Privacy Policy

Your Privacy Matters

This privacy notice explains why Cleadon Ear Care (CEC) collect information about you, how that information may be used and how we keep it safe and confidential.  Some of this information is specific to Squarespace and WriteUpp how they operate, although this policy also covers other social media we utilise as well as information we collect from clients and potential clients. Squarespace is the platform for this website and Write Upp is the encrypted computer system that we use to store client contact details and notes from sessions securely.

This policy was last updated 22nd June 2022 and may be updated regularly.

Why we collect information about you

Health care professionals who provide your care keep records regarding your consultations. These records help to provide you with the best possible care.

We collect and hold data for the sole purpose of providing services to our clients. In carrying out this role we may collect information about you which helps us respond to your queries or refer on to specialist services. The records may include basic details about you, such as your name and address.

Records which CEC may hold about you may include the following:

· Details about you, such as your address and date of birth

· Any contact the clinic has had with you, such as booking forms, emails, telephone contact, website usage data, use of cookies, appointments and referrals from/to other specialist (such as GPs, ENT)

· Medical history relevant to your treatment with CEC

· Details about your treatment and care

· Relevant information from other referring health professionals

We only request details that are necessary to provide you with a proper and safe service.  

We also make sure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

· Data Protection Act 1998

· Common Law Duty of Confidentiality

· Health and Social Care Act 2015

· General Data Protection Regulation GDPR 2018

· Guide to Privacy and Electronic Communications Regulations (PECR)

We maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. safeguarding, the protection of yourself and/or others), or where the law requires information to be passed on.

How we use your information

Storage of Clinical records:  These are kept on WriteUpp which is a secure cloud-based practice management software, which uses two-factor authentication login and encrypted data replication to keep information safe. 

When making an online booking via our website, you will be asked some medical questions about your ear condition, this forms part of our clinical records. This helps us to make sure your appointment is tailored to your specific needs and you meet the requirements for the treatment to be carried out. When making any online payment, none of your financial details will be stored.

During the online booking process demographic data will be collected. This will be used to: send you your appointment and reminders of your appointment. It will also be used to send you relevant information for your treatment and ongoing ear care. We will also use this you send you information about our products/services and analytical data such as how you located our clinic and a follow up questionnaire for improving future practice at CEC.

Contact Form

The information you supply to us on our contact form is sent to us by email and will only be used to fulfil your enquiry. Emails sent through the contact form are read and replied to accordingly. If an appointment is booked, then a copy of the email is logged onto our booking system, Writeupp, for future reference and the email is then deleted. After 4 weeks, if no appointment is made, your data will be deleted and destroyed.

Clinical audit

Information may be used for clinical audit to monitor the quality of the service provided. Some of this information may be held centrally and used for statistical purposes but will remain anonymous.

Data retention

We will approach the management of patient records in line with the Data Protection Act and the GDPR 2018 which sets the required standards of practice in the management of records based on current legal requirements and medical professional best practice. The minimum recommended period for retention of healthcare personal data is seven years, after which time your personal details will be deleted and destroyed.

Administrative data is retained for up to six years as necessary in the event there are queries from HMRC. Where it is not necessary to retain the data it will be destroyed as soon as possible.

Website usage data

Analytics

This website collects personal data to power our site analytics, including:

·       Information about your browser, network, and device

·       Web pages you visited prior to coming to this website

·       Your IP address

This information may also include details about your use of this website, including:

·       Clicks

·       Internal links

·       Pages visited

·       Scrolling

·       Searches

·       Timestamps

We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity. The information collected is anonymous and is not used in any way that could identify you.

Cookies

This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies dropped on your device, visit About the cookies Squarespace uses.

·       These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.

·       These analytics and performance cookies are used on this site, as described below, only when you acknowledge our cookie banner. We use analytics cookies to view site traffic, activity, and other data.

If you would prefer us not to collect your website usage data you can opt out by disabling cookies using the cookie control popup on this website

What rights you have over your data

Under the terms of GDPR you have the following rights:- 

  1. the right to access 

  2. the right to rectification 

  3. the right to be forgotten

  4. the right to restrict processing

  5. the right to object to processing

  6. the right to data portability

  7. the right to complain to a supervisory authority

  8. the right to withdraw consent

These rights are subject to limitations and exceptions. You can learn more about your rights under GDPR by visiting The ICO Website

If you wish to exercise any of your rights in respect of your personal data/information under the GDPR please contact us directly by email in the first instance to advise.

