Privacy Policy.

This Privacy Notice describes how and when we collect, use and share your information from interactions of communication (email, phone call, text message, social media) and at each appointment. This is to comply with the General Data Protection Regulations (GDPR) 2018. It is important to us that the information we gather and use in the provision of our services is relevant to the care you receive, is securely stored and is used only to communicate service-related information and continuity of care. This Privacy Notice explains which information is gathered, why certain information is required to be obtained and how we intend to use this information.  This Privacy Notice also describes how the data is stored/retained in line with legislation and states your rights in regard to personal information. This Privacy Notice applies to our website, the electronic notes/documentation software we use, correspondence between yourself and ourselves, email subscription and any other relevant health professional or family member/guardian who may be involved in the provision of care. 


Before consenting to treatment, please ensure you are confident and fully aware of our responsibilities to protect your information and contact us with any queries in relation to our privacy practices. For the purposes of GDPR, we Jennie Laney, Nina Hopkins, Charlotte Lamplough, the Partners of Affinity Podiatry LLP, are the data controllers of your personal information. If you have any questions or concerns, please contact us by email at: affinitypodiatry.com



Information we collect:

  • Names and Next of Kin details

  • Postal addresses

  • Contact details - telephone / email

  • Medical history and medication names

  • GP surgery / practice information

  • Payment information


We do not collect special categories of personal data e.g. race/ethnicity, religious beliefs, political opinion, sexual orientation, criminal convictions.


How we collect the information:


  • Via email / telephone calls / email subscription (newsletter) / website 'contact us' form

  • If you engage with our social media pages (facebook, linkedin)

  • In person during initial consultation and each subsequent appointment

  • We do not intend to collect data from third parties unless that third party is a family member / guardian and has been given explicit consent to provide information on your behalf. This also applies in the cases of Best Interest where explicit consent cannot be obtained due to lack of capacity.


How we use personal information:


  • We rely on a number of legal bases to collect, use and share your information including;

  • When you have provided explicit consent for provision of Podiatry services from the initial assessment, continuation of treatment at subsequent appointments and to provide customer support

  • When you have provided explicit consent (which you may revoke at any time) for any marketing communications from Affinity Podiatry e.g. to share news, tips, updates, special offers

  • If necessary to comply with a legal obligation or court order

When we share / disclose personal data:

We treat personal and sensitive data with confidentiality and only share your information for very limited reasons and in limited circumstances as follows:


  • Medical Professionals - with your explicit consent, we may share your information with medical professionals such as your GP or Consultant to allow continuity of care

  • Business Transfers - If we sell or merge our business,  we may disclose your information as part of that transaction, only to the extent permitted by the law and with your explicit consent

  • Compliance with the Law - we may collect, use, retain and share you information if we are legally required to do so


Where do we securely store and process personal data?


As the nature of the information we collect is both personal and sensitive,  we will store your information on an electronic notes system - Cliniko. This system is a cloud-based processor of information that has encrypted storage and is fully compliant with GDPR. Any breach to this system, we would be notified of the procedures and protocols being followed to safeguard your information. This system also uses third party 'sub-processors' for data storage which are also fully compliant with GDPR.


Our website is registered with a security feature to reduce domain hacking, meaning the website remains under our authorisation and usage alone.

Transfer of personal information outside of the EU:

Cliniko processes and stores your personal information outside of the EU/EEA (Australia) but all relevant documentation is in place through this electronic cloud-based system to ensure that the use of the software and data storage is GDPR compliant.


How long do we keep your personal data for?


We retain your personal information throughout the duration of time you are in receivership of our services. However,  we may also be required to retain this information to comply with our legal and regulatory obligations, to resolve disputes and to enforce our agreements.  The statutory period for the retention of health records for an adult is 8 years after the last appointment. The same time frame applies to deceased patients.


Deletion / disposal of records from Footco can only be completed after the legally required period of time.


Your rights in relation to personal data:


You have a number of rights in relation to your personal information as follows:


  • ACCESS - you have the right to access and receive a copy of the personal information we hold about you by contacting me via the formats stated

  • RECTIFICATION / RESTRICTION / DELETION - you also have rights to change, restrict our use of or instruct us to delete your personal information. In the case of health records, these are normally exempt from change and deletion requests

  • CONSENT - you have the right to withdraw consent of the use of your personal information for provision of services, however without it, continuation of said provision would not be possible

  • OBJECT - you can object to 1) our processing of some of your information based on our legitimate interests and 2) receiving marketing messages from us after having already given explicit consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons

  • COMPLAIN - if you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have) you have the right to do so with the Information Commissioner www.ico.org.uk  



CONTACT INFORMATION

  • Email - enquiries@affinitypodiatry.com

  • Telephone - 01482 234093

  • Postal Address - 8 Southgate, Hessle, East Riding of Yorkshire HU13 0DP