Privacy Policy for www.dieprootsreflexology.com

We care about the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by www.dieprootsreflexology.com and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in www.dieprootsreflexology.com. This policy is not applicable to any information collected offline or via channels other than this website.

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Information we collect

Any personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

How we use your information

We use the information we collect in various ways, including to:

•          Provide, operate, and maintain our website

•          Improve, personalize, and expand our website

•          Understand and analyse how you use our website

•          Develop new products, services, features, and functionality

Log Files

www.dieprootsreflexology.com follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.

Cookies and Web Beacons

Like any other website, www.dieprootsreflexology.com uses ‘cookies’. These cookies are used to store information including visitors’ preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users’ experience by customizing our web page content based on visitors’ browser type and/or other information.

Third Party Privacy Policies

www.dieprootsreflexology.com’s Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.

 

 GDPR Notice

In line with the current GDPR legislation, this notice tells you what personal information I collect, retain and the reasons why, and what your rights are under this legislation.

Ways I collect your data:

  • If you have an appointment for reflexology with Diep Roots Reflexology I will collect personal information via our Initial Client Consultation form. This may be completed online, by emailed document or via a written form in person.

  • You may have signed up to Diep Roots Reflexology communications including newsletters either online or via a physical paper form.

  • You may have attended a workshop or other event run by me.

  • You may have emailed me directly.

Processing your data:

Your data may be used in the following ways:

  1. I need to collect personal information regarding your health in order for you to make an appointment and for me to provide you with the most effective treatment options

  2. I need to keep treatment notes after each session to allow me to provide you with tailored aftercare advice and suggestions as follow-up information to your treatment

  3. I may contact you to tell you about the services I offer

  4. Information may be shared with other health professionals with your consent or upon your request.

  5. I will never share your personal information with any third parties without your written consent or request.  

Retaining your data:

I have a legal obligation to retain your client records as a health care practitioner for the following reasons:

  1. Insurance and Accounts records for 7 years

  2. Children’s records until they are 25 (26 if treated at age 17)

  3. CNHC requirements to retain information for 8 years 

In addition, information collected about your current health and medical history is for me to fulfil my role as a health care practitioner bound under the Confidentiality clauses of the Code of Practice and Ethics of the AoR.

 Data Security:

  • My database is registered with the ICO under the Data Protection Act and is stored on a passcode protected laptop. It is also backed up on a Dropbox server which is GDPR compliant.

  • Emails are stored by a passcode protected account and are deleted on a regular basis unless required for legal purposes.

  • Any data accessible via my smartphone is also protected by a passcode and is GDPR complaint via Apple software.

  • My mailing list is held via Mailchimp in a passcode protected account and is GDPR compliant via Mailchimp procedures.

  • Paper client notes are filed securely in my home or carried by me personally.

Your Rights:

  • You have the right to request access to your personal data, to verify it is lawfully processed. I will respond to any request within 30 days.

  • You also have the right to request correction of any data that you think is inaccurate, has factual errors or is incomplete.

  • You may unsubscribe/be removed from my email and other marketing communications at any time.

  • You may ask to be deleted from my database and have your notes erased once the legal minimum time period outlined above has elapsed.

If you make a request, I have 30 days to respond to you. If you would like to exercise any of these rights, please contact us.