Purpose of this document
This document sets out why we collect your personal data and what we do with it.
We are allowed to process your data only if we have a legitimate reason to do so, such as when it is in our joint legitimate interest in order to provide you with treatment when you consent to it or in order to comply with aspects of the law.
When you supply your personal details to Scofield Chiropractic, they are stored and processed for the following reasons:
- We need to be able to identify you, provide a service and take payments.
- We need to collect your personal health-related information in order to provide you with treatment. By contacting us and requesting treatment and our agreement to provide you with treatment constitutes a contract. If you were to refuse to provide the information, we would not be able to provide you with any treatment.
- We have a legitimate interest in collecting your health information because without this we could not provide you with the level of care or treatment which is specific and tailored to your health or contact you about your health when needed.
- We believe that it is in your legitimate interest that we are able to contact you to confirm your appointments with us or to update you on matters related to your care.
- We need to collect personal details in order to respond to you when you have provided us with feedback regarding your care and our service.
Marketing or informative communications
Provided we have your consent, we may occasionally send you communications in the form of articles, advice or newsletters/offers. If you have not expressly provided this consent and you were added to our system before 25th May 2018, we will continue to contact you legitimately under ‘soft opt in’ because a relationship already exists. You are our patient and you have accessed our services in the past. After 25th May 2018, new patients need to expressly opt in to marketing preferences.
You can always withdraw your consent to receiving any of our marketing communications. Every communication will give you a clear option to unsubscribe.
Legally, we have an obligation to retain your medical records for anyone up to the age of 25 or for 8 years following your most recent appointment. After this period you have the right to be forgotten and you can ask us to delete your records. Otherwise, your records will be retained indefinitely in case you come back to see us in the future. We would then be in the best position to resume your care.
Storage of data
Patient records are stored on paper files, locked in a filing cabinet, in the clinic which is always locked out of hours. Your records are also stored electronically, using specialist software for managing our patient base and diary management. This software is unique to our clinic and none of the data is shared online or can be accessed online. The information on the clinic computer does not hold any medical information.
Access to data is password-protected, with passwords being changed regularly.
Access to your data
We will never share information with anyone who does not need access to your data without your written consent. The only people who will have routine access to your data are:
- Your practitioner in order that they can provide you with care.
- Our reception team, because they manage our patient data, diary systems, assist in the provision of care and complete daily file pulls.
- In the event of illness or holiday, we may need to use locum practitioners to cover. This helps to maintain capacity in our clinics and maintain your level of care whilst your practitioner is off. This will give them access to your personal data and your medical notes which they will need in order to understand your care and provide you with the best level of care whilst your practitioner is off. We enter into contracts with practitioners for locum cover with confidentiality agreements in place to ensure that patient information is treated with the highest levels of care.
We are under an obligation to inform the Information Commissioners Office of any data breaches within 72 hours.
You have the right to request the details of your personal data which we hold. You have the right to ask us to update your information if it is not correct and you also have the right to be forgotten, providing that the minimum medical requirements (mentioned above) are adhered to. You can also object to the processing of your data or question the grounds for which we are processing your data under ‘legitimate reasons’. You can exercise these rights by completing a request form.
Concerns or complaints
If you have any concerns or complaints about how we have dealt with your personal data, you have the right to complain. Complaints or any general queries need to be sent to our Data Controller;Ian Nothling using the following e-mail address: firstname.lastname@example.org
Telephone number: 01787372825
Or write to us at:
Scofield Clinic 11 Kings Hill, Sudbury CO10 0EH
If our response is not satisfactory, you have the right to raise the issue with the Information Commissioner’s Office.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
A cookie is a small file that asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
- if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at: email@example.com
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please write to Scofield Clinic 11 Kings Hill, Sudbury CO10 0EH.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.