When you share your personal data with Footwork’s Podiatry, we take our responsibility to protect it very seriously. This policy sets out our privacy policies and the steps we’ve taken to keep your information safe.
- Data security
- What we collect
- How we use your information
- Sharing your personal information
- Your right to access, correct and erase your data
- Data Breaches
In order to protect your information from loss, misuse or unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. These steps include the following:
- Data minimisation (we only store data that we need)
- Password best practice
- Security best practice concerning online accounts, website hosting, physical access, devices (PCs, laptops, mobile devices), and storage
- Ensuring third parties are GDPR compliant
- Staff training and accountability on data protection
What We Collect
When you contact us
If you contact us to enquire about our services or book an appointment we may collect the following information:
- Email address
- Telephone number
This information is collected online, on the phone and when you visit our clinic.
As a medical practice we store:
- Confidential clinical notes as a record of your treatments, medication and advice you’ve received
- A record of your appointments
- Messages that we have received and sent to you
- Records of your transactions
We collect this data to fulfil our contract to provide health services to you.
While using our website
We may collect information about your browser or device for our website operate correctly (e.g. to book an appointment). If you have agreed to analytics tracking we use Google Analytics to help us understand how our website is used, so that we can make improvements.
When shop with us online
While using our online shop (gift cards) we track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
For a full list of cookies that we set, please see our Cookies policy.
How we use your information
To contact you:
As a Podiatry practice, we must keep accurate records of any medical conditions, treatments, and any advice you’ve received – this is classed as special category data.
We use your records to make sure that we are giving you the best care possible, and only our Podiatrist has access to your health data. We are trained to understand the importance of confidentiality and ensure that we only collect data that is absolutely necessary.
When you shop with us
We’ll use your information to update you on your order, respond to any queries (including refunds and complaints), process payments, prevent fraud, and comply with any legal obligations we have (e.g. tax calculations).
We do not currently use any contact information for marketing purposes. We will not sell, distribute or lease your personal information to third parties.
Sharing your personal information
Like many other clinics, we use Cliniko Practice Management software to store your contact information, patient records and transaction data. We have verified that these 3rd party services are GDPR compliant and use end-to-end encryption for security. To find out more about Cliniko’s security and privacy policies please visit https://www.cliniko.com/
From time to time, we may refer our patients for private surgery or NHS services. To do this, we may share relevant medical information relating to your referral. We do not refer patients to third parties without their consent.
It is our legal responsibility as a medical practitioner to report any concerns that we may have for a patients safety (e.g. abuse) and wellbeing. In these cases, we may contact the relevant authorities for welfare checks.
Payments – Stripe Payment Gateway
We provide transaction data (e.g. copy invoices) to our accountant.
Your right to access, correct and erase your data
Accessing your data
You have the right to know what personal data we hold about you and to make sure it’s correct and up to date. In order to receive such information, please send your request, including your full contact details, to our registered address. We will send you a reply within 30 days.
Correcting your data
If you would like to make a correction to the information we hold about you, please let us know in writing or when you next visit the clinic and we’ll put things right.
Erasing your data if you’re not a patient
If you have contacted the clinic and not become a patient, you have the right to request your data is erased. Please email us at email@example.com. We will comply, and notify you of success within 30 days. Unfortunately, we are not able to erase transactional data – this is a legal requirement.
Erasing your data if you are a patient
Unfortunately, we are unable to erase the data of patients who have been treated at the clinic – this is a legal requirement.
In the unlikely event of a data breach, Footworks Podiatry will promptly notify you of any unauthorised access to your personal information.
Complaints about how we’ve handled your personal information can be made to firstname.lastname@example.org or in writing to our registered address. If you are unhappy with our response, believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).