Data Handling & Privacy Policy

We take data privacy seriously. If you have any questions or concerns, or if you become aware of a breach of privacy, please contact us immediately at



We are Embody Orthopaedic Limited ("we", "us" or "Embody"), operator of the website available at (the “Site”).

This Data Handling Policy (“Policy”) explains how Embody collects, uses and shares the personal data of patients (“you” or “your”) and your rights in relation to the personal data we hold.

Embody is a company registered in England and Wales under company number 08139224, having our registered office at Imperial Innovations, 52 Princes Gate, Exhibition Road, London SW7 2PG and our main trading address at Embody Orthopaedic Limited, 7L24, Lab Block, Charing Cross Hospital, London, W6 8RF.

The primary purpose of the Site is to provide a resource to enable surgeons to:

  • set up a clinical profile for a patient requiring surgery;

  • record information relating to a patient as part of their case, including the information referred to at section 4 below ("Case Details");

  • design and produce (using our surgical planning services) a surgical plan for a particular surgical procedure or set of procedures for a Patient ("Surgical Plan");

  • design and produce (using our 3D printing services) a 3D model of a surgical guide to aid a particular surgical procedure or set of procedures for a patient ("Guide"); and

  • to share Case Details with selected health care professionals (including other surgeons, members of their clinical teams and associated administrative staff) and/or academic researchers in accordance with this Data Handling Policy.



Embody is the data controller of your personal data and is subject to the General Data Protection Regulation and the UK Data Protection Act 2018 (“Data Protection Legislation”).

Embody is registered with the UK Information Commissioner's Office as a data controller under registration reference: ZA148948.

If you have any questions about this Policy, or if you would like to exercise any of your legal rights in respect of your personal data, please contact our Data Protection Officer by using the following details:

  • Email:;

  • Telephone: 020 3311 5215;

  • Post: Data Protection Officer, Embody Orthopaedic Ltd, 7L25A, 7th Floor, Charing Cross Hospital, London, W6 8RF.

Any significant changes we may make to this Data Handling Policy in the future will be posted on the Site or otherwise notified in writing. This Notice was last updated in July 2018.



We may collect your personal information:

  • from the information you provide to your surgeon and other members of your clinical team;

  • from case notes (where provided by or on behalf of a surgeon);

  • from clinical notes; and

  • and/or media (X-rays, MRI etc)



For patients we process the following information provided, which are necessary to enable us to supply the Surgical Plan and Guide, and to ensure patient safety:

  • Name, date of birth, gender and title;

  • results of CTs (series of X rays) (DICOM data is pictures with other information attached);

  • X-rays, where uploaded;

  • information as to surgery type;

  • other personal and physical or mental health details relevant to an individual case;

  • requested report type (the type of report or case that we require eg, full set of PSI or just a plan);

  • date of surgery;

  • identity of operating surgeon;

  • side to be operated on;

  • implant to be used;

  • location of the operation;

  • family details (not normally required – but may be entered by the surgeon into the notes or comments section of a given case where relevant, e.g.: “family history of orthopaedic problem”);

  • details of the goods and services required so we can deliver the correct product or service; and

  • case notes (where provided by or on behalf of a surgeon).

Occasionally we may request more information to aid the creation of a Surgical Plan, which may be in the form of clinical notes and/or media (X-rays, MRI etc).

We also collect and process information about other professional users of the site (such as surgeons, other members of the care team and administrators), including:

  • details of hospital or other medical centre at which that user is based;

  • name;

  • job title;

  • reasons for working with/becoming a registered user of the Site; and

  • education details, which may be requested as a validation step upon initial sign-up.

This is done principally for the purpose of verifying the identity of individuals, and to allow the proper performance by Embody as operator of the Site and provider of the Surgical Plan and/or Guide.

Embody will also process and store certain anonymised or aggregated data which does not allow a particular individual to be identified, for example, anonymised scan data, non-personal information relating to usage of the site, aggregate data and usage statistics.


