Privacy Policy
This privacy notice aims to give you a summary on how Osborne Chiropractic collects and processes your personal data during and after your time as a patient.
Osborne Chiropractic
PATIENT PRIVACY POLICY - SUMMARY
1. Purpose of this privacy notice
This privacy notice aims to give you a summary on how Osborne chiropractic collects and processes your personal data during and after your time as a patient.
Osborne Chiropractic is the controller and responsible for your personal data (collectively referred to as "Osborne Chiropractic ", "we", "us" or "our" in this privacy notice).
Name or title of Data Privacy Manager: Luther Moss address: Osborne Chiropractic, 6A Cross Street, Shanklin, PO37 6AT
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
2. The data we collect about you
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data includes title, first name, last name, date of birth and gender.
- Contact Data includes email address, home address, billing address and telephone numbers.
- Special Category Data includes information about your health, genetics, sex life, sexual orientation, race, ethnic origin and religion.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
3. How is your personal data collected?
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity, Contact, Special Category and Financial Data when you become a patient.
- Third parties. We may receive personal data about you from various third parties and public sources as set out below:
- Referrers: who may provide us with Special Category data to facilitate your treatment with us.
- Insurance Companies:
- Solicitors
4. Purposes for which we will use your personal data
- Performance of our contract with you
- To register you as a new patient or take steps to register you as a new patient.
- To comply with our obligations under our contract, namely to provide you with the necessary treatment.
- Legitimate interests
- To collect and recover money owed to us.
- Legal or regulatory obligation
- We also rely on the legal or regulatory obligation ground to process your data in some circumstances.
Condition under which we process your special category data:
To process your special category, we rely on the contractual ground and also the special condition which allows health professionals to process the data for the purposes of preventative or occupational medicine, and the provisions of health care treatment.
5. Disclosures of your personal data
- We may have to share your personal data with the parties set out below:
- Professional healthcare practitioners
- Service providers based in UK who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom who require reporting of processing activities in certain circumstances.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
6. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
7. Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.
8. Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
- Request access to your personal information (commonly known as a "data subject access request").
- Request correction of the personal information that we hold about you.
- Request erasure of your personal information.
- Object to processing of your personal information where we are relying on a legitimate interest.
- Request the restriction of processing of your personal information.
- Request the transfer of your personal information to another party.
- Withdraw consent at any time where we are relying on consent to process your personal data.
If you would like to exercise any of the above rights, please contact the Data Privacy Manager in writing.