Name: Helen Rigler, Holistic Therapist. The Egdon Heath Practice
Dated: 1st March 2018
Last Reviewed: May 2020
The purpose of the Policy is to outline our commitment to customer privacy and data protection. The Policy is in accordance with the compliance and requirements of the General Data Protection Regulations (GDPR).
The Policy relates to the personal information we hold on our clients. This includes:
Name and Address
Telephone Numbers and Email
Date of Birth
Medical History and any other personal information
Treatment Record Cards
2. Your Personal Information
Your personal information is treated confidentially and is collected for our own purposes. It will enable us to contact you in case of any emergency, or to cancel/rearrange/remind you of upcoming appointments, or to check on your wellbeing following a complementary therapy session. It also enables us to monitor your health and wellbeing during your treatment sessions with us.
3. What Information is held?
Medical Consultation Forms – This includes name/address/phone numbers/date of birth/name of GP/next of kin/emergency contact/current medication/detailed medical history and lifestyle/consent
Treatment Record Card – This includes client’s name/date/complementary therapy received/products used/techniques applied/client’s response to treatment/findings/after care advice/suggested follow up/client’s response following session.
4. How do we secure your personal date?
Most information is held manually in paper format. This is locked away in a fire proof filing cabinet in a locked cupboard at our business premises, namely The Ex Telephone Exchange, Dorchester Road, Winfrith, Dorchester, DT2 8LE. Access to this filing cabinet is restricted to Helen Rigler.
For ease of reference, the majority of client’s phone numbers and email addresses are also held on a mobile phone. This mobile phone (number 07766691080) is owned and used solely by Helen Rigler. This mobile phone is secured and accessed by a 4 digit access code.
In addition, we also use a leading electronic salon booking system which captures your personal data. This is accessed by Helen Rigler only.
Card payments are taken using a desktop terminal, no financial data is stored electronically. Merchant paper transaction receipts are held securely in accordance with PCI DSS compliance standards.
5. When do we share personal data?
Your details are for our own purposes and are generally not shared with any third party. However, the exception to this is when written medical permission is required prior to treatment commencing. Please note that approval from the client will be obtained prior to any letter being sent to their GP (or other medical professional). A copy of any such letter, and any subsequent reply, will be sent to the client.
In addition where there is a concern for the Safe Guarding of an individual, then personal information will be shared with the appropriate authority.
And finally where there is known/suspected criminal activity, then personal information will be passed to the Police.
6. How long do we keep your personal data for?
The personal details of a client will be kept for 10 years following their last appointment. Old records will be cross shredded and incinerated.
However, the personal details/treatment record cards for maternity clients will be kept for 18 years following their last appointment.
7. Your rights in respect of personal data
We respect the rights of individuals in the way that we hold their data. A person may withdraw their consent for us to hold their personal data at any time. A person may also request copies of the personal information we hold on them. Copies will be provided free of charge within 21 days. Requests can be made for correction/deletion of information. These requests will be dealt with by Helen Rigler. However, no information will be deleted which is required to be held by law. Professional advice will be sought in the event of any discrepancies.
8. Marketing Preferences
Following the completion of a marketing preference form, we will let you know of any news and special offers which we think may be of interest to you. This will be done via post, telephone, sms or email. However, you can change your preferences or remove your consent at any time by contacting email@example.com
9. How to contact us?
Should an individual have any questions, concerns or complaints regarding their personal data, then in the first instance they should contact:
The Egdon Heath Practice
The Ex Telephone Exchange
In the event that the concerns/complaint are not dealt with satisfactorily, then the individual should approach the Information Commissioner’s Office on 0303 1231113.
Ex Telephone Exchange,
Tuesday 9am – 5pm
Wednesday 9am – 5pm
Thursday 9am – 7pm
Friday By appointment
2nd Saturday of every month 9am – 1pm