PRIVACY NOTICE

(Why we collect your personal data and what we do with it)

When you supply your personal details to the Clinic they are stored and processed for 4 reasons (the bits in bold are the relevant terms used in the Data Protection Act 2018, which includes the General Data Protection Regulation – i.e the Law):

  1. We need to collect personal information about your health in order to provide you with the best possible treatment. Your request for treatment and our agreement to provide this constitutes a contract.​ You can, of course, refuse to provide the information but if you do, we would not be able to provide you with the treatment.
  2. We have a ‘​Legitimate Interest’​ in collecting the information because without it we could not do our job safely and effectively.
  3. We also think it is important for us to be able to contact you in order to confirm your appointment or update you on matters related to your medical care. Again this constitutes ‘​Legitimate Interest’​ but this time it is your legitimate interest.
  4. Provided we have your ​consent,​ we may occasionally send you general health information in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.

We have a ​legal obligation​ to retain your records for 8 years after your most recent appointment (or aged 25 whichever is longer) but after this period you can ask us to delete your records if you wish. Otherwise we will retain your records indefinitely in order to provide you with the best possible care should you need to see us at some future date.

Your records are stored on paper and in locked filing cabinets.

We will never share your data with anyone who does not need access without your written consent. Only the following people will have routine access to your data:

  • Your practitioner(s) so that they can provide you with treatment
  • Our reception or administrative staff so they can organize the practitioners’ diaries and coordinate appointments and reminders

As part of our obligations as primary healthcare practitioners, there may be times we need to share your medical records with other healthcare practitioners e.g. GPs, Consultants, surgeons, or medical insurance companies. Where this is the case, we will always inform you first unless we are under a legal obligation to comply.

From time to time too, we may employ consultants to perform tasks which may give them access to your personal data (but not your medical notes). We will ensure that they are fully aware this information must be treated as confidential and that they sign a non-disclosure agreement.

Our website was built using WordPress and is hosted by ​Cloud Heroes​, who​​ provide us with the online platform that allows us to promote our services to you. Your data that you enter into our website (such as email address and name) may be stored through ​WordPress ​data storage, databases and the general ​WordPress ​applications. They store your data on secure servers behind a firewall.

Cookies are used on this website to make the site easier to use and to track the traffic patterns of visitors. We are always working to improve our website for our users. If you do not accept the use of cookies, please let us know.

In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet which may include your email address, computer and connection information. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.

You have the right to see what personal data we hold on you and you can also ask us to correct any factual errors. Provided the legal minimum period has elapsed, you can also ask us to erase your records.

We want you to be totally confident that we are treating your personal data responsibly and that we are doing everything we can to make sure that only those people who can access the data have a genuine need to do so.

Of course, if you feel that we are mishandling your personal data in any way, you have the right to complain. Complaints must be sent to what is referred to in the jargon as the ‘Data Controller’. Here are the details you will need:

Data Controller: David Inman
Address: Oldfield Osteopathic Clinic, Livingstone Road, Bath, BA2 3PQ
Email: Daveinman8@gmail.com
Telephone: 01225 333166

If you have had no response within 30 days, you have the right to raise the matter with the ICO (Information Commissioner’s Office); again, here are the details you need (but hopefully not):

ICO: Information Commissioner’s Office
Address: Wycliffe House, Water Lane, Wilmslow, SK9 5AF
Email: https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 111

If anything is unclear or you wish to discuss our Privacy Notice further, please don’t hesitate!

Collection of Information Through Cookie Use

We may obtain information about your general internet usage by using a “cookie” file. A cookie is an element of data that a website can send to your browser, which may then be stored on your hard drive. If you do not agree, you can choose to not receive a cookie file by enabling your web browser to refuse cookies or to prompt you before you accept a cookie.

The following types of cookies may be used on our site:

Essential Cookies:​ These cookies are necessary for our site to work properly. They are usually only set in response to actions you take such as logging in or completing online forms. You can set your browser to block or alert you about these cookies, but some parts of our site may not function if these cookies are blocked.

Functionality Cookies:​ These cookies enhance the functionality of websites by storing your preferences (such as your preferred language or the region that you are in) and allow us to provide enhanced features on our site such as videos. These cookies may be set by us or by third-party content that we have placed within the pages. If you do not allow these cookies, some of the features on our site may not function properly and you may not receive a personalised experience when visiting the site.

Performance Cookies:​ These cookies allow us to count page visits and traffic sources so we can measure and improve the performance of the site. They help us to understand which pages are visited most frequently and how visitors interact with the site. Any information collected by performance cookies is aggregated and therefore not identifiable. If you do not allow these cookies we will not receive data related to your visits to the site.

Third-Party Cookies:​ These cookies may be set through the site by our advertising partners, such as Google. They may be used by these companies to enable them to build a profile of your interests and show relevant advertisements on other sites. These cookies are based on identifying your browser and internet device. If you do not allow these cookies, you will experience a decrease in the targeted advertisements that you see online.

If you opt in to use the “Remember me” feature, where enabled, on the site, a persistent cookie will be placed on your hard drive and you will not be required to log in for every session. By disabling cookies on your machine or clearing your browsing history you may deactivate the persistent cookie.

All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage your preferences related to cookies, please consult the privacy features within your browser.