Privacy Policy
Personal data
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
From 25th May 2018, the new Data Protection Act 2018 came into place, and I need to inform you what data I hold about you, why I need it, what I will be doing with your data, who I might share it with and when I will destroy it.
Currently I hold a completed consultation form and treatment records with your details. These include your name, address, date of birth and various means of contacting you.
Health related data
Consultation Form – all clients/patients must complete a consultation form, so I have a full understanding of your medical and health history. This I need for insurance reasons, but it is to check that it is safe to treat you. It also helps me understand what medical issues you have and how best I can treat you. Treatment will not go ahead unless I collect and store these details.
Treatment Records – these are my notes detailing what I have found in my assessments, what treatment I have given you and how you felt immediately after that treatment. Treatment will not go ahead unless I collect and store these details.
-
It is a condition of my Insurance Policy to take and retain client records for at least 7 years following the last occasion on which treatment was given. In the case of treatment to minors, records shall be kept for 7 years after they reach the age of majority (18).
-
I may need to share your data with authorised legal, regulatory and insurance authorities, if required to defend myself. This will be the professional membership body I am registered with and the insurance company I hold my professional indemnity insurance with.
-
After 7 years following the last occasion on which treatment was given, I will destroy all of your records by shredding them.
Your Individual Rights under the Data Protection Act 2018.
-
the right of access to your personal data;
-
the right to object to the processing of your personal data;
-
the right to restrict the processing of your personal data;
-
the right to rectification of your personal data;
-
the right to erasure of your personal data;
-
the right to data portability (to receive an electronic copy of your personal data)
My rights
In exercising your Individual Rights, you should understand that in some situations I may be unable to fully meet your request, for example if you make a request for me to delete all your personal data, I may be required to retain some data for taxation, legal, regulatory and insurance purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
Contact me
For any questions regarding the privacy policy, please feel free to contact me at nicola@kneadtoletgo.com or call on 07525361280.