Privacy Notice

THE GENERAL DATA PROTECTION REGULATION (GDPR)

AND YOUR PERSONAL INFORMATION

Here at Optimum health & wellbeing, I am committed to protecting your personal information.

From May 2018, the GDPR, a new data protection law that governs how organisations can use personal information will take effect.   In order to comply with the changes in legislation, I have updated my Privacy Policy and published the following Privacy Notice.  The Privacy Notice tells you what personal information I hold and why, and what your rights are in relation to this. 

A full, written copy of this Privacy Notice will be provided to all clients at initial consultation, where you will be asked to sign a declaration to confirm your understanding of, and agreement to, its terms.

PRIVACY NOTICE

 

Contact Details

Sian Cecil
Optimum Health & Wellbeing
Address: 23 Hawthorn Road, Nelson, CF46 6PB
Telephone No: 07813 117270
Email address: optimumhealthandwellbeing@yahoo.co.uk
Website: www.optimumhealthandwellbeing.co.uk
Facebook: www.facebook.com/Optimumhealthandwellbeing

Data Controller: As above

 

The purpose of processing your personal information

I will process your personal information as is strictly relevant to my business and for the purpose of offering professional complementary therapy treatments and training courses to you.  In order to do this, I will need to gather and retain a range of personal information about you, including sensitive personal information about your health and wellbeing.

 

What information I hold and what I do with it

  1. For Existing Clients

In order to provide you with complementary therapy treatments / training courses, I will need to ask for and keep personal information about you.  The information I will hold is:

  • Your contact details including name, address, telephone number, email address (if applicable), Facebook messenger contact (if applicable)
  • Medical history and other health-related information (which I will take from you at first consultation)
  • Treatment details and related notes (which I will make during and/or following a session)

I use the information you have provided as follows:

  • To inform the treatments and services I provide you
  • To provide you with advice and associated recommendations concerning aspects of health and wellbeing, based on my professional experience and qualifications
  • To arrange appointments/ training courses
  • To follow-up with you after appointments/ training courses
  • To inform you about special offers and promotions (however, you may unsubscribe from this at any time)
  • For my own accounting and record-keeping
  • To provide you with a receipt or invoice for your treatment / training on request

I will contact you using the contact preferences you give me in relation to:

  • Arranging appointments / training courses
  • Appointment/ training follow-up
  • Complementary therapy information or information related to your health
  • Special offers and promotions (however, as mentioned, you may unsubscribe from this at any time)
  1. For Potential Clients

NOTE: I define a potential client as anyone who has directly or indirectly expressed an interest in my business, for example, by the following means:

–          Making an enquiry about any of the treatments or services I offer
–          By ‘Liking’ my Facebook page or engaging with me via my website or other social media channels

I do not contact anyone who has not previously engaged with me via the above methods.

I collect, process and hold the following information in relation to potential clients:

  • Contact details including name, address, telephone number, email address (if applicable), Facebook messenger contact (if applicable)
  • Reasons for your interest in my services (however, I advise potential clients not to share detailed medical information prior to a formal consultation, particularly via electronic communication)

I use the information about potential clients as follows:

  • To inform the treatments and services I recommend to you
  • To arrange appointments/ training courses
  • To inform you about special offers and promotions (however, I keep my communications timely and to a minimum.  You may unsubscribe from this marketing at any time.)

I will contact you using the contact preferences you give me or by original contact method in relation to:

  • Discussing appropriate treatments / training courses
  • Complementary therapy information or information related to your health
  • Arranging appointments / training courses
  • Special offers and promotions (however, as mentioned, you may unsubscribe from this at any time)

 

  1. For visitors to my website

My website, www.optimumhealthandwellbeing.co.uk, uses a series of essential and non-essential cookies, which collect data about users and tailors the website experience accordingly.  The use of cookies on my website is governed by my site provider, WordPress.  I do not personally store or process this information.  You may opt out of non-essential cookies when prompted via my cookie pop-up when accessing my website.  For more information, see the WordPress Cookie Policy: https://automattic.com/cookies/ .

