GDPR - Data Protection Policy

From the 25th May 2018 the laws on data protection are changing with the introduction of the new General Data Protection Regulation (GDPR). In order to fully comply with the new regulations, we must have your permission to hold, store and use your personal data.

The Types of Personal Data we will collect and use

As part of the initial registration and consent of a new patient, we will collect information relating to the following.

·         Personal contact details (e.g. Home address, Email address, Home and mobile phone numbers)

·         General Personal details such as date of birth

·         Medical details including medical history and medication taken.

Using your Personal Information

Your data will only be accessed by personnel associated with The Dunstable Foot Clinic Ltd. This includes both employed staff and associated self-employed practitioners working from the clinic. 

·         The information held will be used to ensure continued safe practice and maintain accurate treatment records.

·         For contacting patients. This will include appointment reminders via phone, text or email.

·         Marketing and offers from The Dunstable Foot Clinic Ltd.

·         Referral to other professional persons (i.e. Doctors or other medical professionals)

Sharing of Personal Data

Your data will never be sold or shared with third parties outside the clinic

Data Storage

All data is held and stored securely in encrypted files with our clinic office software provider off site. No data is held directly on our computer systems. Data can only be accessed by authorised staff and practitioners with password security.

Removal of Data

The Dunstable Foot Clinic Ltd. will retain and maintain accurate records of your personal data for the purpose of providing safe and appropriate treatments on an ongoing basis. However, should a patient not attend the clinic for a 24-month period then they will be deemed to be ‘inactive’. After an additional 60 months (7 years in total) all data connected to that patient will be permanently and securely destroyed.

CCTV

CCTV is in operation 24 hours a day for the mutual protection of the clinic personnel and customers. Your image will be held for up to 7 days before being overwritten.

Any patient has the right to have their personal data erased at any time.