PRIVACY POLICY

WHAT DATA I COLLECT

I collect various personal information to enable me to provide you with the best possible care.  This includes the following:

  • Information you provide when you first come including email address, phone number, first name and last name, address, GP details, and medical history.

  • Information generated throughout your treatment; including treatment notes and medical alerts.

HOW I USE YOUR DATA

When you supply your personal details, they are stored and processed for the following reasons:

  • Provision of services. I need to collect personal data about your health in order to provide you with the safest and highest possible standards of care. Your requesting treatment and my agreement to provide that care constitute a contract. You can, of course, refuse to provide the information, but if you were to do that I would not be able to provide treatment.  I have a 'Legitimate Interest' in collecting your personal data because without it I couldn't do my job effectively or safely.

  • Communicating with you. I also think that it's important to be able to contact you in order to confirm your appointments with me or update you on matters related to your medical care. This again constitutes 'Legitimate Interest' but this time it is your legitimate interest. 

HOW I STORE YOUR DATA

I have a legal obligation to retain your records for 8 years after your most recent appointment (or until age 25, if this is longer) but after this period you can ask me to delete your records if you wish. Otherwise, I will retain your records indefinitely so that I can provide you with the safest and best possible care should you need to see me at some future date.

Your records are stored:

  • Electronically; using a specialist medical records service. This provider has given me assurance that they are fully compliant with the General Data Protection Regulations. Access to this data is protected by password and 2-part authentication. 

WHO WILL HAVE ACCESS TO YOUR DATA

I will never share your data with anyone who doesn't need access without your written consent. Only the following people/agencies will have routine access to your data:

  • Myself, in order to provide you with treatment

  • The medical records service that stores and processes our files

 YOUR RIGHTS

I want you to be absolutely confident that I am treating your personal data responsibly, and that I am doing everything I can to make sure that the only people who can access that data have a genuine need to do so.

You have a right to see what personal data of yours I hold, and to request me to correct any factual errors. Provided the legal minimum period has elapsed, you can also ask me to erase your records. If you feel that I am mishandling your personal data in some way, you have the right to complain.

Access requests, amendments, requests to delete records, and complaints need to be sent to info@adbmassage.co.uk