Maudie Evitt Acupuncture Data Protection & Privacy Policy

Any personal data provided by you to Maudie Evitt through any means (verbal, written, in electronic form, or by your use of our website) will be held and processed in accordance with the data protection principles set out in the Data Protection Act 1998 and the General Data Protection Regulation for the purposes for which you have given consent, to provide the services you have requested from us, and to meet the legitimate interests of the charity.

Introduction

Maudie Evitt (the ‘data controller’, referred to below as “ME”, “us”,“we” or “I”) is committed to protecting your privacy. Please read the following in order to learn more about ME’s privacy policy and our information collection and use practices. This policy only applies to data collected by ME via her own forms and website. Third party agents, and websites which are linked to ours, are not covered by this policy. If you have any queries concerning your personal information or any questions on our use of the information, please contact the Director using the email provided. When you request treatment with Maudie or otherwise provide your personal details to ME, you will be asked to consent to our processing of your data under the terms of this policy.

What information do we collect?

Treatment Bookings – Booking can be done online or in person. The booking process involves providing us with your name, address, telephone numbers and email address. We may also request information on your availability, therapeutic issues, and other details which we deem relevant to processing your booking.

Initial Assessment Appointments– At an initial appointment we ask about your current personal, social, medical and financial circumstances. I will also ask about your background and family history, as well as the issues which are affecting you now. I require this information so that I can decide if I can provide treatment for you, and to manage the service ME will provide you.

What do we use your information for?

We use information held about you in the following ways: To provide clients with the professional and personal treatment on offer. To enable ME to offer appropriate support and information for future practitioners of yours (with your consent). To notify you about changes to your appointments and other changes to services. To seek feedback from you on your experience of treatment. To improve the service to ensure that it is provided in the most effective manner for you and for us. To administer our service, including the arrangement of appointments, the handling of donations, and for financial control, data analysis, research, statistical and survey purposes. To keep in touch with those who consent to this, for the purposes of organisational, service and professional development. To fulfil the potential of each treatment and future bookings.

What information do we share?

We will not share any information about you with other organisations or people, except in the following situations: Consent – ME may share your information with professional carers or others whom you have requested or agreed we should contact.

Serious harm – ME may share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person.

Compliance with law – ME may share your information where we are required to by law or by the regulations and other rules to which we are subject.It is necessary to provide your employee details to our payroll management company. As part of the backups of encrypted data processed and held by professional IT security companies.

How do we keep your information safe?

All information you provide to us is stored as securely as possible.  All paper forms and correspondence are kept in locked filing cabinets on our premises.  All electronic records are stored on our own on-site computer server, all access to which requires password-protected authentication, or by reputable service providers using secure internet ‘cloud’ technology. Unfortunately, the transmission of information via the internet is never completely secure. Although we will do our best to protect your information using industry-standard protocols and encryption, we cannot guarantee the security of your data transmitted to us via email, including forms completed on our website which are transmitted by email; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Your identifiable personal information is kept separately from any session notes and other descriptive material. Client notes and other documentation are destroyed 3 years after the end of treatments. Personal contact details are destroyed/deleted after 10 years of no contact or updates.

Your rights

You have the right to ask us to provide a copy of the information held by us in our records. You also have the right to require us to correct any inaccuracies in your information. If you would like to do this, please contact ME via the email provided. You may withdraw your consent for us to hold and process your data at any time.

Cookies

We do not use cookies to collect any personal information on our website, or to share your browsing behaviour with any third party except: Google Analytics – Like hundreds or thousands of websites you visit, we use Google Analytics to collect generic, anonymous data from all visitors to monitor how our website is used. This data is shared with Google in return for the service they provide.

Changes to this policy

We may edit this policy from time to time. If we make any substantial changes we will notify you by posting a prominent announcement on the website.