For independent advice about data protection, privacy and data-sharing issues, you can contact The Information Commissioner’s Office at:

t: 0303 123 1113/email: https://ico.org.uk/global/contact-us/email/ or write to: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AFrivacy Policy

Your Privacy Matters

This privacy notice explains why Cleadon Ear Care (CEC) collect information about you, how that information may be used and how we keep it safe and confidential.  Some of this information is specific to Squarespace and WriteUpp how they operate, although this policy also covers other social media we utilise as well as information we collect from clients and potential clients. Squarespace is the platform for this website and Write Upp is the encrypted computer system that we use to store client contact details and notes from sessions securely.

This policy was last updated 22nd June 2022 and may be updated regularly.

Why we collect information about you

Health care professionals who provide your care keep records regarding your consultations. These records help to provide you with the best possible care.

We collect and hold data for the sole purpose of providing services to our clients. In carrying out this role we may collect information about you which helps us respond to your queries or refer on to specialist services. The records may include basic details about you, such as your name and address.

Records which CEC may hold about you may include the following:

· Details about you, such as your address and date of birth

· Any contact the clinic has had with you, such as booking forms, emails, telephone contact, website usage data, use of cookies, appointments and referrals from/to other specialist (such as GPs, ENT)

· Medical history relevant to your treatment with CEC

· Details about your treatment and care

· Relevant information from other referring health professionals

We only request details that are necessary to provide you with a proper and safe service.  

We also make sure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed.

We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

· Data Protection Act 1998

· Common Law Duty of Confidentiality

· Health and Social Care Act 2015

· General Data Protection Regulation GDPR 2018

· Guide to Privacy and Electronic Communications Regulations (PECR)

We maintain our duty of confidentiality to you at all times. We will only ever use or pass on information about you if others involved in your care have a genuine need for it. We will not disclose your information to any third party without your permission unless there are exceptional circumstances (i.e. safeguarding, the protection of yourself and/or others), or where the law requires information to be passed on.

How we use your information

Storage of Clinical records:  These are kept on WriteUpp which is a secure cloud-based practice management software, which uses two-factor authentication login and encrypted data replication to keep information safe. 

When making an online booking via our website, you will be asked some medical questions about your ear condition, this forms part of our clinical records. This helps us to make sure your appointment is tailored to your specific needs and you meet the requirements for the treatment to be carried out. When making any online payment, none of your financial details will be stored.

During the online booking process demographic data will be collected. This will be used to: send you your appointment and reminders of your appointment. It will also be used to send you relevant information for your treatment and ongoing ear care. We will also use this you send you information about our products/services and analytical data such as how you located our clinic and a follow up questionnaire for improving future practice at CEC.

Contact Form

The information you supply to us on our contact form is sent to us by email and will only be used to fulfil your enquiry. Emails sent through the contact form are read and replied to accordingly. If an appointment is booked, then a copy of the email is logged onto our booking system, Writeupp, for future reference and the email is then deleted. After 4 weeks, if no appointment is made, your data will be deleted and destroyed.

Clinical audit

Information may be used for clinical audit to monitor the quality of the service provided. Some of this information may be held centrally and used for statistical purposes but will remain anonymous.

Data retention

We will approach the management of patient records in line with the Data Protection Act and the GDPR 2018 which sets the required standards of practice in the management of records based on current legal requirements and medical professional best practice. The minimum recommended period for retention of healthcare personal data is seven years, after which time your personal details will be deleted and destroyed.

Administrative data is retained for up to six years as necessary in the event there are queries from HMRC. Where it is not necessary to retain the data it will be destroyed as soon as possible.

Website usage data

Analytics

This website collects personal data to power our site analytics, including:

·       Information about your browser, network, and device

·       Web pages you visited prior to coming to this website

·       Your IP address

This information may also include details about your use of this website, including:

·       Clicks

·       Internal links

·       Pages visited

·       Scrolling

·       Searches

·       Timestamps

We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity. The information collected is anonymous and is not used in any way that could identify you.

Cookies

This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies dropped on your device, visit About the cookies Squarespace uses.

·       These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.

·       These analytics and performance cookies are used on this site, as described below, only when you acknowledge our cookie banner. We use analytics cookies to view site traffic, activity, and other data.

If you would prefer us not to collect your website usage data you can opt out by disabling cookies using the cookie control popup on this website

What rights you have over your data

Under the terms of GDPR you have the following rights:- 

  1. the right to access 

  2. the right to rectification 

  3. the right to be forgotten

  4. the right to restrict processing

  5. the right to object to processing

  6. the right to data portability

  7. the right to complain to a supervisory authority

  8. the right to withdraw consent

These rights are subject to limitations and exceptions. You can learn more about your rights under GDPR by visiting The ICO Website

If you wish to exercise any of your rights in respect of your personal data/information under the GDPR please contact us directly by email in the first instance to advise.

For independent advice about data protection, privacy and data-sharing issues, you can contact The Information Commissioner’s Office at:

t: 0303 123 1113/email: https://ico.org.uk/global/contact-us/email/ or write to: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF