit through cookies and analytics tools, including your IP address, browser type, the pages you visit, and how you arrived at the site. See section 10 for detail.

3. Special category (health) data

Audiology data is health data, and health data is treated as a special category of personal data under UK GDPR Article 9. That means we have to meet a higher standard before we collect, store, or share it.

The lawful bases on which we process your health data are:

  • Article 9(2)(h) — provision of healthcare under a contract with a regulated health professional. This covers the substance of your audiology care, fitting records, follow-up, and clinical correspondence.
  • Article 9(2)(c) — vital interests, in the rare case where a patient is incapable of giving consent and processing is needed to protect life or wellbeing.
  • Article 9(2)(a) — your explicit consent, where we ask for it (for example, before we share clinical records with your GP, an ENT consultant, or a hearing aid manufacturer for fitting and repair).

Mr Armaj Ali is bound by the confidentiality standards of the HCPC and AHCS, both of which exceed the minimum legal requirements for handling health data.

4. How we collect your information

We collect your information in three ways:

Directly from you — when you book an appointment (online, by phone, by SMS, by email, or in person), when you fill in a registration or consent form at the clinic, when you complete enquiry forms on besthear.co.uk, when you correspond with us, and during the appointment itself.

From other healthcare providers, with your consent — your GP, your ENT consultant, your previous audiologist, NHS audiology services, or any other clinician involved in your care may share information with us so we can give you continuous and informed treatment.

From third parties acting for you — a family member or carer who books on your behalf, a private medical insurer authorising your treatment, or an employer arranging an occupational hearing assessment.

5. How we use your information

We use your information for specific purposes, each with a defined lawful basis. The sections below cover the use cases that account for almost everything we do with your data.

5.1 Providing your audiology care

This includes assessing your hearing, fitting and verifying hearing aids using the Heareka method, performing microsuction earwax removal, conducting paediatric assessments, providing aftercare, sending appointment reminders, and corresponding with your GP or consultant where clinically appropriate.

  • Lawful basis: UK GDPR Article 6(1)(b) — performance of a contract with you for healthcare services.
  • Special-category basis: Article 9(2)(h) — provision of healthcare.

5.2 Booking, scheduling, and reminders

We use a customer relationship management platform (GoHighLevel) to manage appointments, send confirmations and reminders by SMS and email, and keep an audit trail of communications. Our phone lines are operated by Nuacom.

  • Lawful basis: Article 6(1)(b) — performance of a contract.

5.3 Taking payment and keeping financial records

We process payments through our card terminal provider and keep accounting records using FreeAgent. We’re required to keep financial records for at least six years under HMRC rules.

  • Lawful basis: Article 6(1)(b) — performance of a contract; and Article 6(1)(c) — compliance with a legal obligation (HMRC).

5.4 Ordering and servicing your hearing aids

To order, programme, or repair your hearing aids we share the data necessary with the manufacturer (typically Phonak, ReSound, Starkey, Oticon, Widex, or Signia). The data shared is limited to what’s needed for the device — usually the device serial number, prescription targets, and your name as the registered wearer. Some manufacturers store this data outside the UK; see section 9.

  • Lawful basis: Article 6(1)(b) — performance of a contract.
  • Special-category basis: Article 9(2)(h) — provision of healthcare.

5.5 Quality assurance and clinical audit

From time to time we review anonymised outcomes across our patient base to improve our methodology and identify opportunities for better care. Your data is anonymised before it enters any audit or research dataset.

  • Lawful basis: Article 6(1)(f) — legitimate interests (continuous improvement of clinical care).
  • Special-category basis: Article 9(2)(j) — research, audit, and statistical purposes, with appropriate safeguards.

You have the right to object to your data being used for audit purposes — see section 13.

5.6 Responding to queries, feedback, and complaints

If you contact us with a question, complaint, or feedback, we’ll use your information to investigate and respond.

  • Lawful basis: Article 6(1)(b) and 6(1)(f).

5.7 Meeting our legal and regulatory obligations

We’re required by law to retain certain records, respond to lawful requests from regulators, the police, or HMRC, and to keep records that may be needed to defend a legal claim.

  • Lawful basis: Article 6(1)(c) — legal obligation; and Article 6(1)(f) — legitimate interests where we need to establish or defend our legal rights.

5.8 Marketing

We will only send you marketing communications about our own services where you have given us your consent (or, in the case of existing patients, where the law permits us to send service-related information about products and services we already provide to you). Every marketing email contains an unsubscribe link.

  • Lawful basis: Article 6(1)(a) — your consent; or, in soft-opt-in circumstances, Article 6(1)(f) — legitimate interests.

5.9 Running and protecting our business

We use accountants, IT providers, an annual auditor, and legal advisers in the normal course of running the practice. Where they need access to your information to do their job, we share only what they need and require them to handle it lawfully.

  • Lawful basis: Article 6(1)(f) — legitimate interests.

6. How we communicate with you

We may contact you by telephone, SMS, email, or post. If we ring and you don’t answer, we may leave a brief voicemail giving our name, the practice name, and a number to call back — not the reason for the call.

If you’ve given us a mobile number or email address and indicated a preference for contact by either, we’ll take that as confirmation that you’re happy to be reached that way for appointment-related communications. You can change your preferences at any time by contacting us.

