The Herbal and Healing Clinic
55 Cudham Lane North
Orpington, Kent, BR66BX
Herbalist and Healer
This notice is concerned with why I collect your personal data and what I do with it.
I take your privacy seriously and will only use your personal information to provide the services you have requested of me.
When you provide your personal details to me they are stored and processed for 4 reasons (the words in bold below are the relevant terms used in the Data Protection Act 2018, which includes the General Data Protection Regulation- that is the Law);
1. I need to collect personal information about your health in order to provide you with the best possible treatment. Your requesting treatment and my agreement to provide that care constitutes a contract.You can of course, refuse to provide that information, but if you were to do that I would be unable to provide treatment.
2. I have a Legitimate Interest in collecting this information, because without it I could not do my job effectively and safely.
3. It is also important that I am able to contact you to confirm your appointments with me or to update you on matters related to your medical care. This again constitutes Legitimate Interest but this time it is your legitimate interest.
4. Providing I have your consent,I may occasionally send you general health information in the form of marketing materials. You can withdraw this consent at any time just let me know by any convenient method.
I have a legal obligation to retain your records for 8 years after your most recent appointment or consultation (or age 25 years if this is longer), but after this period you can ask me to delete your records if you wish. Otherwise I will retain your records indefinitely in order that I can provide you with the best possible care should you need to consult me at a future date.
Your records are stored:
On paper, in locked filing cabinets and the office is locked and alarmed when not in use.
On my computer in the case of letters, reports, invoices etc. These are password protected, backed up regularly and in a secure area.
Your data is only available to myself and is not available to anyone without written consent.
I also use Mozilla Thunderbird for emailing and coordinating messages, so your name and email address may be saved on their server.
Your medical records are not available to anyone else, only to me for the purpose of treatment.
You have the right to see what personal data of yours I hold and you can ask me to correct any personal errors. Providing the legal minimum period has elapsed, you can also ask me to erase your records.
I want you to be absolutely confident that I am treating your personal data responsibly and that I am doing everything I can to make sure that only the people who can access that data have a genuine need to do so.
Of course, if you feel that I am mishandling your personal data in some way, you have the right to complain. Complaints need to be sent to the Data Controller .
The Data Controller is Graeme Litchfield, 55 Cudham Lane North, Orpington, Kent, BR66BX.
If you are not satisfied with the response, then you have the right to raise the matter
with the Information Officers Office.
End of Privacy Notice