Bannerdale Osteopaths Ltd | Registered Office 5 Machon Bank Road, Nether Edge, Sheffield | Registered in England and Wales 09056843
Data protection contact:
Last updated: April 2020
Here at Bannerdale Osteopaths we take your privacy seriously and will only use your personal information to administer your account and to provide the products and services that you have requested from us.
We are committed to protecting your and your family’s personal information when you are using any of our services. The Privacy and Cookies Policy relates to our use of any personal information we collect from you via the following services:
- Any Bannerdale Osteopaths Website that links to this Privacy and Cookies Policy
- Social media or official Bannerdale Osteopaths content on other websites
- Mobile devices
- Physitrack [PhysiApp] (our virtual appointment and exercise system)
It also relates to our use of any personal information you provide us by phone, SMS, email, in letters and other correspondence and in person.
Bannerdale Osteopaths works hard to safeguard your personal information. Whenever you provide such information, we are legally obliged to use your information inline with all applicable laws and regulations concerning the protection of personal information including the current Data Protection Act 1998 and the General Data Protection Regulations introduced in May 2018.
In order to provide you will a full range of products and services, we sometimes need to collect information about you. You can trust us with your information – we have created this policy to help you understand what data we collect, how we collect it, what we disclose and how we use, store and transfer it.
Our Privacy Commitments:
- For as long as we keep your data we will work with you to keep it up to date and we will protect it with the appropriate security and safety measures
- We will be as transparent as we can with you on what personal data we collect, how we use it and how it will be processed
Remember you can email us at firstname.lastname@example.org to update your privacy preferences, alternatively, you can change your settings via our reception team or using our Cliniko system. If you have any questions at all about our privacy or cookies policy you can contact us 24 hours a day, 7 days a week at email@example.com.
These policies apply to:
- All visitors to our website
- All prospective job applicants
- All clients who use our products or services
Who we are:
Bannerdale Osteopaths is a private healthcare provider, established in 2005. We have a number of highly skilled osteopaths and other healthcare experts. We are a professional, friendly, modern and evidence-based practice. Our holistic approach means we can get you better, quicker and we pride ourselves on getting you better in as few appointments as possible.
The products and services we offer include:
- Osteopathy (in-person and virtual appointments)
- Laser therapy
- Sports massage and therapy
We are recognised by most major health insurers.
1.1 Compliance with Regulatory Authorities:
We regularly review our compliance with our Privacy and Cookies Policy. When we receive formal written complaints, we will contact the person who has made the complaint to follow up. We will also work with the appropriate regulatory authorities, including local data protection authorities such as the Information Commissioner’s Office (ICO) to resolve any complaints regarding the transfer of personal data. As a Data Controller who is processing personal information and who meets certain criteria, we are registered with the ICO. You can click here to view our registration details.
2.0 Compliance with Data Protection:
2.1 What information we collect about you:
We collect information to provide better products and services to all our service users. We collect information in the following ways:
- The information you give to us: Many of our services require you to provide us with personal information as part of our client registration, appointment booking or marketing processes. When you sign up to receive any of our products or services we will ask you for information such as your name, email address, residential address or telephone number.
- The Information we get from your use of our services: We collect information about the services that you use and how you use them, like when you visit our clinic or visit a website that uses our advertising services or view and interact with our ads and content.
The types of personal information we use may include:
- Personal details such as names, addresses, telephone numbers
- Family details for example next of kin
- Education, training
- GP details
- Employment details
- Financial details
- Services, for example, details of services accessed or offered by providers
- Lifestyle and social circumstances
- Physical and/or mental health details
- Visual images, personal appearance, and behaviour, for example, if CCTV images are used as part of building security
- Details held in the client’s records, where we hold or manage the clients’ records
- Responses to surveys, where individuals have responded to surveys sent by Bannerdale Osteopaths
Our legal basis for collecting and processing this data is because you have either given us consent to process this data as part of the provision to you of the services purchased by you or because the processing of your data is necessary for a contract we have with you. All sensitive data is encrypted and stored securely using industry-standard data encryption and we perform regular security audits.
2.1.1 Information for job applicants and employees:
Bannerdale Osteopaths will process information provided by applicants either directly or via third parties such as job application sites, for the management of their application and the subsequent selection process. This involves providing details to the shortlisting and selection panels. Other details are kept helping fulfill our obligations to monitor equality and diversity within the organisation and in the application process.
We also process sensitive classes of information for our employees that may include:
- Racial and ethnic origin
- Trade union membership
- Religious or similar beliefs
- Employment tribunal applications, complaints, accidents, and incident details
- Criminal Offence data (including alleged offenses), criminal proceedings, outcomes, and sentences
This information will generally relate to our job applicants (if successfully offered a position with us) and our employees, this is covered by the Privacy Notice for Employees, or for those health professionals we manage.
Our legal basis for collecting and processing this special category data is because the processing of your data is necessary for a contract we have with you and our additional special condition for processing this special category data is that it is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject. All sensitive data is encrypted and stored securely using industry-standard data encryption, multiple layers of firewalls are in place, and we perform regular security audits.
