General Data Protection Regulation (GDPR) Policy and Confidentiality
We value your privacy and want to be clear and transparent about the data we collect and process.
Personal information is defined as data relating to an identified or identifiable individual; meaning, information that could be used to identify an individual. We use your personal information only to the extent required to carry out our services to you.
Clients have a right to expect that identifiable information about themselves provided during the course of their treatments will not be shared with other people without their knowledge. The disclosure of identifiable information without client consent to someone they do not know; breaches confidentiality.
Personal data which is collected should be adequate, relevant but not excessive for the purpose for which it is disclosed. Clear Medical will ensure staff members collecting and processing the personal data are trained to do so and follow adequate data protection practices. The data will be accurate and kept up to date.
The types of personal information collected are:
- E-mail address
- Phone number/mobile number
- Date of Birth
- Doctors name and address
- Ethnic origin
- How you found out about the clinic
All client records are kept under strict encoded security at Clear Medical Consulting Ltd. We have introduced appropriate technical and organisational measures to protect the confidentiality and availability of your personal information during collection, processing and storage.
We process your personal data for the following purposes:
- To provide you with a service
- The verification of your identity
- For the ongoing administration of the service
- To allow us to contact you if such need arises
- For payment – we only use the data in an anonymous manner for this purpose
- To enable us to comply with our legal and regulatory obligation
- To offer new products and services to you which are relevant and appropriate, and only to the extent that would be reasonably expected.
Personal health information for informed consent is collected to provide care and the optimum treatment levels to clients and will not be used for any other purposes without the individual’s knowledge and permission. Sharing information with clients about their own health and treatment is an essential part of good practice. It cannot constitute a breach of confidentiality unless the disclosure entails revealing to the client previously unknown information about another identifiable person.
We process your personal health data for the following purposes:
- The recorded history of the treatments carried out
- For the frequency and usage patterns of your treatments
- Price and cost of treatments and products bought from Clear Medical Consulting Ltd
Consent Is Essential
The clinic provides a consent form that clearly states patients to agree or refuse their details (mobile number and email address) to be used for the purposes of all in-clinic marketing campaigns.
You can register with our website if you would like to receive our newsletter as well as updates on our new products and services. Information you submit on our website will only be used for this purpose.
No data is stored for use for Clear Medical marketing campaigns when a user has contacted us through the online consultation form or purchased items through the online shop. Clear Medical staff will encourage clients to adjust their consent if their circumstances change.
When a customer submits a Consultation Request form online with Clear Medical Consulting Ltd, we will share some information to help us respond to your request (only with senior Clear Medical Staff). Whatever information a customer shares on the form will be kept under strictest data protection.
- For the customers’ email addresses, we use return e-mail addresses to answer the e-mail we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
- The customers’ mobile number, as another form of contact.
- The type of treatment or product the consultation form is in reference to; and the days and time they wish to attend.
Appropriate physical, electronic, and managerial procedures are put in place to safeguard and secure the information we collect online.
Only clients who have explicitly given us consent will be contacted for marketing campaigns.
Clients have the right to correct data if it is wrong or to stop marketing information being sent if it is causing damage or distress to them. We will take reasonable steps to verify your identity before making corrections. You can correct factual errors and your personal identifiable information by sending us a request by email that shows the error.
The client can unsubscribe at any time from our email and SMS marketing campaigns by contacting the clinic.
Clear Medical Consulting Ltd does not share information with outside parties.
The clinic takes special measures to prevent unauthorised and unlawful processing, accidental loss and destruction or damage to personal information.
A client also has the right to be forgotten meaning they can ask for their data to be deleted.
The clinic will:
- Seek clients consent prior to the disclosure of information wherever possible, whether or not they judge that clients can be identified from the disclosure.
- Anonymise data
- Keep disclosures to the minimum necessary
- Ensure only senior staff working within Clear Medical Consulting Ltd have access to private information
While clients’ rights to privacy and control of their data are important they are not absolute. Occasions arise where confidentiality not only can be breached but there may be ethical or legal requirements to do so. We will only disclose your information to other parties in the following limited circumstances
- Where we are legally obliged to do so, e.g. to law enforcement and regulatory authorities
- Where there is a duty to disclose in the public interest
- Where disclosure is necessary to protect our interest e.g. to prevent or detect crime and fraud
- Where you give us permission to do so by providing written consent
How Long We May Keep Your Personal Information
We will only retain information for as long as is necessary to deliver the service safely and securely. We may need to retain some records to maintain compliance with other applicable legislation – for example, finance, taxation, fraud and money laundering law requires certain records to be retained for an extended duration, in some cases for up to seven years.
Records will be kept for eight years after the last details have been added. Records that have become time expired will be disposed of in a secure manner.
Staff and client (where necessary) will initial all records to indicate that they are a true reflection of the treatment and its results. If it is necessary to alter any records, both the therapist and the client (where necessary) will initial the alterations.
Clients will have access to specific information regarding their treatment, on request, by completion of a Client Data Access Request form. CDAR forms are available upon request. The data will be made available within a period of 30 days of receipt of submission of the CDAR form. The client data will be made available to the client, in the form of a photocopy or photocopies.
This policy will be reviewed regularly and updated versions will be posted on our websites.
In summary, these policies come into effect 25th of May 2018 and you are able to opt-out of any marketing by selecting the button below. This means that no special offers or advice will be sent to you via SMS, email or post.