Recent notifications
View all
GP Placement Hub
Your account will be reviewed by the placement admin before you can sign in.
Already have an account? Sign in
1. About this portal
This portal is operated by Topsham Surgery ("the Practice") to support medical student and learner placements. It is used by medical students, Foundation Doctors (F2), and GP Registrars undertaking placements or rotations at the Practice. By using this portal you agree to these terms.
2. Data we collect and store
We collect your name, email address, professional role, year group, placement feedback, pre-placement questionnaire responses, and activity within the portal. This data is stored securely using Supabase (database and authentication), hosted on AWS infrastructure in the EU (Ireland), and delivered via Cloudflare Pages (UK/EU edge network). No data is stored on Practice premises.
3. Who can access your information
Access to information within the portal is governed by your role:
| Role | What they can view |
|---|---|
| Medical student | Their own supervisor feedback (where shared), their own placement feedback, timetables, resources, guidelines |
| Foundation Doctor (F2) | All learner feedback entries, their own placement feedback, timetables, resources, guidelines |
| GP Registrar | All learner feedback entries, their own placement feedback, timetables, resources, guidelines |
| GP | All learner feedback, student directory, pre-placement questionnaires, timetables, resources, guidelines |
| Other practice staff | Timetables, resources, guidelines only |
| Placement administrator | Full access — all feedback, all directories, all questionnaires, user management, timetables, resources, guidelines |
4. Sharing with third parties
Feedback, assessment records, and placement information recorded in this portal may be shared with your medical school, GP training programme, Vocational Training Scheme (VTS), or NHS Trust as part of the formal requirements of your placement or rotation. Partner organisations include: University of Exeter Medical School, University of Bath, University of Plymouth, Exeter VTS, North Devon VTS, and Royal Devon and Exeter NHS Foundation Trust.
This sharing is carried out on the basis of contractual obligations between the Practice and these organisations in connection with the delivery of medical education and training. You consent to this sharing by using the portal.
5. UK GDPR
Your data is processed in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. The lawful bases for processing are legitimate interests in the delivery of medical education and training placements, and contractual obligation in fulfilment of agreements between the Practice and partner organisations.
The Data Controller is: Topsham Surgery, Holman Way, Topsham, EX3 0EN.
To exercise your rights under UK GDPR (including the right of access, rectification, or erasure), submit a Subject Access Request in writing to the Practice Manager at the above address or by email to topshamadmin@nhs.net.
6. Data retention
Your data will be retained for the duration of your placement and for a reasonable period thereafter in accordance with NHS records management guidance.
7. Security
The Practice takes reasonable technical and organisational measures to protect your personal data, including encrypted storage, access controls, and HTTPS-only delivery. However, no system can guarantee absolute security. In the event of a data breach, the Practice will notify affected individuals and the ICO as required under UK GDPR Article 33.
8. Contact
For any queries regarding your data or these terms, contact the Practice Manager at topshamadmin@nhs.net.