Privacy Policy

PatientLeaf is a product that is wholly owned and developed by General Practice Software Solutions (GPSS) Ltd.


GPSS is committed to protecting and safeguarding your personal data. As part of this commitment, we’ve updated our privacy policy to meet the high standards of the new European data protection law,
known as the General Data Protection Regulation (GDPR).

Ourprivacy policy explains your rights under this new law which is effective 25 May 2018. By continuing to use PatientLeaf after this date, you agree to these terms.

Your privacy is very important to us. Please read below to see how GPSS handles information.

GPSS respects your privacy and shares your concern about the security of information you may submit to GPSS’s websites and the related services (collectively, the “Services”). Our privacy policy (the “Privacy Policy”) explains the information we collect, how we use it, how to manage your privacy settings and your rights in connection with the Services.

We will take appropriate technical and organisational measures to safeguard your personal information.

In this Policy we will:

  • set out the types of personal data that we collect
  • explain how and why we collect and use your personal data
  • explain when and why we will share personal data with other organisations; and
  • explain the rights and choices you have when it comes to your personal data. Using our Services means:
  • purchasing or trialing our Services with us over the phone, in person, or online or otherwise using our websites or social media.
  • Our Websites may contain links to other websites operated by other organisations that have their own privacy policies. Please make sure you read the terms and conditions and privacy policy carefully before providing any personal data on a website as we do not accept any responsibility or liability for websites of other organisations.

When do we collect personal information about you?

  • When you visit our website,
  • When you make a purchase from our website or via email or phone.
  • When you request a trial from our website or via email or phone.
  • When you make a general enquiry on our website or via email or phone.
  • When you subscribe online to our blog posts.
  • When you engage with us on social media.
  • When you contact us by any means with queries, complaints etc.
  • When you ask us to email you about a product.
  • When you request more information about our product.
  • When you visit us at a conference or roadshow.
  • When you choose to fill any surveys, we send you.
  • When you comment on or review our products and services, via
  • When you’ve given a third-party permission to share with us the information they hold about you, for example EMIS.
  • What kinds of personal information about you do we process?

We collect the following:

  • Name
  • Job Title
  • Email address
  • Surgery Name
  • First line of address
  • Postcode
  • Telephone number
  • Patient list size (number of registered patients)
  • EMIS Site/CDB number
  • Promotional code
  • Comment

And the following if you have an account with us:

  • Purchase History

Advance Notice about opting out of Marketing:
You can do this via the unsubscribe link at the bottom of a marketing email, or emailing

Why do we collect your personal information?
To give our customers the best customer experience possible, we need to understand our customers and their profiles. This can be achieved by collecting data and combining the data from you.

We use the data to be able to offer you promotions, products and services of relevance.

As part of our legitimate interest in understanding our customers and providing the highest levels of service, the data privacy law allows this.

Again, you can opt out at any time. If you do choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.

Example: Email Marketing. Not receiving emails on current promotions.

When do we use your personal data?
We use your personal data, for the following purposes:

  • Manage your contact with us and personalise your experience and communicate with you
  • Contact you about our Services, for example by phone, email or by responding to social media posts that you have directed at us
  • Process your free trials, orders, credits and refunds
  • Assessing a request for our Services, including considering whether or not to offer you our Services, the price, availability of payment methods and the terms or making any requested changes to our Services or your data
  • Managing any aspect of our Services
  • Updating your records
  • To improve the operation of our business and that of our business partners
  • To follow guidance and best practice under the change to rules of governmental and regulatory bodies
  • For management and auditing of our business operations including accounting
  • To monitor and to keep records of our communications with you
  • Help to develop, review and improve our product range, Services, information technology, systems, know-how and the way we communicate with you
  • For market research and analysis and developing statistics
  • To provide personalised content and services to you, such as tailoring our products and services, our latest news and deciding which offers or promotions to show you
  • To measure the effectiveness of our marketing communications
  • To comply with legal and regulatory obligations, requirements and guidance
  • To share information, as needed, with our business partner EMIS

Legal requirements
We rely on the following legal grounds to use your personal data:

1. Where it is needed to provide you with our products or services such as:
a) Assessing a request for our Services, including to consider whether or not to offer you our Services, the price, the payment methods available and the conditions to attach
b) Managing our Services to you, or a request for our Services
c) Updating your records, to contact you about your account
d) Sharing your personal information with our business partner EMIS when you request our Services to help manage your order.
e) All stages and activities relevant to managing our Services including enquiry, application, administration and management of accounts, quotes, free trial requests.

