Coronavirus Pandemic Addendum
Please note that during the pandemic I might be contacted by NHS Test & Trace to notify them of anybody I have been in close contact with. This will include clients between any specified dates and times. If this applies to you I will need your permission to allow me to share your information with them in these circumstances.
1. How personal information is collected
1.1. We regard “personal data” as information about you from which we can identify you (either on its own, or by compiling it with other information).
1.2. We collect this information from various sources to help us manage the business and to keep in contact with you. Typically, these sources are: ‘sign-up’ forms from Internet websites, telephone enquiries, in-person enquiries and email requests. Additional information may be gathered and recorded once a client attends for consultation.
1.3. We will ask you to agree to use of this data by giving us your consent (i.e. to ‘opt-in’). We require that you opt-in to the use of your personal data by ticking a ‘Consent Given’ box. By doing this, you consent to us collecting and processing the data that you have supplied to us, and to us using it to contact you.
2. The type of information we collect & hold
2.1. We hold personal contact information such as name, address, email address, and contact telephone number(s). We may hold contact details for relatives and emergency contact(s). Additionally, we hold some personal data that assists us in providing an efficient clinical service, (such as date of birth and relevant health/medical information).
2.2. We also hold information on previous clients.
2.3. All data records are held in a secure manner and for a time period that is considered appropriate for our business needs, typically this will be for a minimum of 7 years unless you specifically request otherwise – see the section on ‘Your Rights’.
3. How your personal data is used
3.1. We only use your data for the legitimate interests and running of the business. Typically, we use your data to enable us to contact and communicate with you, as our current or potential clients. This may be for booking or re-arranging appointments, getting in touch with you in an emergency, or for the purposes of promoting and marketing our services and/or offers. We maintain your data on our internal databases to allow us to manage the on-going business and provide an efficient service to you.
3.2. We do not share, sell or exchange your information with any external parties for the purposes of marketing nor profiling.
4. Who has access to information
4.1. Only myself as your therapist has access to your personal information in order to carry out day-to-day duties and to maintain the needs of the business.
4.2. Information may be held by, or we may disclose to, our third-party service providers as above for the purposes of providing services to us, or directly to you, on our behalf. Such third parties may include cloud service providers (such as email and file management); when we use them, we only disclose limited personal information that is necessary for them to provide their service in accordance with our specific instructions.
4.3. Third Party Internet providers may collect and retain basic contact details to notify us of potential clients who have expressed an interest in our services. They are governed by the legal requirement for clients to ‘opt-in’.
5. How is your personal privacy protected
5.1. We take all reasonable precautions to maintain your personal data in a secure environment. This includes, but is not limited to, the use of password protection for access to applications, computer folders/files and mobile phones; the secure storage of paper records; the archiving of email correspondence.
5.2. We may keep your data for a limited, reasonable period, as appropriate for the needs of the business. The only exceptions to this are where the law requires us to hold personal information for a specified period or to delete it sooner – see the section on ‘Your Rights’.
5.3. Whilst we will strive to protect all of your personal information that we hold, we cannot guarantee the security of any information that you transmit to us over the Internet, and so you do so at your own risk.
6.2. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
6.3. We use the following cookies:
Strictly necessary cookies: these are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical performance cookies: they allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies: these are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies: these cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
6.4 You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
6.5 Except for essential cookies, all cookies will expire after 6 months.
6.6 Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
7. Your Rights
Your data subject rights: legislation deems us to be the ‘controllers’ of the personal data that we hold. Therefore, we are responsible for how it is used by us and our third parties and how we inform you of that. You have a number of rights in relation to your personal information under data protection law. If we receive a request from you to disclose the personal data that we hold on you, we will respond to you within 30 days, at no charge to you. Our contact details, and how to contact us, can be found at the end of this policy statement.
7.1. Accessing your personal information: You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address listed in our contact details. We may not provide you with a copy of your personal information if it concerns other individuals, or we have another lawful reason to withhold that information.
7.2. Correcting & updating your personal information: The accuracy of your information is important to us. If you change any of your personal details, have reason to believe, or, discover that it is inaccurate or out of date, please contact us so that we can correct it.
7.3. Withdrawing your consent: We rely on your consent as the legal basis for processing your personal data and to receiving direct marketing. You may withdraw your consent at any time by contacting us. If you would like to withdraw consent to receiving direct marketing, you can also do so by using our unsubscribe tool. If you withdraw your consent, our use of your personal data before you withdraw is still lawful.
7.4. Objecting to our use of personal information & automated decisions made about you: Where we rely on our legitimate business interests as the legal basis for processing your personal information, you may object to us using your personal information for these purposes by contacting us. We will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise, we will provide you with our justification as to why we need to continue using your data. You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request; if you would like to do so, please use our unsubscribe tool.
7.5. Erasing your personal information: You can ask us to remove your personal information that we hold from our internal systems at any time by emailing or writing to us – see our contact details. We will make all reasonable efforts to comply with your request in a reasonable timeframe unless there is a reason that the law prohibits us from doing this.
7.6. Restricting your personal information: You may ask us to restrict the processing of your personal information where you believe it is unlawful for us to do so, or where you have objected to its use and our investigation is pending. In these circumstances we may only process your personal information where we have your consent, or we are legally permitted to do so – for example, for storage purposes, to protect the rights of another individual or in connection with legal proceedings.
7.7. Transferring your personal information in a structured data file: Where we rely on your consent as the legal basis for processing your personal information, you may ask us to provide you with a copy of that information in a structured data file format. We will provide this to you electronically in a commonly used machine-readable form, such as a CSV file. You can ask us to send your personal information directly to another service provider if this is technically possible. We may not provide you with a copy of your personal data if it concerns other individuals or if we have another lawful reason to withhold that information.
7.8.Data breaches: In the unlikely event of a breach of your personal data, we will notify you of this within 72 hours of our discovery. If we consider this to be a serious breach, we will also notify the Regulator. We will identify and put in place measures to prevent a similar occurrence in a timely manner and ensure appropriate and suitable protection of personal data is incorporated in future design of our systems and processes.
7.9. Complaining to the UK data protector regulator: You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.
8.1. We will ask you to consent to email/telephone/SMS correspondence if you register with us through our website or if you complete a Health Screening form prior to attending an appointment.
8.2. We may also ask you to provide us with your preferred additional methods of receiving marketing information from us (for example, by post). From time to time we may ask you to refresh your marketing preferences by confirming that you consent to continue to receive information from us.
9. How to contact us
9.1. Bowen Manchester acts as a sole trader. If you have any questions, suggestions or complaints about the processing of your personal information, would like to see a copy of the information we hold for you, or wish to contact us for any general matters, you can do so by using any of the contact details below.
9.2. The main office is at the following address for written correspondence: 26 Rectory Avenue, Prestwich, Manchester M25 1DE
9.3. We can be contacted on the following telephone number: Mobile 07927 868363
9.4. We can be contacted at the following email address: firstname.lastname@example.org
10. Last Update of this Policy
10.2. We may review this policy at any time and changes will be notified to you by us posting an updated version on our website and/or by contacting you by email.
10.3. We recommend that you regularly check for changes and review this policy when you visit our website. If you do not agree with any aspect of the updated policy, you should promptly notify us and cease using our services.