Beaumont Street Chiropractic Clinic Privacy Policy

(Last reviewed:  June 2020)

What does this Privacy Policy explain?

This privacy policy explains what data we hold and process when you make enquiries to Beaumont Street Chiropractic Clinic (BSCC) or become a patient of the clinic  It also outlines the reasons for holding this data, how it is held securely and shows the clinic’s compliance with the General Data Protection Regulation (GDPR), the Data Protection Act (2018),and other UK data protection legislation.

Our contact details

Name:  Beaumont Street Chiropractic Clinic (BSCC)

Address:  2nd Floor, 30 Beaumont Street, Oxford, OX1 2NY

Phone Number:  01865 311871        07970 967774

E-mail:  info@oxfordchiropractor.com

Website:  www.oxfordchiropractor.com

The type of personal information we collect

We currently collect and process the following information:

  • Personal identifiers, such as but not limited to:  first name, last name, date of birth, gender, cookies and data usage.
  • Identity data, such as but not limited to:  contact telephone numbers, postal addresses, e-mail addresses.
  • Special category data, such as but not limited to:  detailed information about your current health status, medical history, details of appointment dates and times, genetics,  sexual orientation, race, ethnic origin, religion, details regarding any medical insurance you may hold, details of your GP and other health care professionals you have consulted.
  • Financial data, including but not limited to:  bank account and payment card details.
  • Transaction data, including but not limited to:  payments that you have made to BSCC.
  • Aggregated data:  This is data that we collect verbally, in written form and electronically via e-mail and our website that is not defined as personal data as it does not directly reveal your identity.  It is used by us to for statistical purposes and to analysis patient experience in the clinic (e.g. appointments attended, how you heard about the clinic).  This aggregated data used with the personal data that we hold could identify you.  This privacy policy, therefore, also covers this form of combined data.

How we get your personal information and why we have it

Most of the personal information we process is provided to us directly by you by telephone, telehealth consultations, completion of online forms, e-mail and face to face appointments.  Examples of other sources, which are indirect, include solicitors, insurance companies and other professionals who refer you to the clinic for treatment.

We use the information that you have given us in order to:

  • provide the highest level of chiropractic health care that we can.
  • fulfil our legal obligations.
  • provide you with the services or information that you have requested.
  • keep a record of your relationship with us.
  • send you correspondence and communicate with you.
  • protect your vital interests.
  • respond to or fulfil any requests, complaints or queries that you may have.
  • share your data with other parts of the health system such as local hospitals, GPs, social workers, and other health and care professionals, if required or if you consent.
  • understand how we can improve our services or information.
  • generate reports on our work and service.
  • safeguard ourselves.

Our legal basis for processing personal data

By law, we need a legal basis for processing the personal data of a client. We will process your data using the legal basis of consent, legal obligation, vital interests and legitimate interests.

Consent

Consent is given where we ask you for permission to use your information in a specific way and you agree to this. You have the right to withdraw your consent at any time.  This can be done by contacting us via the details at the start of this document.

Legal obligation and public interest

We have a basis to use your personal information where we need to do so to comply with one of our legal or regulatory obligations. For example, in some cases we may need to share your information with other health care providers or the police, if there is a safeguarding issue.

Vital interests

We have a basis to use your personal information where it is necessary for us to protect life or health. For example, there may be a safeguarding issue which requires us to share information with emergency services, the police or social care.

Legitimate interests

We have a basis to use your personal information if it is reasonably necessary for us to do so and in our “legitimate interests” (provided that what the information is used for is fair and does not unduly impact your rights).  For example, we have a legitimate interest to keep your personal data on our systems in order to keep it secure, process it and to provide you with a service.  We only rely on legitimate interests where we have considered any potential impact on you, whether or not our processing is excessive and that our processing does not override your right

How we store your personal data

Paper versions of notes and other documents containing personal data are held in a limited access locked storage area at the clinic, 30 Beaumont Street, Oxford, OX1 2NY.  Electronic versions of notes and other documents containing personal data are held using the software provider Cliniko.  They hold all the saved data in secure servers based only in the UK.

How long we hold your personal data

We will keep your personal data for as long as you are using our services and for a period of 8 years after cessation of this.  In the case of those under 18 when first attending for care data will be kept until they are 25 years of age.  We keep your data as you may need on-going care or access to your records in the future.

After this time paper files will be shredding and securely disposed of, and electronic files will be permanently deleted from the Cliniko software.

Who we may share data with

Subject to our legal basis and your informed consent, we may share data with:

  • Other parts of the health system such as local hospitals, GPs and other health and care professionals
  • Other professionals such as solicitors or insurers, upon your request
  • Organisations we have a legal obligation to share information with for safeguarding purposes
  • The courts, police or other law enforcement agencies if we must by law, court order or at your request
  • Our legal advisors and consultants
  • Our regulators (The General Chiropractic Council, The Royal College of Chiropractors, The McTimoney Chiropractic Association, The Alliance of UK Chiropractors)
  • Our insurance providers (Towergate Insurance Limited)
  • Our software providers, Cliniko.

We do not transfer any personal data we hold out of the EU or EEA.

Your data protection rights

Under data protection law, you have rights including:

Your right of access:  You have the right to ask us for copies of your personal information.

Your right to rectification:  You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure:   You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing:  You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing:  You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability:  You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights.  If you make a request, we have one month to respond to you.

Please contact us at by e-mail, info@oxfordchiropractor.com, if you wish to make a request.

How to complain

If you have a complaint or concern about the way we are collecting or using your personal data, please raise this with us in the first instance, by contacting:

Annabel James, 30 Beaumont Street, Oxford, OX1 2NY.

info@oxfordchiropractor.com

01865 311871

07970 967774

You can also raise your complaint or concern to the Information Commissioner’s Office (ICO):

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

This privacy policy will be periodically reviewed and updated to reflect changes in legislation or other privacy practices.