We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
What information do we collect?
We may collect, store and use the following kinds of personal information:
information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation; information that you provide to us for the purpose of registering with us; information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters
What we do with the information we gather
(a) We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
(b) Internal record keeping.
(c) We may use the information to improve our products and services.
(d) We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
(e) From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. (f) We may use the information to customise the website according to your interests.
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website.
Session cookies will be deleted from your computer when you close your browser.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites (including this one).
Using your personal information
We may use your personal information to:
(a) administer the website;
(b) improve your browsing experience by personalising the website;
(c) enable your use of the services available on the website;
(d) send to you goods purchased via the website, and supply to you services purchased via the website;
(e) send statements and invoices to you, and collect payments from you;
(f) send you general (non-marketing) commercial communications;
(g) send you email notifications which you have specifically requested;
(h) send to you (our newsletter and other) marketing communications relating to our business (or the businesses of carefully-selected third parties) which we think may be of interest to you by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);
(j) deal with enquiries and complaints made by or about you relating to the website; and
(k) other uses.
Where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us.
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing
Specifically to osteopathy
Osteopaths at Back in Brighton Ltd diagnose and treat health conditions. As such, we are required to take a detailed account of the patient’s present and past medical history. This will include details concerning medication and previous treatment. Patient data is held securely and is not shared with anyone not involved in your care. We will not make any personal information available to a third party (other than in respect the agencies involved in the maintenance and upkeep of this website), unless required to do so by law (please see ‘Advice to patients’ and ‘Terms and Conditions for the use of this website’).
To be able to process your personal data it is a condition of any consultation/treatment that you give your explicit consent to allow us to document and process your personal medical data. Your contact details provided by you such as telephone numbers, email addresses, and postal addresses may be used to remind you of future appointments, or to find out how you are and provide reports or other information concerning your treatment.
(a) There will be times when it may be necessary to share details of your medical records with other healthcare practitioners such as GPs, consultants, surgeons, x ray/MRI departments etc. and medical insurance companies. We will always inform you and obtain your consent first unless we are under a legal obligation to comply.
(b) We may also use your contact details to respond to your enquiries, including by telephone, text and email, information which we believe may be of interest to you (but you may opt out of this service at any time). We may act on behalf of patients in the capacity of data processor, when we may promote other practitioners based at ‘Back in Brighton’, who may not be employed by us.
(c) Basic personal data may be collected about you from the marketing forms and surveys you complete, from records of our correspondence and phone calls and details of your visits to our website, including but not limited to, personally identifying information like Internet Protocol (IP) addresses.
(e) We will only collect information needed in order to provide you with the services you require. We DO NOT sell your data.
Legal basis and legitimate interests
The legal basis for processing your personal data is to meet our contractual obligations obtained from explicit patient consent and to respond to enquiries concerning the services provided. To promote treatment and advice on all types of health problems related to osteopathic care.
Through agreeing to this privacy notice you are consenting to us processing your personal data for the purposes outlined. You can withdraw consent at any time by contacting us by email, postal address or telephone provided at the end of this Privacy Notice.
In addition, we may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any legal proceedings or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling; and
(e) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
We will process personal data as outlined above and will continue to store this data for approximately eight years after the last visit or contact with the patient (and when the contract has expired), in order to meet our legal obligations. After this period all personal data will be deleted. Data concerning minors who have received treatment will be retained until the child has reached the age of 25.
Security of your personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. Data is stored both in the UK and outside the EEA. Where data is held outside the EEA, it is stored with organisations who have demonstrated they are fully in compliance with GDPR requirements.
You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to:
the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).
We may withhold such personal information to the extent permitted by law.
You may instruct us not to process your personal information for marketing purposes by email at any time. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal information for marketing purposes.
Data subjects have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply you have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
Osteopaths may in certain circumstances refuse your request under rights of access. In such cases we will provide you with a reason as to why, which you have the right to legally challenge. At your request we will confirm what information Back in Brighton Ltd holds about you and how it is processed.
Patients may request the following information:
- Identity and the contact details of the person or organisation (Back in Brighton Ltd) that has determined how and why to process your data.
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of ‘Back in Brighton Ltd’ and information about these interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- How long the data will be stored.
- Details of your rights to correct, erasure, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority (ICO).
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
Please let us know if the personal information which we hold about you needs to be corrected or updated.
Contact or complaint
The data controller responsible in respect of the information collected on this website is Back in Brighton Ltd.