Embody's staff will use the Case Details submitted for the purpose of creating Surgical Plan and Guide and for ensuring patient safety. For example:

  • our surgical planners use:

  • the scan data (and other relevant Case Details) to create the (3D) Surgical Plan; and

  • the name and dates of birth of patients to verify they are the correct patient, when creating a Surgical Plan; and

  • our staff involved in the manufacture and assembly of the Guide use:

  • the scan data (and other relevant Case Details) to manufacture and assemble the Guide;

  • the patient names to validate the correct Guides are being produced.

  • We follow the "minimum required" rule when processing data, i.e. we all to staff access only to data that is necessary to enable them to fulfil their duties, on any given case.

  • We also use certain Case Details for training of Embody staff and for research purposes, but only in anonymised form.

  • We never use patients' or other users' personal information for marketing purposes, except where we have the individual's explicit consent to do so or where we use it in anonymised form.


Legitimate interests

We may process your personal data for the above purposes because it is necessary for our or a third party’s legitimate interests. Our “legitimate interests” include operating the Site, supplying the Surgical Plan and Guide, and to ensure patient safety.

Special category data

Some of the information collected by Embody is classed as special category data as it concerns health information and is therefore more sensitive than other forms of personal data.

We process your special category data where providing our service on the grounds that it is necessary for the provision of medicine or for health care or treatment. The data is processed by or under the responsibility of the surgeon as a health professional, and both your surgeon and Embody staff are under strict obligations of confidentiality (as described further below).


Separate to Data Protection Legislation, your surgeon and other members of the clinical team are subject to a common law duty of confidentiality.

We ask that surgeons inform you before sharing any of your confidential information with Embody and under our terms of business with customers, Embody undertake to keep any information relating to patients confidential.


We will not share any personal information with any third party other than:

  • (via the Site) to those members of the care team who the surgeon allows access to a case when the case is uploaded; or

  • as may be required by a court or other regulatory body who has sufficient legal authority to require such disclosure; or

  • where we have consent from the individual to whom the information relates; or

  • when we believe that disclosure is necessary to protect our rights, combat illegality and/or or respond any legal process served on Embody.

Embody may also need to transfer personal information upon a sale or other transfer of all or a substantial part of all of its business, but any such transfer would be subject to Embody receiving suitable undertakings around confidentiality and protection of personal information being obtained from any potential buyer/transferee.


Embody understands the importance of keeping personal information safe and secure. Embody uses its commercially reasonable efforts to protect personal information and ensure the security of our premises and systems.

Any patient identifiable information (such as patients' names and dates of birth) and scan data held in electronic form is stored on servers in the UK and encrypted both in transit and at rest using industry standard encryption processes.

Any information held in physical form is securely stored in our UK offices.


We will retain your personal data for as long as is required for legal purposes and our legitimate purposes after the case has been completed. In particular:

  • we will generally remove scan data from the Site on cases that have been completed (and simply retain a reference to the scan data);

  • we keep other data (non-anonymised) for a minimum of 5 years as required by our processes in our ISO quality management system. The surgeon and other members of the care team (the users on that case) will still have access to such Case Details during this period, and will be able to view their Surgical Plan in 3D online.


Under Data Protection Legislation you have the following rights in relation to our processing of your personal details:

  • to obtain access to, and copies of, the personal data that we hold about you;

  • to require us to correct the personal data we hold about you if it is incorrect;

  • to require us to erase your personal data in certain circumstances;

  • to require us to restrict our data processing activities in certain circumstances;

  • to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for transmitting that personal data to another data controller;

  • to object, on grounds relating to your situation, to any of our processing activities where you feel this has a disproportionate impact on your rights;

  • to complain about the processing of your data to the relevant supervisory authority (for example, in the UK this is the Information Commissioner’s Office)

Please note that the above rights are not absolute, and we may be entitled to refuse your requests where exceptions apply. For example, if you ask for your personal data to be erased, we may nevertheless continue to maintain certain details about you to comply with our legal obligations.