Under General Data Protection Regulation we are obliged to share with you how we use your data. We want you to be reassured that we follow the most recent guidelines and that your data is safe with us.
All your data is processed in a lawful manner; we have what is known as “legitimate interest” to collect and process data concerning your health and the complaint you are coming or have come to see us for.
When you ask us to treat you, you are entering a “contract”. We need to collect personal details such as telephone number and email address in order to communicate your treatment appointments with you and send any relevant rehabilitative exercise information. We also update our patients with any promotions or discounts to continually add value to the service we offer.
We need to collect personal information about your health to provide you with the best possible treatment. If you were to refuse information we need to collect under either “legitimate interest” or “contract” we would not be able to treat you, as it would jeopardise your treatment being safe and effective care.
We also think that it is important that we can contact you to confirm your appointments with us or to update you on matters related to your care. This again constitutes “Legitimate Interest” for both of us.
Provided we have your consent, we may occasionally send you general health information in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.
Your data is stored and processed using a cloud-based system called Cliniko. Cliniko are fully compliant with the General Data Protection Regulations.
Your health-related data can only be viewed by registered healthcare professionals of this clinic. Your personal details can be viewed by members of staff only. All data is treated with the upmost confidentiality.
Legally we must keep this data for a minimum of eight years, or until your 25th birthday, if you are under the age of 17, or 17 respectively, at the time of your last appointment. After this time your data will be erased.
Your data maybe shared, with prior discussion, with another health care professional or legal professional only if required.
You may request access to your health records, in writing, or by telephone with identity confirmation, if required, and they will be produced free of charge to you within 30 days. You can also request rectification of errors to your data, if this were to occur.
If your data needs to be shared with a third party, a reasonable fee maybe incurred by them.
We use Cliniko and MailChimp to coordinate our appointment reminders, health information emails and occasional newsletters, so your name and email address may be saved on their server. We also use this platform for marketing purposes (on you opting in for this service).
Dr Matthew Scroggs (Clinic director) is the data protection officer and you may contact him through the clinic regarding any queries or complaints.