Logan Tod & Co | Last updated: 12 June 2026 | Version 2.0
Logan Tod & Co is a healthcare operational intelligence consultancy registered in England and Wales.
We are registered with the Information Commissioner's Office (ICO) as a data controller.
We collect and process personal data in the following circumstances:
| Category | Data Collected | Purpose | Lawful Basis (UK GDPR) |
|---|---|---|---|
| Website visitors | No personal data is collected by our website. We do not use cookies that track individuals, and we do not operate contact forms that store submissions. | N/A | N/A |
| Clients & business contacts | Name, job title, organisation, work email address, work phone number | Delivering consulting services, managing contracts, business communications | Art. 6(1)(b) — Contract performance; Art. 6(1)(f) — Legitimate interests |
| Prospective clients | Name, job title, organisation, work email address | Business development outreach and follow-up | Art. 6(1)(f) — Legitimate interests |
| Suppliers & partners | Name, job title, work email, company details | Managing supplier relationships and contracts | Art. 6(1)(b) — Contract performance; Art. 6(1)(f) — Legitimate interests |
We do not process patient data. Our A&E operational intelligence product processes fully anonymised operational data only.
We do not buy personal data from third parties or use data brokers.
Where necessary to deliver our services and run our business, we share personal data with trusted third-party service providers in the following categories:
All third-party processors are bound by Data Processing Agreements (DPAs) compliant with Article 28 UK GDPR. They are only permitted to process your data on our instruction and may not use it for their own purposes.
A full list of our processors is available on request from our DPO at zhiqian.huang@logantod.net.
We do not sell, rent or trade personal data. We do not share personal data with any third party for marketing purposes.
We retain personal data only for as long as necessary for the purpose it was collected, in accordance with our Data Retention Policy and the Records Management Code of Practice 2021:
When data reaches the end of its retention period it is securely deleted from all systems.
We have appropriate technical and organisational measures in place to protect personal data against unauthorised access, loss, or misuse — including encryption, access controls, and regular staff training. As a healthcare consultancy, we complete the NHS Data Security and Protection Toolkit (DSPT) self-assessment annually. We review our security measures regularly.
Under UK GDPR you have the following rights regarding your personal data:
To exercise any of these rights, contact our DPO: zhiqian.huang@logantod.net
We will respond within one month. There is no charge for exercising your rights.
Our website logantod.net does not use cookies that track or identify individual visitors. If this changes in the future, this policy will be updated and a cookie banner will be added to the website.
If you are unhappy with how we have handled your personal data, please contact us first at zhiqian.huang@logantod.net and we will do our best to resolve it.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.
We review this privacy policy annually. When we make significant changes we will update the date at the top of this page. The current version is always available at logantod.net/privacy-policy.