Last reviewed: July 2026
Medical Defense Society Limited is committed to protecting your privacy and handling your personal information responsibly.
This Privacy Policy explains how we collect, use, share and protect personal information about applicants, members, former members, prospective members and people who contact us.
Who we are
Medical Defense Society Limited is a company limited by guarantee without share capital, registered in England and Wales under company number 6825798.
Registered address:
Medical Defense Society Limited
4 Fitzjames Avenue
West Kensington
London
W14 0RP
Medical Defense Society Limited is the controller of the personal information we collect and use.
You can contact us at: advice@medicaldefensesociety.com or by writing to:
Data Protection Officer
Medical Defense Society Limited
4 Fitzjames Avenue
West Kensington
London
W14 0RP
Information we collect
We may collect personal information when you apply for membership, request a quote, contact us, use our website, renew or change your membership, make a payment, or ask us for support.
This may include:
- your name, contact details and address;
- your GMC number or professional registration details;
- your role, scope of practice, working pattern and practice details;
- membership, renewal, payment and billing information;
- claims, complaints, incidents, regulatory or legal history;
- information you provide when seeking medico-legal advice or support;
- website usage information, including IP address and cookie data;
- your marketing preferences.
If you pay by Direct Debit, your bank details are processed by our payment provider. Medical Defense Society does not store your full bank account details unless this is necessary for billing, reconciliation, audit or legal purposes.
How we use your information
We use your information to:
- process applications, quotes, renewals, cancellations and membership changes;
- assess eligibility for membership and indemnity;
- administer your membership and payments;
- provide medico-legal advice and member support;
- manage claims, complaints, incidents, investigations and regulatory matters;
- deal with enquiries from the GMC, NHS bodies, courts, regulators or other relevant organisations;
- prevent fraud, money laundering, sanctions breaches or unlawful activity;
- carry out audits, quality assurance and business administration;
- comply with legal, regulatory and professional obligations;
- send service updates and, where permitted, marketing communications.
Our lawful basis
We only use personal information where we have a lawful basis to do so. This may include:
- providing or considering providing membership services to you;
- complying with legal or regulatory obligations;
- our legitimate interests in managing the business, assessing risk, handling claims, preventing fraud and protecting our legal position;
- your consent, where this is required.
Some information we process may be sensitive, including information about claims, complaints, health, professional conduct, regulatory matters or legal proceedings. We only use sensitive information where UK data protection law allows us to do so, including where it is necessary for legal claims, insurance purposes, regulatory matters, substantial public interest reasons, or where you have given explicit consent.
Sharing your information
We do not sell or rent your personal information.
We may share your information where necessary with legal advisers, claims handlers, insurance or broker partners, expert advisers, payment processors, IT and CRM providers, accountants, auditors, regulators, courts, public authorities, healthcare organisations, practices, or other parties involved in a claim, complaint, investigation or legal matter.
We only share information that is necessary for the relevant purpose. Where we use service providers, we require them to protect your information and use it only to provide services to us.
How long we keep your information
We keep personal information only for as long as necessary.
Some records, including membership, claims, complaints, regulatory and legal records, may need to be kept for longer because they may be required for legal, regulatory, audit, indemnity or defence purposes.
When information is no longer needed, we will delete, anonymise or securely archive it.
How we protect your information
We use appropriate security measures to protect personal information against loss, misuse, unauthorised access, alteration or disclosure.
These measures may include secure systems, access controls, encryption, supplier checks, staff training and confidentiality obligations.
No method of sending information over the internet is completely secure, but we take reasonable steps to protect the information we receive and hold.
International transfers
Some of our systems or service providers may process personal information outside the UK. Where this happens, we will ensure appropriate safeguards are in place in line with UK data protection law.
Marketing and cookies
We may send you information about Medical Defense Society services, updates, events, educational activities or related products where you have agreed to receive this or where the law allows us to do so.
You can change your marketing preferences or unsubscribe at any time by contacting: advice@medicaldefensesociety.com
Our website uses cookies and similar technologies. Some cookies are necessary for the website to work. Others help us understand how the website is used or improve your experience. Where required, we will ask for your consent before using non-essential cookies.
More information is available in our Cookies Policy.
Your rights
You have rights under UK data protection law. These may include the right to access the information we hold about you, ask us to correct it, ask us to delete it, restrict or object to certain processing, withdraw consent, object to direct marketing, or request transfer of your information.
These rights are not absolute and may depend on the circumstances.
To exercise your rights, contact: advice@medicaldefensesociety.com
We will usually respond within one month. There is usually no fee, although we may charge a reasonable fee or refuse a request where the law allows us to do so.
Complaints
If you are unhappy with how we handle your personal information, please contact us first so we can try to resolve the issue.
You also have the right to complain to the Information Commissioner’s Office, the UK data protection regulator.
Changes to this policy
We may update this Privacy Policy from time to time. The latest version will be published on our website.