Call 01702 342329

Official Chiropractors for Southend United F.C. & West Ham United F.C. Women

Back care clinic near me essex southend-on-sea

Patient Data Privacy Notice

Backworks Back and Neck Pain Clinic Limited (“Backworks” or “We” or “Us”) are committed to protecting and respecting your privacy. This policy (together with our privacy notice located on our website [https://backpainsouthend.co.uk/data-policies/website-privacy-notice/]  and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. The rules on processing of personal data are set out in the General Data Protection Regulation (the “GDPR”).

1. Definitions

Data controller – A controller determines the purposes and means of processing personal data.

Data processor – A processor is responsible for processing personal data on behalf of a controller.

Data subject – Natural person

Categories of data: Personal data and special categories of personal data

Personal data – The GDPR applies to ‘personal data’, meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier (as explained in Article 6 of GDPR). For example, name, home address or private email address.

Special categories personal data – The GDPR refers to sensitive personal data as ‘special categories of personal data’ (explained in Article 9 of GDPR). Special categories specifically include health data.

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, examples include: collection, recording, organisation, structuring, storage, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, erasure or destruction.

Third party – means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

2. Who are we?

Backworks is the data controller and we decide how your personal data is processed and for what purposes. Our contact details are: email at backworkssouthend@gmail.com and telephone number 01702 342329. For all data matters contact our Data Representative Jonathan Hicks.

3. The purpose(s) of processing your personal data

We use your personal data in the context of providing you with chiropractic and / sports massage and / or other services (and in each case products related thereto).

4. The categories of personal data concerned

With reference to the categories of personal data described in the definitions section, we process the following categories of your data:

* Personal data: to identify you, contact you and your next of kin and other medical professionals, process payments, keep records of the services and products we provide to you and communications with you in connection with those services, and to provide you with marketing material about the services and products that we can provide; and

* Special categories of data: medical and health data in connection with and / or relevant or related to the services and products that we provide to you.

We have obtained your personal data from yourself and possibly from other medical health practitioners detail of whom have been provided to us by you.

5. What is our legal basis for processing your personal data?

a) Personal data (article 6 of GDPR)

Our lawful basis for processing your general personal data:

Screen Shot 2018 05 21 at 22.53.02 e1526939623267

b) Special categories of personal data (article 9 of GDPR)

Our lawful basis for processing your special categories of data:

Screen Shot 2018 05 21 at 22.57.13 1 e1526939896512

More information on lawful processing can be found on the ICO website.

6. Sharing your personal data

Your personal data will be treated as strictly confidential, and will be shared only with:

A: Other medical practitioners or Third Parties, in each case in the context of our providing chiropractic and / or sports massage and / or other services to you;

B: Other medical practitioners, our governing bodies (currently the British Chiropractic Association and General Chiropractic Council), insurers and legal practitioners in the case of any potential or actual complaints and / or claims in connection with the services provided to you.

7. How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary; and we only retain your data for the following purposes and use the following criteria to determine how long to retain your personal data: to provide you with chiropractic and / or sports massage and / or other services; and after you cease to be a patient to maintain the integrity of our accounts system and to keep appropriate records in case you need further treatment or there is a (potential) claim or complaint.

8. Providing us with your personal data

We require your personal data as it is a contractual requirement, or a requirement necessary to enter into a contract.

9. Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

* The right to request a copy of the personal data which we hold about you;

* The right to request that we correct any personal data if it is found to be inaccurate or out of date;

* The right to request your personal data is erased where it is no longer necessary to retain such data;

* The right to withdraw your consent to the processing at any time, where consent was our lawful basis for processing the data;

* The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability) where applicable;

* The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;

* The right to object to the processing of personal data, (where applicable i.e. where processing is based on legitimate interests; and direct marketing).

10. Transfer of Data Abroad

We use cloud-based technologies. This means that we may share your information outside the European Economic Area (“EEA”). Where we do so, we seek to ensure that appropriate safeguards are in place (for example contractual safeguards). Some of these countries may have lower standards of data protection than in the United Kingdom, and not all countries outside of the EEA have data protection laws that are similar to those in the EEA, so they may not be regarded by the European Commission as having an adequate level of data protection.

11. Automated Decision Making

We do not use any form of automated decision making in our business.

12. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

13. Changes to our privacy policy

If we make material changes to our privacy policy in the future, where appropriate, we will notify you by e-mail or such other means as we have agreed with you.

14. How to make a complaint

To exercise all relevant rights, queries or complaints please in the first instance contact our Data Representative, Jonathan Hicks, at backworkssouthend@gmail.com or by telephone on 01702 342329. If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.