The EU General Data Protection Regulation (GDPR) imposes strict standards of data protection when handling EU citizens’ personal data.
I am committed to protecting your personal data. The use of your personal data is strictly limited to the following purposes:
I will never share your personal details with third parties for marketing purposes.
The data I collect and how I use it
Where I collect your personal data (e.g. on the contact form on the website, patient forms and during treatment sessions), I do so solely to provide my services to you and to comply with my legal obligations:
Where I use third parties to provide my services (e.g. for website hosting and sending emails) I ensure that they comply with the GDPR and use your data in accordance with current privacy standards.
Retention and disclosure of your personal data
For insurance purposes, I am required to take written notes of each treatment session and to retain these for 7 years following the last occasion on which treatment was given. In the case of minors, notes must be kept for 7 years after they reach the age of 18.
Treatment records are confidential and will not be disclosed to a third party without your written consent.
Protecting your data is important to me and I have security measures in place to prevent your data from being accidentally lost, used or accessed in an unauthorised way.
I have procedures in place to deal with personal data breaches and will notify you of a breach where I am legally required to do so.
You have certain rights in relation to your personal data. These are set out here.
You can request a copy of the data I hold about you, including your patient file. Requests must be submitted in writing to firstname.lastname@example.org. I will reply within two weeks of the date of the request and if possible earlier.
I will not charge a fee for responding to your request unless it is repetitive or excessive in which case I may charge a reasonable fee or decline to respond.
Version 1.1 | 12/07/2019