Fiona Slade - Health and Hypnotherapy
the identity of the data controller/processor, the information/data held, how it is intended to use the data, the lawful basis for processing/using/storing the data, data retention periods and your rights in connection with the data held.
The data controller and processor is Fiona Slade who takes responsibility for data protection compliance and who can be contacted by e-mail on email@example.com by telephone on 01275 810200 and by post via the publicised clinic addresses.
I also need to make it clear that you can complain to the ICO (Information Commissioner’s Office) if you think there is a problem with the way I manage your data.
The information I provide in relation to your data protection must be in concise, easy to understand, clear language.
I hold personal data from you for the purposes of any therapy we discuss and for business development. I hold data, particularly name and contact details, on those people who have contacted me in connection with therapy, to communicate in relation to previous discussions, market services, keep up to date, inform news that may be of interest, notify events and in connection with your participation in events or where you provide services to us. I keep records of appointments, which are also required for insurance purposes. I also keep notes of relevant telephone conversations, discussions, meetings and agreements. I do not share any of this information, except within my practice if anyone else is involved, with your full knowledge and consent, or with your other health and care professionals with your full knowledge and consent or legally as required. In respect of events, information you provide may include details of any access or dietary requirements that you have which may reveal information on health or religious beliefs. I may collect financial details so that we can make or receive payment for goods or services. I do not pass on or sell any data to any third parties, unless specifically discussed and agreed with you and with your express permission. I would only release your data without your express agreement, where we are legally obliged to do so (eg: to comply with regulations, identity checks, credit checks, anti-money laundering).
I am committed to protecting the security and privacy of personal data and will always make sure that systems, processes and people involved comply with the relevant data protection laws. My IT and IT security is looked after by professional IT consultants who also comply strictly to relevant data protection regulations. The 6 key principles of the data regulations are: lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integration and confidentiality. I operate with measures in place to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. I will normally hold data for a period of 7 years beyond last contact. For some previous colleagues, consultants and clients this may be extended to 15 years – where in the legitimate interest of both parties.
you have the right to know the information that is being held
- you have the right to access the information
- you have the to rectify information
- you have the right to erase information
- you have the right to restrict processing
- you have the right to data portability (asking for your data to be transferred to someone else, at your request)
- you have the right to object to your data being processed/used by us where you think there are legitimate grounds to do so
- you have the right not to be subject to automated decision-making, including profiling.
Any personal data that I have from you solely for the purposes of you receiving information, will not be used following your request to stop information and communication, except as is necessary to ensure you stop receiving the information.
To access/see copies of your data, please e-mail your request, which will be responded to within one month at no charge. Excessive or unreasonable requests for access to data will be charged.
Cookies and Google Analytics - please see information on Cookies and Google Analytics at the end of this policy
My systems are maintained and managed to high, professional, secure standards. If I suffer any data breach which may affect you, especially any risk to your rights and freedoms, I will notify you directly. The ICO (Information Commissioner’s Office) will also be informed as legally required.
I do not provide or use your data for any profiling purposes.
Cookies and Google Analytics
Persistent cookies set by the website and Google Analytics expire at 2 years. Session cookies expire when you stop browsing the website.
Your computer or device will only accept cookies if the settings on the browser are set to accept cookies. If you don’t want to accept cookies from my site, you can turn accepting cookies off but doing so is likely to mean that my site will not work as you would expect.
I use Google Analytics.
You can opt out of being tracked by Google Analytics across all websites, information here (https://tools.google.com/dlpage/gaoptout).
To switch cookies off you can usually adjust your browser settings to stop it accepting cookies. Stopping cookies will limit the functionality of my site and many other web sites; cookies are a standard part of most modern websites. You can find out more about cookies, including how to see cookies that have been stored and how to manage and delete them, on http://www.allaboutcookies.org/