We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at firstname.lastname@example.org or call 07789 691479
Who is collecting the data?
Emma Newby (data controller registered with the Information Commissioners Office)
Who has access to the data?
Emma Newby, associate chiropractors, locum chiropractors & the reception team. All are required to register as data controllers as part of their contracted services.
What data is being collected?
Name and biometric data relevant to treatment
Contact details for the purposes of the appointments and marketing if consented
Medical history and current health status
Feedback from treatment
3rd party communications relevant to your treatment such as GP memos & MRI scan results
Reception staff have been trained to check contact information from clients at a reasonable interval to ensure up to date information
Why is it being collected?
To allow the most comprehensive understanding of current health and where we are able to help as required by the General Chiropractic Council and to allow us to contact individuals with regards to treatment, appointments and any marketing you consented to.
Where is it stored?
The personal data is stored securely at all times in a locked filing cabinet with only the identified personnel above having access to the key.
The filing cabinet is in accessed only by the identified personnel above plus other professional therapists.
The cabinet is accessed via a deadlocked door.
The building has smoke detectors to protect the data from destruction by fire.
The building and has no water access to the area of storage minimising the chance of water damage to the data.
Other data storage may occur on electronic devices used to access emails relating to the care or appointments of individuals. All devices are locked with either strong password and/or fingerprint technology backed with a numeric code. All devices are kept up to date with software upgrades and where appropriate anti viral software.
Diaries are kept out of view of others and either kept about the person or stored in the office.
Any photocopying of notes for sending to the individual or interested and consented 3rd party such as a GP or insurance company is done on site iwith no removal from site required.
All notes are delivered in person or sent by the appropriate Royal Mail signed for service.
How long is it stored for and how is it destroyed?
We have a statutory requirement to store data for 8 years after the last appointment or 8 years from when the individual turns 18 if the last appointment was before that time. After this time it will be destroyed securely with a shredder unless there is a regulatory or insurance driven reason for it to be kept for longer.
Phone 07789 691479
An individual can request a copy of their data at any time and for no charge subject to the Information Commissioners Office recommendations on reasonableness. An individual may also request a rectification to their data at any time.
Any concerns or complaints should be directed to the contact information above or you can contact the McTimoney Chiropractic Association or the Information Commissioners Office.