The Herbal and Healing Clinic
55 Cudham Lane North
Orpington, Kent, BR66BX
Herbalist and Healer
is concerned with why I collect your personal data and what I do with it.
I take your privacy seriously and will only use your
personal information to provide the services you have requested of me.
When you provide your personal details to me they are
stored and processed for 4 reasons (the
words in bold below are the relevant terms used in the Data Protection Act 2018,
which includes the General Data Protection Regulation- that is the Law);
I need to collect personal
information about your health in order to provide you with the best possible
treatment. Your requesting treatment and my agreement to provide that care
constitutes a contract.You can of course,
refuse to provide that information,
but if you were to do that I would be unable to provide treatment.
I have a “Legitimate Interest” in collecting this information, because
without it I could not do my job effectively and safely.
It is also important that I am able
to contact you to confirm your appointments with me or to update you on matters
related to your medical care. This again constitutes “Legitimate Interest”but this time it is your legitimate interest.
Providing I have your consent,I may occasionally send you
general health information in the form of marketing materials. You can withdraw
this consent at any time –just let me know by any convenient method.
I have a legal
obligation to retain your records for 8 years after your most recent appointment
or consultation (or age 25 years if this is longer), but after this period you
can ask me to delete your records if you wish. Otherwise I will retain your
records indefinitely in order that I can provide you with the best possible
care should you need to consult me at a future date.
Your records are stored:
On paper, in locked filing cabinets
and the office is locked and alarmed when not in use.
On my computer in the case of
letters, reports, invoices etc. These are password protected, backed up
regularly and in a secure area.
Your data is only available to myself
and is not available to anyone without written consent.
I also use Mozilla Thunderbird for
emailing and coordinating messages, so your name and email address may be saved
on their server.
Your medical records are not
available to anyone else, only to me for the purpose of treatment.
You have the right to see what
personal data of yours I hold and you can ask me to correct any personal
errors. Providing the legal minimum period has elapsed, you can also ask me to
erase your records.
I want you to be absolutely confident
that I am treating your personal data responsibly and that I am doing
everything I can to make sure that only the people who can access that data
have a genuine need to do so.
Of course, if you feel that I am
mishandling your personal data in some way, you have the right to complain.
Complaints need to be sent to the “Data Controller”.
The Data Controller is Graeme Litchfield, 55 Cudham Lane North,
Orpington, Kent, BR66BX.
If you are not satisfied with the
response, then you have the right to raise the matter
with the Information Officers Office.
of Privacy Notice