Empaediatrics – Dr Emanuela Manea
Last updated: 1 March 2026

Empaediatrics is committed to protecting your personal data and respecting confidentiality in line with UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and professional medical standards.

This Privacy Policy explains how we collect, use, store and protect personal information.

1. Who we are

Empaediatrics is a private paediatric service provided by Dr Emanuela Manea.

Emanuela Manea is the data controller for your child’s personal data.

Contact: [email protected]

2. What information we collect

We only collect information needed to provide safe medical care and manage the service.

This includes:

General information

• Child’s and parent/guardian’s name, date of birth, address and contact details
• GP and referral details
• Appointment records and correspondence
• Payment and billing details

Health information (special category data)

• Medical history and consultation notes
• Test results and reports
• Referral letters
• Prescriptions
• Developmental assessments and questionnaires

3. How we collect information

We collect information:

• directly from you during registration and consultations
• from other healthcare professionals, laboratories and referrers involved in your child’s care.

4. Why we use your information

We use personal data to:

• provide medical assessment, diagnosis and treatment
• arrange referrals and investigations
• communicate with you about your child’s care and appointments
• manage billing and administration
• meet professional, legal and safeguarding obligations.

We do not sell personal data or use it for third-party marketing.

5. Lawful basis for processing

We process personal data on the basis of:

• provision of healthcare and medical diagnosis;
• performance of a contract for private medical services
• legal obligations (including safeguarding)
• vital interests in urgent situations.

Health information is processed only where necessary for medical purposes.

6. Sharing information

We may share relevant information with:

• your child’s GP
• other healthcare professionals involved in your child’s care
• laboratories and diagnostic providers
• medical insurers (where applicable)
• safeguarding authorities where required by law.

Information is shared only when clinically necessary or legally required.

7. Safeguarding

If we have concerns about a child’s safety or welfare, we may share relevant information with appropriate authorities in line with safeguarding law and professional guidance.

8. Online consultations and electronic communication

Where online consultations or electronic communication are used, we use the password-protected electronic practice management system provided by Semble to support appointment management, consultations, payments and secure communication on our systems.

While we take appropriate steps to protect information on our systems, email and other electronic communications sent to us by patients or parents may not always be fully secure. By choosing to contact us electronically, you acknowledge and accept the inherent limitations and risks of electronic communication.

Patients and parents must not video/audio record consultations without consent.

9. How we protect your information

We use appropriate physical, technical and organisational security measures, including:

• secure electronic medical record systems
• password protection and encryption
• restricted access to records
•  Secure storage of identification documents

We comply with UK data-protection law and professional confidentiality standards issued by the General Medical Council.

If a data breach occurs and we are legally required to do so, we will notify you and the
Information Commissioner’s Office.

10. How long we keep information

Medical records for children are normally kept until the child reaches 25 years of age, or longer where required by law.

Retention is informed by statutory requirements (including the Consumer Protection Act 1987) and professional guidance as set up by the 2016 Records Management Code of Practice for Health and Social Care.

Administrative and financial records are retained in line with legal and accounting requirements.

We may anonymise information for audit and service-improvement purposes.

11. Automated decision-making

We do not use automated decision-making or profiling.

12. Your rights

Under UK GDPR, you have the right to:

• access your child’s personal data;
• request correction of inaccurate information;
• request restriction of processing in certain circumstances;
• request deletion where legally appropriate;
• object to certain processing
• request data portability.

Some medical records cannot be deleted where legal retention rules apply.

Requests should be sent to:
[email protected]

If you remain dissatisfied, you may contact the Information Commissioner’s Office (ICO). It has enforcement powers and can investigate compliance with data protection law. Contact the ICO on www.ico.org.uk.

13. Website data and cookies

When you visit our website, limited technical information (such as IP address and browser type, pages visited) may be collected to help improve performance, user experience and security.
Essential cookies may be used. Further details are provided in our Cookie Policy.

14. Updates to this policy

This Privacy Policy may be updated periodically to reflect changes in legal or professional requirements.
The most current version will always be available on our website.