2. Whereit is in our legitimate interests to do so, such as:
a) Managing our Services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for seeking payments (where appropriate)
b) To perform and/or test the performance of our Services and internal processes
c) To follow guidance and recommended best practice of government and regulatory bodies
d) For management and audit of our business operations including accounting
e) To carry out monitoring and to keep records of our communications with you and our staff
f) To administer our good governance requirements, such as internal reporting and compliance obligations or administration required for auditing purposes
g) For market research and analysis and developing statistics
3. To comply with ourlegal obligations

When do we share your personal information with other organisations?
We may share information with the following third parties for the purposes listed above:

  • EMIS – for marketing and accounts purposes as per the EMIS Partner Programme Agreement between EMIS and General Practice Software Solutions Ltd
  • Active Campaign for the purposes of us using their emailing services to communicate with you, controlled by us.

Security measures
We use reasonable organizational, technical and administrative measures to protect your personal information within our organisation and we regularly audit our system for vulnerabilities. However, we cannot ensure or warrant the security of the information you transmit to us given that the internet is not a guaranteed secure environment. Emails sent via the website may not be encrypted, and we therefore advise you not to include any confidential information in your emails to us.

What are your rights under data protection laws?

Here is a list of the rights that all individuals have under data protection laws. They don’t apply in all circumstances.

  • The right to ask us to cease marketing communications to you (opt out/unsubscribe)
  • The right to be informed about the processing of your personal information
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • The right to object to processing of your personal information
  • The right to restrict processing of your personal information
  • The right to have your personal information erased
  • The right to request access to your personal information and to obtain information about how we process it
  • The right to move, copy or transfer your personal information
  • Rights in relation to decision making which has a legal effect or otherwise significantly affects you.

We will make reasonable efforts to comply with your requests except where we are permitted or required to do so under applicable law. Requests are free of charge however we reserve the right to charge a small fee to cover administrative costs should we consider any request to be excessive, unfounded or unreasonable.

What should you do if your personal information changes?
We want to make sure that the personal data we hold about you is accurate and up to date and so if any of the details are incorrect you should tell us (via phone, email or ‘Get in Touch’ form on our website) so that we can update our records.

Contact information and where to send questions
If you have questions about our Policy, how we process your personal information, or would like us to correct your personal information, feel free to contact us at:
0845 402 5162 ‘Get in Touch’

Updated 20/05/2018

Get in Touch

“ As a primary care clinician my time is precious and I felt under constant pressure to make the best decisions for my patients in the shortest time possible. Those demands are not going away so I designed PatientLeaf to give me breathing space and to make better decisions about my patients’ care. It has made a big difference in how my clinics run. GPs, nurses and HCAs will all benefit from PatientLeaf because you get better clinical information and more quickly.”

Dr Raza Toosy - Co-founder


Who is PatientLeaf aimed at?

Every clinician directly responsible for the care of their patient at the point of consultation in the surgery.

How many copies can my surgery have?

You have a site-wide licence which means that once you have purchased PatientLeaf any of the clinicians in your practice can have PatientLeaf installed on their PC.

What other modules are planned?

We are currently working on adding numerous modules, covering major conditions including asthma, diabetes, heart disease, CKD etc.

Where does the data come from?

PatientLeaf is an application that views EMIS’ current patient information on your screen. It presents a patient’s medical record in a more succinct way and no data leaves the surgery.

© 2020 PatientLeaf. All Rights Reserved.
Dr. Raza Toosy

Dr. Raza Toosy

Raza is a current partner of a GP practice in Wallington, Surrey. He has had a passion for IT for all of his life and obtained an MScIT in Kingston University with Distinction in 2008 whilst still working as a GP. With his knowledge of both medicine and information technology his focus and vision is to create a line of business applications for GP surgeries and has been actively involved in the development of PatientChase and now PatientLeaf since 2005 using the .Net Framework. He's always wanted to improve the way clinicians access and view data to make their lives easier.

Dr. Raza Toosy

Richard Chmielowski

With qualifications in business and marketing and having previously held managerial roles in both primary and secondary care, Richard Chmielowski is co-founder of GPSS. Passionate about helping primary care staff manage their patients in the best way possible, Richard is involved in many of the customer facing aspects of delivering IT solutions.