Privacy Policy | The Garioch Clinic | Inverurie, Aberdeenshire

Data Protection and Privacy Statement

This privacy policy describes how and when we collect, use and share information when you have a podiatry appointment, buy a product from us, contact us, or otherwise use our services. This is to comply with the Data Protection Act 2019 (DPA). All reasonable steps are taken to protect your data and we take you privacy seriously.

Information We Collect

To aid your treatment or as part of purchasing something from our business you will normally provide us with certain information, such as your name, email address, postal address, medical information and payment details.

Why We Need Your Information and How We Use It

We rely on a number of legal requirements to collect, use and share your information, including:

·      Where it is necessary to provide a podiatry health care service, such as when we use your information to fulfill your podiatry assessment and treatment, or to provide customer support;

·      When you have provided consent, which you may revoke at any time;

·      If necessary when required by law to comply with a legal obligation or court order in connection with a legal claim, such as retaining information about your purchase.

Information Sharing and Disclosure

Information about our patients/customers is important to our business. Medical notes will only be accessible by Podiatrists. We share your personal information for very limited reasons and in circumstances only as follows:

·      To medical professionals with your consent, e.g your GP or consultant to allow continuity of care;

·      In compliance with laws if legally required to.

Date Retention

We retain your personal information only for as long as necessary to provide you with our services. However, we may also be required to retain this information to comply with our legal and regulatory obligations to resolve disputes, and to enforce our agreements. There is a legal requirement to keep medical notes for a period of time after last treatment (minimum of 7 years). Your details will be destroyed after this period. For customers who are not patients but have bought products from our business, we retain data you may have provided for a minimum of 6 years in line with tax legislation.

Data Storage and Protection

At present data is stored on written documents and a dairy system securely protected in a locked area. We are in the process of introducing a cloud based system using the cliniko.com website. This is protected by 2 factor authorization password and encrypted. Further information on Cliniko security can be found on https://www.clinikp.com/security

Your Rights

You have a number of rights in relation to your personal information. Some apply generally while some apply only in certain limited cases. We describe these rights below:

·      Access. You can access and receive a copy of the personal information we hold about you.

·      Change, restrict, delete personal information (unless needed for legal purposes). In the case of medical notes these are normally exempt from change and deletion requests.

·      Complain. If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you may do so with the Information Commissioner www.ico.org.uk.

How To Contact Us

For the purposes of the DPA, we, The Garioch Clinic, are the data controller of your personal information. If you have any questions or concerns, you may contact us by writing to The Garioch Clinic, 45 High Street, Inverurie, Aberdeenshire, AB51 EQA, emailing us at thegariochclinic@outlook.com or on 01467 625026.