Who I share your information with

I will NOT share your information with anyone else (other than as required for legal process) without explaining why it is necessary, and getting your explicit consent.

Examples of when I may need to share your data with others:

  • Where it is required for referral to another healthcare provider such as a doctor or complementary healthcare practitioner
  • If you request me write to an insurance company or similar, such as a healthcare plan for the purpose of providing a receipt to claim back treatment costs
  • If you request me to write to any other organisation such as a healthcare provider, insurance company, solicitor or employer, detailing treatment details/outcomes

Should I need to share your information as detailed above, this will be fully discussed with you, ensuring your express and prior consent, before the information is shared.

Your data will not be transferred outside the EU without your consent.

How long I retain your information

I will keep your information for the following periods:

  1. According to the terms of my therapy insurance, provided by Alan Boswell Group, all client records are to be kept for 7 years following a client’s last treatment, under the basis of ‘claims occurring’.
  2. In the case of provision of treatment to children, and according to the terms of law regarding children’s records, all data is to be kept until the child is 25 or if 17 when treated, then 26.

Lawful Basis for holding and using Client Information

The lawful basis under which I hold and use your information is:

  • my legitimate interests i.e.my requirement to retain the information in order to provide you with the best possible treatment options and advice

As I hold special category data (i.e. health related information), the Additional Condition under which I hold and use this information is:

  • for me to fulfil my role as a health care practitioner bound under the AoR Confidentiality as defined in the AoR Code of Practice and Ethics.  I am a full member of the Association of Reflexologists, I abide by the AoR Code of Practice and Ethics.

Protecting your personal data

I am committed to ensuring that your personal data is secure.  In order to prevent unauthorised access or disclosure, I have put in place appropriate technical, physical and managerial procedures to safeguard and secure the information I collect from you.

I have registered with the ICO and renew my registration each year.

Your Rights in relation to your personal information under the GDPR

GDPR gives you the following rights:

  • The right to be informed: To know how your information will be held and used (this notice).
  • The right of access: To see your therapist’s records of your personal information, so you know what is held about you and can verify it.
  • The right to rectification: To tell your therapist to make changes to your personal information if it is incorrect or incomplete.
  • The right to erasure (also called “the right to be forgotten”): For you to request your therapist to erase any information they hold about you
  • The right to restrict processing of personal data:. You have the right to request limits on how your therapist uses your personal information
  • The right to data portability: under certain circumstances you can request a copy of personal information held electronically so you can reuse it in other systems.
  • The right to object:. To be able to tell your therapist you don’t want them to use certain parts of your information, or only to use it for certain purposes.
  • Rights in relation to automated decision-making and profiling.
  • The right to lodge a complaint with the Information Commissioner’s Office: To be able to complain to the ICO if you feel your details are not correct, if they are not being used in a way that you have given permission for, or if they are being stored when they don’t have to be.

Full details of your rights can be found at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.   If you wish to exercise any of these rights, please use the contact details given above.  If you are dissatisfied with the response you can complain to the Information Commissioner’s Office; their contact details are at:  www.ico.org.uk

Therapist’s rights under the GDPR:

Please note my rights as a therapist in relation to the GDPR:

  • If you don’t agree to your therapist keeping records of information about you and your treatments, or if you don’t allow him/her to use the information in the way he/she needs to for treatments, the therapist may not be able to treat you.
  • Your therapist is required to keep your records of treatment for a certain period, as described above, which may mean that even if you ask him/her to erase any details about you, he/she might have to keep these details until after that period has passed.
  • Your therapist can move their records between their computers and IT systems, as long as your details are protected from being seen by others without your permission.

If you have any questions about any aspect of this Privacy Notice, or would like to discuss how I manage your personal data, please contact me.

Advertisements