Introduction
This privacy policy explains how we use any personal information we collect about you when you interact with East Devon Podiatry either online or offline (at the clinic).
Online information
PERSONAL CONTACT INFORMATION
We collect personal contact information (name, telephone number, email address and a free text comment) about you when you contact us via the web form on our website.
PATIENT-GENERATED FEEDBACK AND CONTENT
Contact forms
This includes information that you voluntarily share directly with us via a contact form. This is usually your name, telephone number, clinic day preference and an optional free comment field.
Reviews and feedback
This includes information that you voluntarily share directly with us or on a review site such as Yell, Google, Facebook etc., about your experience of using our products and services.
PATIENT GENERATED BLOG CONTENT
This refers to any content that you create and upload directly to our Website (such as our blog), or else share with us on a social network like Facebook. Examples include comments, reviews, photos, videos, personal stories, or other similar media or content.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
WEBSITE TRACKING DATA
Cookies
See Cookies section.
Website Analytics
See Website section.
PAYMENT INFORMATION
Any information that we need in order to fulfil an order, or that you use to make a purchase, such as your debit or credit card details (if applicable). No card details are stored or collected by this website. We use Paypal and Stripe to process payments and they handle all card transactions. We handle payment and financial information in a manner compliant with applicable laws, regulations and security standards.
Offline information (at the clinic)
PERSONAL DATA
We collect personal information (name, date of birth, address, telephone number and email address) about you when you register with us at the clinic in order to have sufficient information with which to create a unique patient record.
SPECIAL CATEGORY PERSONAL DATA
When you interact with East Devon Podiatry representatives by telephone or in person at the clinic we may collect special categories of personal information regarding your health. These include your medical history, allergies, list of medications, podiatry history, podiatry examination data, podiatry photographs, GP name, GP practice address.
PAYMENT INFORMATION
Any information that we need in order to fulfil an order, or that you use to make a purchase, or pay for treatment such as your debit or credit card details (if applicable). No card details are stored or collected by East Devon Podiatry. We use Sumup to handle card transactions in the clinic. We, and Sumup, handle payment and financial information in a manner compliant with applicable laws, regulations and security standards.
Online
We collect personal contact information about you in order to manage your patient record and contact you to arrange appointments.
Legal grounds:
The legal ground for processing your name, telephone number and email address for this purpose is based on East Devon Podiatry’s legitimate interest in contacting you to arrange appointments and your consent for us to contact you.
If you provide your opt-in consent to receiving marketing emails from East Devon Podiatry, East Devon Podiatry may send you information about special offers and promotions, educational information, or to ask you to provide feedback on your treatment.
Legal grounds:
The legal ground for processing your email address for this purpose is your consent. You may withdraw your consent or update your preferences at any time through the links provided at the bottom of our marketing emails.
Offline – at the clinic
We collect personal contact information and special category personal data about you in order to manage your patient record. We use this information to maintain patient records and to provide you with appropriate healthcare and to monitor the quality of healthcare we provide to our patients.
Legal grounds:
The legal ground for processing this information for these purposes is East Devon Podiatry’s legitimate interests in providing quality healthcare and your consent for us to use this information.
Online (website data)
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Offline (clinic data)
The retention period of podiatry records is normally a minimum of 8 years after the last appointment. For customers who are not patients but may have bought products from our business we will keep any data you may have provided for a minimum of 6 years in line with tax legislation.
We will store a limited amount of personal contact information electronically which is password protected. Your medical records are paper based and stored securely.
- We use a variety of reasonable measures (described below) to keep your personal information confidential and secure. Only a very limited amount of personal information is stored electronically. The transmission of information via the Internet is, unfortunately, not completely secure and although we will do our best to protect your personal information, we cannot guarantee the security of the data during transmission through our website or by email. Please remember this when adding optional comments on the website form. Please also note that these protections do not necessarily apply to information you choose to share in public areas such as social networks or review sites.
People who can access your Personal Data
Your personal information will be processed by our authorised staff, on a need to know basis, depending on the specific purposes for which your personal information has been collected.
Transfer of your personal information over the Internet
Although East Devon Podiatry is a local business, in order to communicate with you by email your personal data (such as your email address) may be handled by servers located outside of the EEA e.g. in the United States. Examples include website hosting servers and web-based forms used by potential patients visiting our website in order to communicate with us.
VISITOR COMMENTS ON OUR BLOG
Visitor comments may be checked through an automated spam detection service.
Storage in the Cloud and Email Campaigns
We may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, we may transfer a limited amount of personal information to a jurisdiction with different data protection and government surveillance laws than the UK. If we transfer information about you outside of the EU, we rely on Privacy Shield as the legal basis for the transfer. You can also learn more about Privacy Shield at https://www.privacyshield.gov.
The services we use for cloud storage and communication emails are Privacy Shield certified.
