Data Protection and Privacy Policies

Please read carefully to understand how we collect, use, protect and handle your Personally Identifiable Information (PII). PII is considered as confidential, though we reserve the right to disclose this information in the certain circumstances and we will fully comply with all applicable to Data Protection Law and General Data Protection Regulations (GDPR).

GDPR

General Data Protection Regulations (GDPR) applies to every business that collects, stores and uses personal data relating to customers, staff or other individuals.

The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This could include chronologically ordered sets of manual records containing personal data.

What is Personal Identifiable Information?

This can be your name, email address, mailing address, phone number.

Responsibilities

Everyone who works at Cam Osteopathy Limited has some responsibilty for ensuring data is collected, stored and handed appropriately. The company director is ultimately responsible and is the sole data controller for ensuring Cam Osteopathy Limited meets its obligations. Cam Osteopathy Limited is registered for data protection with the Information Commissioners Office in the United Kingdom.

Data Storage

These rules describe how and where data should be stored safely. Questions about storing data safely can be directed to the data controller.

When data is stored on paper, it should be kept in a secure place where unauthorised persons cannot see it. Thse guidelines also apply to data that is usually stored electronically but has been printed out for  some reason.

Paper Based Data

When not required, the paper or files should be kept in a locked draw or filing cabinet

Data print outs should be shredded and disposed of securely whern no longer required

Electronic Data

When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts.

Data should be password protected

Third party servers that contain personal identitifiable information are in a secure location.

All computers and servers are protected by approved security software and a firewall.

Data Use

Personal Data is of no value to Cam Osteopathy Limited unless the business makes use of it. Personal Data should not be shared informally.

How we use your Personal Identifiable Information

We collect information by various sources such as our clinical paperwork, website, social media and appointment enquiries and bookings by telephone or e-mail.

Paper Based Data

Personal Identifiable information can be recorded in clinical paperwork and notes this can include our GDPR and data protection declaration and clinic notes. These are kept confidential.

Email

We collect your email address and contact information to either confirm or inform you of scheduled appointments, and to provide you with any relevant information in the future. In addition, follow up communications, and initiation of next appointments when required.

We may collect information, when you book an appointment, enter information on our site, sign up for our newsletter, respond to a survey or marketing communication such as a clinic newsletter and any other relevant information. In this instance, we ask for permission from relevants persons to do so.

In the event that you do not wish to be contacted for such purposes, you may unsubscribe from our contact list at any time. or, you can also email us and we will promptly remove you from all correspondence.

Telecommunications

Appointment reminders, Appointment bookings, appointment enquiries or follow up communication can be used at the consent of relevant persons.

Social Media

We may collect personal data as part of a correspondance between us and relevant persons on social media platforms such as facebook and twitter.

Website and Third Party Providers

We and our third party providers of content may collect and use information about where you are on the internet (eg. the URL you came from, IP address, domain types, your browser type, the country where your computer is located, the pages of our website that were viewed during your visit, the links you clicked on, and any search terms that you entered into a search engine (“User Information”).

We may collect this information even if you do not register with us.

Disclosure of Data

In certains circumstances, the data protection act allows personal data to be disclosed to law enforcement agencies without consent of the data subject. Under circumstances, Cam Osteopathy Limited  will disclose requested data. However the data controller will ensure the request is legitimate, seeking assistance from the company director and from the company’s legal advisors where necessary.

Any data passed onto another medical healthcare practitioner for referral will require consent / permission from the relevant person(s).