Privacy Notice
Under data protection law you have certain rights. As a patient of our clinic we need to inform you of your rights with this privacy notice. Shrewsbury Chiropractic Clinic Ltd is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently. This privacy notice sets out, in line with GDPR, the types of data that we hold on you as a patient of the Clinic. It also sets out how we use that information, how long we keep it for and other relevant information about your data. We collect personal information about your health in order to provide you with the best possible care. Your requesting treatment and our agreement to provide care constitutes a contract. You can choose not to divulge this information, but if you were to do so we could not provide treatment.
Data controller details
The Clinic is a data controller, meaning that it determines the processes to be used when using your personal data. As we take the protection of your data seriously, we have appointed a Data Protection Officer, Jonathan Sharp. Our contact details are as follows: Jonathan Sharp, Shrewsbury Chiropractic Clinic Ltd, 148 Copthorne Rd, Shrewsbury, SY3 8LT. Tel: (07881 903087), Email:chiropractors@icloud.com.
Types of data we process
The types of data as a patient we hold on you through your patient file and patient database, include:
- Your medical and health information and personal details including your name, address, date of birth, email address, phone numbers, gender, marital status.
Sharing your data
We only share your data with your explicit consent, where, for example, we need to contact a third party. This could include referring you to your GP or other health practitioner, or perhaps a letter to your employer stating advice on return to work. Where third parties are used by us to store your personal data, we ensure they are compliant with the data protection law any such data is not stored outside the EU.
Retaining your personal data
Patient records are stored on paper kept in locked filing cabinets and the offices are always locked out of opening hours. We also hold a Microsoft Excel database which is on the reception computer and is password protected, and the computer is off and locked in the office out of opening hours. We have a legal obligation to store your records for a period of 8 years after your most recent appointment (or age 25 if this is longer), but after this period you can ask us to delete your records if you wish. Otherwise we will retain your records indefinitely in order that we can provide you with the best possible care should you need to see us at some future date.
Your rights in relation to your data
The law on data protection gives you certain rights in relation to the data we hold on you. These are:
· the right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice
· the right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request. You can read more about this in our Subject Access Request policy which is available from [insert details]
· the right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it
· the right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it
· the right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct.
· the right to portability. You may transfer the data that we hold on you for your own purposes.
· the right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests.
· the right to regulate any automated decision-making and profiling of personal data. You have a right not to be subject to automated decision making in way that adversely affects your legal rights.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so. If you wish to exercise any of the rights explained above, please contact Jonathan Sharp.
Data Breach
Should the data that we control be lost, stolen or otherwise breached, where this constitutes a high risk to your rights and freedoms, we will contact you without delay and give you the name of the Data Protection Officer, who will inform you of who is dealing with the breach, explain the nature of the breach and the steps we are taking to deal with it.
Making a complaint
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.
Finally, would like to ensure you that no personal data is passed onto third parties without explicit consent from the patient.
Information we collect about our visitors
When someone visits www.jonsharpchiropractic.co.uk we collect standard details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Our use of cookies
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
On this website we use the following cookies to enable Google Analytics to function:
_utma
_utmb
_utmc
_utmz
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
Click here to read more about privacy at Google
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
When you fill in a contact enquiry form
Where enquiries are submitted to us via the website we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
We will not share your details with any third party without your prior consent.
How to contact us
Requests for information about our privacy policy can be emailed to us at chiropractors@icloud.com or by writing to:
Shrewsbury Chiropractic Clinic Ltd.
148 Copthorne Rd
Shrewsbury
Shropshire
SY3 8LT
|