Information we collect.
To aid your treatment or as part of purchasing something from the business, you will normally provide us with certain information such as your name, email address, postal address and medical information. We will store this information on an electronic patient record and diary system which is fully password and 2 factor authentication protected. Any paper forms that you are asked to complete, or sign, will be uploaded onto your electronic record and then destroyed by an approved confidential waste shredding service.
Why we need your information and how we use it.
- Where it is necessary for the purposes of providing healthcare, such as when I use your information to enable a thorough and safe Podiatry assessment and treatment, or to provide customer support.
- When you have provided your affirmative consent for receiving our email newsletter, which you may revoke (unsubscribe) at any time.
- To comply with a legal obligation or court order in connection with a legal claim.
Information sharing and disclosure
Information about our patients is important to our business. We share your personal information in very specific circumstances as follows:
- Medical professionals. With your prior consent, we may share details of your condition and treatment with your GP, consultant or other medical professional to help with your continuity of care.
- Business transfers. If the business is sold, we may disclose your information as part of that transaction, only to the extent permitted by law and with your knowledge.
- Compliance with laws. We may collect, use and share your information if legally required to do so.
I retain your personal information only as long as it is necessary to provide you with our services. However, I may also be required to retain this information to comply with my legal and regulatory obligations, to resolve disputes and to enforce our agreements. The retention of Podiatry records is normally a minimum of 8 years after the last contact. For customers that have not been patients, but have bought products from Rushden Podiatry, I am required to keep your personal information for a minimum of 6 years in line with tax legislation.
Transfers of personal information outside the EU
Rushden Podiatry Ltd uses third-party hosting services outside of the EU. These servers comply with the relevant data protection laws.
You have a number of rights in relation to your personal information. While some of these rights apply generally, some rights apply only in limited circumstances. I describe these rights below;
You have the right to access and receive a copy of the personal information I hold about you by contacting me at the address (email or postal) below.
You may also have the right to change, restrict or delete your personal information. In the case of health records, these are normally exempt from change and deletion requests.
You can object to the processing of information based on a legitimate reason. In these cases, I will carry out your request unless there is good reason not to do so on legal grounds. You may unsubscribe from our email newsletter at any time. You will only be sent our email newsletter if you have accepted a subscription invitation.
If you wish to raise a concern about the use of your personal information by Rushden Podiatry Ltd, you have the right to do so with the Information Commissioner (www.ico.org.uk).
How to contact me
For the purposes of GDPR, I, Samantha Civil, am the data controller of your personal information. If you have any questions or concerns, you may contact me on firstname.lastname@example.org or at the following address:
Rushden Podiatry Ltd. 58 High Street, Rushden, Northamptonshire NN10 0PJ