Peacocks North East foot Centre Privacy Notice
This Privacy Notice describes how and when we collect, use, and share information when you attend an appointment at our clinic and retail centre, purchase a product from us physically or online, contact us, or otherwise use our services. This is to comply with the General Data Protection Regulations (GDPR) 2018.
Information We Collect Your Personal Information
To aid your treatment or as part of purchasing something from our business you will normally provide us with certain information, such as your name, email address, postal address, medical information and payment information. We will store your information on an electronic patient record and diary system which is fully password protected. We also use paper records to record the initial information given by you and for sales records. We will also store your information on electronic sales records that will be shared with 3rd party electronic services for sales purposes.
Why we Need Your Information and How we Use It
We rely on a number of legal bases to collect, use, and share your information, including:
- where it is necessary for the purposes of the provision of health care as needed to provide our services, such as when one of our clinicians use your information to fulfil your podiatry assessment and treatment, or when any member of staff is providing customer support;
- when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for my mailing list;
- if necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law;
- To process the sale, provision and delivery of goods
With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email, web, text or telephone about relevant products and services including, special offers, discounts, promotions, and so on.
You are free to opt out of hearing from us by any of these channels at any time.
We may also send you relevant, personalised communications by post in relation to appointment recalls or reminder information updates, services and products. We’ll do this on the basis of our legitimate business interest.
You are free to opt out of hearing from us by post at any time.
Information Sharing and Disclosure
Information about our patients and customers is important to our business. We share your personal information for very limited reasons and in limited circumstances, as follows:
- Medical professionals. With your consent we will share information with medical professionals such as your GP or consultant to allow continuity of care.
- Compliance with laws. We may collect, use, retain, and sh.are your information if we are legally required to.
- To process the sale, provision and delivery of goods.
As we also treat NHS patients, we apply rigorous rules known as Caldicott Priciples that apply to the handling of that patient data and also apply those rules to our private patients
The Caldicott Principles were developed in 1997 following a review of how patient information was handled across the NHS. The Caldicott principles, which were updated in 2013, should be employed to examine the conditions under which patient-identifiable information is used or shared. They are as follows;
- • Principle 1 — justify the purpose(s) for using confidential information.
• Principle 2 — only use confidential information when absolutely necessary.
• Principle 3 — use the minimum information that is required.
• Principle 4 — access to confidential information should be on a strict need-to-know basis.
• Principle 5 — everyone must understand their responsibilities.
• Principle 6 — understand and comply with the law.
• Principle 7 — the duty to share personal information can be as important as the duty to have regard for patient confidentiality.
The Caldicott Guardian
The role of the Caldicott Guardian for both health and social care covers not only the principles outlined above but also the wider aspects of information management, including:
• the Data Protection Act 2018
• the NHS Act 2006 (section 251)
• the Freedom of Information Act 2000
• the Human Rights Act 1998
• the Computer Misuse Act 1990
• the NHS Constitution (January 2009, updated February 2015)
• NHS Information Governance
The Caldicott Guardian at Peacocks Medical Group is a senior person responsible for protecting the confidentiality of patient and service-user information and enabling appropriate information-sharing.
Our Caldicott Guardian is;
Cameron Hall BSc(Hons) MBAPO
Peacocks Medical Group
Benfield Business Park,
Newcastle upon Tyne NE6 4NQ
Phone: 0191 276 9600
Transfers of Personal Information Outside the EU
We may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, we may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If we are deemed to transfer information about you outside of the EU, we rely on Privacy Shield as the legal basis for the transfer,
An overview of your different rights
You have the right to request:
- Access to the personal data we hold about you
- The correction of your personal data when incorrect, out of date or incomplete.
- The deletion of the data we hold about you, in specific circumstances. For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end (e.g. the end of a product warranty).
- A computer file in a common format (e.g. CSV or similar) containing the personal data that you have previously provided to us and the right to have your information transferred to another entity where this is technically possible.
- Restriction of the use of your personal data, in specific circumstances, generally whilst we are deciding on an objection you have made.
- That we stop processing your personal data, in specific circumstances. For example, when you have withdrawn consent, or object for reasons related to your individual circumstances.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
You can contact us to request to exercise these rights at any time by emailing or writing to David Eardley firstname.lastname@example.org / Peacocks North East Foot Centre. 1a St Thomas Street, Newcastle upon Tyne, NE1 4LE
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
Concerns or complaints over how we use your data
If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with the Information Commissioner www.ico.org.uk
How to Contact us
For purposes of the GDPR, David Eardley North East Foot Centre manager is the data controller of your personal information. If you have any questions or concerns, you may contact him at email@example.com. Alternately, you can write to us:
Peacocks North East Foot Centre. 1a St Thomas st, Newcastle upon Tyne, NE1 4LE