Employees of East Devon Podiatry
Everyone working for East Devon Podiatry has a legal duty to keep information about you CONFIDENTIAL
You may be receiving care from other people as well as East Devon Podiatry, for example your GP or the hospital. So that we can all work together for your benefit we may need to share information about you. We only ever use or pass on information about you if people have a genuine need for it. Anyone who receives information from us has a legal duty to keep it confidential. Your relatives, friends and carers will only be given information about you if you have given us permission to share it with them.
Other healthcare professionals:
In order to maintain continuity of care, we may disclose personal data and special category personal data regarding your health to your General Practitioner, consultant or other podiatrists and allied healthcare professionals (if applicable) who work on behalf of East Devon Podiatry, only if directly involved in your care.
Service providers
We may engage certain trusted third parties to perform functions and provide services to our business, such as external reception services. We will share your personal contact information with these third parties, but only to the extent necessary to perform these services.
Business transfers
If we sell or merge our business, we may disclose your information as part of the transaction, only to the extent permitted by law and with your consent.
Compliance with laws
We may collect, use, retain, and share your information if we are required to.
- We would like to send you information about products and services of ours which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes and can do so by clicking the unsubscribe link at the bottom of any marketing email you receive from us.
Your podiatry care will not be impacted in any way if you refuse consent to receive marketing type emails.
- You have a number of rights in relation to your personal information.
Access
You have the right to access and receive a copy of the personal information we hold about you by contacting us using the contact information below.
WEBSITE DATA
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Change, restrict or deletion
You may also have rights to change, restrict our use of, or delete your personal information. In the case of health records these are normally exempt from change and deletion requests.
Object
You can object to receiving marketing messages from us after providing your express consent to receive them. In such cases, we will delete your personal information unless we have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
Complain
If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with the Information Commissioner www.ico.org.uk.
Website Usage Information
As you navigate through and interact with our Website or newsletters, we use automatic data collection technologies to collect certain information about your actions. This information may include browser type, browser language, date and time of your request, time(s) of your visit(s), page views and page links that you click. This information is captured using automated technologies such as cookies (browser cookies), Facebook pixels and web beacons, and is also collected through the use of third party tracking services (such as Google Analytics). We use this information to provide better, more relevant content on our site, to identify and fix problems, and to improve your overall experience on our site.
If you do not want information collected through the use of these technologies, there is a simple procedure in most browsers that allows you to automatically decline many of these technologies, or to be given the choice of declining or accepting them.
Here are examples of third-party providers of analytics and similar services we currently use:
GOOGLE ANALYTICS
Google Analytics is used to track site statistics and user demographics, interests and behaviour on websites. We also use Google Search Console to help understand how our website visitors find our website and to improve our search engine optimisation. Once you leave our site we do not track you. The analytics data are aggregate and anonymous and do not identify any individual user.
Find out more information about how this analytics information may be used, how to control the use of your information, and how to opt-out of having your data used by Google Analytics.EMAIL CAMPAIGNS
Email campaigns track the activities associated with marketing emails, such as whether they were opened, whether links in the emails were clicked on, and whether purchases or reviews were made following clicks on those links. East Devon Podiatry uses this data to analyse the level of engagement with its emails.
EMBEDDED CONTENT FROM OTHER WEBISTES
See section on Other Websites.
- Please also review our Cookie Policy.
What is a cookie?
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. All cookies are used in accordance with current UK and EU Cookie Law. Before the website places cookies on your computer, you will be presented with a pop-up requesting your consent to set those cookies. Some cookies are required for core functionality of the website.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. We only use cookies to maintain core site functionality. By disabling cookies some of our website features may not function as a result.
Website Cookies
LEAVING COMMENTS
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
LOGGING IN TO YOUR ACCOUNT
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
EDITING OR PUBLISHING ARTICLES
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
- Our website may contain links to other websites. This privacy policy only applies to our website so when you link to other websites you should read their respective privacy policies.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
- We keep our Privacy Policy under regular review. We may update this Privacy Policy from time to time as we add new functionality to our website or offer new services and products, or as laws change. Any changes will become effective upon our posting of the revised Privacy Policy.
We will provide notice to you if these changes are material and, where required by applicable law, we will obtain your consent. This notice will be provided by email or by posting notice of the changes on the East Devon Podiatry website. This Privacy Policy is available at the clinic and on our Website.
This Privacy Policy is effective from 30 May 2019.
- Your personal data collected by East Devon Podiatry is controlled by East Devon Podiatry, located at The Beacon Medical Centre, Sedemuda Road, Sidmouth, Devon, EX10 9YA. The Data Controller is Susan Pyle who can be contacted by email at sue@devonpodiatry.co.uk.
- Please contact us if you have any questions about our privacy policy or information we hold about you:
- by email to sue@devonpodiatry.co.uk
- by writing to Sue Pyle at:
East Devon Podiatry
The Beacon Medical Centre,
Sedemuda Road
Sidmouth
Devon
EX10 9YA.