GDPR rules are coming into force in May 2018
That is General Digital Processing Regulations and these will affect the way businesses intereact with their customers. In short, it covers how we use any data we obtain from you. Full disclaimers and information will be posted elsewhere on this site but essentially:
Our lawful basis for your data is to process your request (and consent) for us to assist providing you with hair loss information and treatment. Our purpose is to use your data to be able to contact you via telephone, post or email communication regarding those services.
Our medical records are paper based and we do not store personal details digitally, except name, address, DOB, payments/invoicing etc to assist administration in contractual applications with you.
We do not supply third parties with your information. You can ask for us to remove your consent to use your details i.e. for direct marketing.
Full version below:
This website privacy policy was updated on: 15/05/2018.
Privacy Policy
Westminster Clinic Ltd is committed to protecting and respecting your privacy.
Westminster Clinic Ltd understands that your personal data is entrusted to us and appreciate the importance of protecting and respecting your privacy. To this end we comply fully with the data protection law in force in the UK.
This Privacy Policy sets out the basis on which we collect and process personal data about you including our practices regarding the collection, use, storage and disclosure of personal data that I collect from you and/or hold about you, and your rights in relation to that data.
Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website or other online or digital platform(s) you are accepting or consenting to the practices as described or referred to in this Privacy Policy.
For the purpose of Data Protection Laws, the data controller is Westminster Clinic Ltd.
What personal data may we collect from you?
When we refer to personal data in this policy, I mean information that can or has the potential to identify you as an individual.
Accordingly, we may hold and use personal data about you as a customer, for example, when you complete a form, access my services or speak to me.
Personal data we collect from you may include the following:
· information that you give me when you enquire or become a customer including name, address, contact details (including email address and phone number)
· details of referrals, quotes and other contact and correspondence we may have had with you
· other information received from other sources, including from your use of website.
· Where you use any of our websites, we may automatically collect personal data about you including: Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. For the exhaustive list of cookies we collect see the list of cookies.
When do we collect personal data about you?
if you:
· visit one of our websites
· enquire about any of our services
· register to be a customer
· fill in a form
· contact us, for example by email, telephone or social media
How do we use your personal data?
Your personal data will be kept confidential and secure and will only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws.
We may use your personal data to:
· enable us to carry out our obligations to you arising from any contract entered into between you and us including relating to the provision of services to you and related matter such as, billing, accounting and audit, credit or other payment card verification and anti-fraud screening
· provide you with information, products or services that you request
· provide you with information about products or services we offer that we feel may interest you. Unless you have consented to receive marketing communications by electronic means from us, by ticking the relevant box on the form on which we collect your data, we will only contact you by electronic means (e-mail or SMS) with information about products and services similar to those which you previously purchased or enquired about from us
· notify you about changes to our products or services
· respond to requests where we have a legal or regulatory obligation to do so
· to ensure that content from any of our websites is presented in the most effective manner for you and for your computer.
The security of your personal data
We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. We conduct assessments to ensure the ongoing security of my information systems.
Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable UK laws.
All information you provide to us is stored securely. Any payment transactions will be processed securely by third party payment processors. Where we have given you (or where you have chosen) a password that enables you to access certain parts of my website, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.
The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.
At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.
Disclosure of your personal data
In the usual course of our business, we may disclose your personal data (to the extent necessary) to certain third-party organisations that we use to support the delivery of my services.
This may include the following:
· business partners, suppliers and sub-contractors for the performance of any contract we enter into with you,
· organisations providing IT systems support and hosting in relation to the IT systems on which your information is stored,
· third party debt collectors for the purposes of debt collection,
· delivery companies for the purposes of transportation,
· third party service providers for the purposes of storage of information and confidential destruction,
· third party marketing companies for the purpose of sending marketing emails, subject to obtaining appropriate consent.
· Where a third-party data processor is used, we will ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws.
Marketing
If you have consented to our processing your personal data for marketing purposes, in accordance with this Privacy Policy, we may send you information (via mail, email, phone or SMS) about our products and services which we consider may be of interest to you.
You have the right to ask me not to process your information in this way at any time.
If you no longer wish to receive web based marketing information you can unsubscribe by emailing us. While the precise timings vary we generally ask that you give at least 30 days’ notice.
Accessing and updating your information
The law gives you certain rights in respect of the personal data that we hold about you. In addition to your right to stop marketing, detailed above, below is a short overview of the most commonly-used rights. It is not an exhaustive statement of the law.
With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data that we hold about you
You have the right to have the personal data I hold about you corrected if it is factually inaccurate. If any of your personal data has changed, especially contact information such as: email address, postal address and phone number please get in touch with so we can ensure your personal data is kept up to date
If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email or to write to us for the attention of the data protection officer at the address mentioned above.