Privacy Policy
Why we collect your personal data and how it is stored.
Any information you provide to this office may be stored and processed for 4 reasons (the bits in bold are the relevant terms used in the Data protection Act 2018, which includes the General Data Protection Regulation).
We need to collect personal information about you and your health in order to provide you with care. Your requesting care and our agreement to provide that care constitutes a contract. You can, of course, refuse to provide the information, if you were to do that, we would not be able to provide care.
We have a legitimate interest in collecting that information, because without it we could not do our job effectively and safely.
We also think that it is important that we can contact you in order to confirm your appointments with us or to update you on matters related to your care. This, again, constitutes ‘legitimate interest’, but this time it is your legitimate interest.
Provided we have your consent, we may occasionally send you general health information in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.
We have a legal obligation to retain your records for 8 years after your most recent appointment (or age 25, if this is longer), but after this period you can ask us to delete your records if you wish. We may retain your records beyond the statutory requirement in order to provide you with the best possible care should you need to see us at some future date.
Your records are stored …
On paper, in locked filing cabinets, in an office that is always locked outside of working hours, in a building that is locked outside of working hours.
Electronically, the access to which is password protected.
On our office computers which are password-protected.
Any information you supply to this office is private and confidential between you and the person providing you with care. We will never share your data with anyone who does not need access without your written consent. Only the following people/agencies will have routine access to your data:
Anyone who provides you with care
Anyone involved with organizing your appointments
You have the right to see what personal data of yours we hold, and you can also ask us to correct any factual errors. Provided the legal minimum period has elapsed, you can also ask us to erase your records.
We want you to be absolutely confident that we are treating your personal data responsibly, and that we are doing everything we can to make sure that the only people who can access that data have a genuine need to do so.
If you have any questions or queries concerning your personal data, please email the “Data Controller”. Details are as follows:
Data Controller: Julia Simms
Email: simmschiropractic@gmail.com
Address: Unit 10, Duck Farm Court, Aylesbury, Bucks, HP202SQ