2.1.2 Personal information from you about others:
Through your use of our services, we may also collect information from you about someone else, such as friend referrals. If you provide Bannerdale Osteopaths with personal information about someone else, you must ensure that you are authorised to disclose that information to Bannerdale Osteopaths and that, without Bannerdale Osteopaths taking any further steps required by applicable data protection or privacy law, Bannerdale Osteopaths may collect, use and disclose such information for the purposes described in this Policy.
This means that you must take reasonable steps to ensure that the individual concerned is aware of and/or consents to the various matters detailed in this Policy, including the fact that their personal information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information, Bannerdale Osteopaths’ identify, and how to contact Bannerdale Osteopaths.
Where requested to do so by Bannerdale Osteopaths, you must also assist Bannerdale Osteopaths with any requests by the individual to access or update the personal information you have collected from them and passed on to us for the service.
2.2 How we use the information we collect about you:
Your information may be used to:
- Check and report internally how effective Bannerdale Osteopaths and the products and services we offer has been
- Investigate complaints, legal claims or important incidents
- Make sure Bannerdale Osteopaths continues to meet our patients needs both now and in the future
- Review the care provided to make sure that this continues to be of the highest possible standard
- Manage specialised services that Bannerdale Osteopaths provides through third parties
We may keep your information in written form or on a computer. Whenever possible all information that identifies you will be removed. Our legal basis for collecting and processing this information is our legitimate interests in knowing more about our clients or it is necessary for a contract we have with you.
Bannerdale Osteopaths is a Data Controller for the Physitrack and Cliniko service; provided by our third party processors Mindbody Online and Clinko. This system holds personal health-related data of all clients registered with our clinic.
Our legal basis for collecting and processing health-related information obtained from our clients (special category data) is because the processing of your data is necessary for a contract we have with you and our additional special condition for processing this special category data is that it is necessary for the provision of health or social care or treatment.
For more information please contact firstname.lastname@example.org
2.2.1 Sharing your information:
There are a number of reasons why we may share your information. This can be due to:
- Our obligations to comply with current legislation
- Our duty to comply with a Court Order
- You have consented to disclose
To read more about our Frequently Asked Questions regarding use of your data, please click here.
Cookies and how they Benefit You
Our cookies help us:
- Make our website work as you’d expect
- Remember your settings during and between visits
- Offer you free services/content (thanks to advertising)
- Improve the speed/security of the site
- Allow you to share pages with social networks like Facebook
- Continuously improve our website for you
- Make our marketing more efficient.
- Collect any personally identifiable information (without your express permission)
- Collect any sensitive information (without your express permission)
- Pass personally identifiable data to third parties
- Pay sales commissions
4.0 Information Security:
We are committed to protecting Bannerdale Osteopaths and our service users from unauthorised access to or unauthorised alteration, disclosure or destruction of information that we hold. We do this through:
- Encryption of many of our services using SSL
- We review our information collection, storage, and processing practices, including physical security measures, to guard against unauthorised access to systems
- We restrict access to personal information to Bannerdale Osteopaths employees, contractors, and agents who need to know the information in order to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined, their contract terminated or appropriate legal action taken if they fail to meet these obligations.
Our induction process and regular training ensure that all our employees are aware of their responsibilities and best practice guidelines; ensuring the necessary safeguards and appropriate use of person-identifiable and confidential information. Under the Bannerdale Osteopaths Code of Conduct, all our employees are also required to protect your information and inform you of how your information will be used. This includes, in most circumstances, allowing you to decide if and how your information can be shared. Everyone working in Bannerdale Osteopaths is subject to the common law duty of confidentiality. Information provided in confidence will only be used for the purpose advised and consented to by the service user, unless it is required or permitted by the law.
5.0 Where Bannerdale Osteopaths stores your data:
All of our data storage is compliant with current legislation which requires; Personal data shall not be transferred to a country or territory outside the European Economic Area (EEA) unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
- Google (email and file storage systems)
- Physitrack & PhysiApp (virtual appointments and exercise system)
All data stored outside the EEA and US is covered by contracts to ensure the country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data in accordance with the GDPR.
- Cliniko (patient management software)
- Cliniq Apps (customer relationship CRM)
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
6.0 How long we store your data for:
All medical data will be stored for a minimum of 8 years or until age 25 if under 18. For details on the length of storage of non-medical personal data please see our FAQ regarding data use.
7.0 Transparency and choice:
People have varying privacy concerns and our goal is to be as clear and transparent as possible with regards to the information we collect so that you can make choices about how this is used. You can:
- Adjust/update your preferences with regards to how we market our products and services to you by contacting email@example.com
- Unsubscribe from any communication we send you using the option within the communication giving you control of what you receive
At any point whilst Bannerdale Osteopaths are in possession of, or processing your personal data, all data subjects have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply you have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
9.0 Contacting Bannerdale Osteopaths:
10.0 Resources and Further Information
Copyright 2020 Bannerdale Osteopaths Ltd. All rights reserved.