For sensitive clinical correspondence (such as test results), we’ll use post, encrypted email, or in-person delivery rather than unencrypted email or SMS.

7. How long we keep your information

We keep your information only for as long as we need it.

  • Adult clinical records — a minimum of eight years after your last appointment, in line with HCPC guidance for healthcare records, and typically up to 30 years where ongoing audiological care or device support warrants it.
  • Paediatric clinical records — until the patient’s 25th birthday, or eight years after their last appointment, whichever is later.
  • Financial recordssix years after the end of the relevant tax year (HMRC requirement).
  • Marketing data — until you withdraw consent, or after two years of no engagement with our marketing communications (whichever is sooner).
  • Recorded phone calls — typically 12 months, unless the call relates to an active clinical or complaint matter, in which case longer.
  • Website analytics data — typically 26 months.

If you’d like detail on the retention period for a specific type of information, please contact us.

8. Who we share your information with

We share your information only with parties who need it to provide our services to you, who help us run the practice, or where the law requires us to.

  • Other clinicians involved in your care — your GP, your ENT consultant, an audiology colleague at another practice, NHS audiology services, with your consent unless an emergency makes consent impracticable.
  • Hearing aid manufacturers — for ordering, programming, fitting, and repair (Phonak, ReSound, Starkey, Oticon, Widex, Signia).
  • The host clinics that provide our consulting space — Parkway Clinic in Swansea, and The Health Hut in Talbot Green, on a strictly limited basis (they handle the building and reception; they do not access your clinical records).
  • Our service providers — GoHighLevel (CRM), Nuacom (telephony), FreeAgent (accounting), Hostinger (website hosting), Dojo (card payments), Google (Workspace and Analytics).
  • Our regulators and professional bodies — HCPC, AHCS, and the Information Commissioner’s Office, where they require it.
  • Insurers, auditors, and legal advisers — where necessary to run the business or to defend our legal interests.
  • The police, HMRC, and other lawful authorities — only where we are legally required to share, or where doing so is necessary to prevent or detect serious crime or safeguard a person at risk.

We do not sell your personal information. We do not share your information with third-party advertisers.

9. International transfers

Some of our service providers and most hearing aid manufacturers are based outside the UK. Where we send your information outside the UK, we do so only with appropriate safeguards in place — typically a UK Adequacy Regulation, an International Data Transfer Agreement, or the manufacturer’s own approved transfer mechanism. We can provide further detail on request.

10. Cookies and website analytics

When you visit besthear.co.uk we use a small number of cookies and analytics tools:

  • Essential cookies — required for the website to function (for example, to remember a booking session). These don’t need your consent.
  • Functional and analytics cookies — set by Google Analytics and similar tools to understand how visitors use the site so we can improve it. We use these only with your consent, captured through the cookie banner you’ll see on your first visit.
  • Marketing cookies — only set if you give consent through the same banner.

You can change your cookie preferences at any time using the cookie controls on the website footer or by clearing cookies in your browser. The cookie banner is operated using Complianz.

11. Marketing

We don’t send marketing emails or SMS unless you’ve given us your consent or you’re an existing patient who hasn’t opted out. Every marketing message contains a clear unsubscribe link. To stop all marketing communications, click unsubscribe in any message, reply STOP to a marketing SMS, or contact us using the details below.

12. Automated decision-making

We do not make decisions about your care or about you using automated decision-making (decisions made by computer alone with no human input).

13. Your rights

Under UK data protection law, you have rights over the information we hold about you. To exercise any of these rights, contact us using the details in section 16. There’s no charge in most cases. We’ll respond within one calendar month.

  • Right of access — to a copy of your information and of how we use it.
  • Right to rectification — to have inaccurate or incomplete information corrected.
  • Right to erasure — to ask us to delete information we hold, in certain circumstances. Note that we may not be able to delete clinical records held for the periods set out in section 7, where we have an ongoing legal or clinical obligation to retain them.
  • Right to restriction — to ask us to pause our use of your information while we resolve a query or correction.
  • Right to data portability — to receive your information in a portable electronic format, where the law permits.
  • Right to object — to certain uses of your information, including any marketing or audit use.
  • Right to withdraw consent — where we rely on your consent, you can withdraw it at any time. Withdrawing consent doesn’t affect the lawfulness of anything we did with your information before you withdrew it.
  • Right to complain to the Information Commissioner’s Office — see section 14.

14. How to make a complaint

If you’re unhappy with how we’ve handled your information, please tell us first — most issues can be resolved quickly by speaking to Mr Armaj Ali. If we can’t resolve it, you have the right to complain to the Information Commissioner’s Office:

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

Making a complaint to the ICO doesn’t affect any other rights or remedies you have.

15. Changes to this notice

We review this notice periodically and may update it to reflect changes in how we work or in the law. The most current version will always be at besthear.co.uk/privacy-policy/. If we make a material change, we’ll notify you directly where reasonably possible.

16. Contact us

For any privacy or data-protection question, including a request to exercise any of the rights in section 13:

BestHear (Platinum Audiology Ltd)
Mr Armaj Ali, Lead Audiologist
Email: support@besthear.co.uk
Phone: 01792 940032
Post: BestHear at Parkway Clinic, Lamberts Road, SA1 Waterfront, Swansea SA1 8EL

This notice was last updated on 8 May 2026.