WHO IS COLLECTING MY DATA?
This Privacy Statement explains how Sarah Breslin Wellness will process your personal and health information in accordance with the General Data Protection Regulation 2016 (GDPR) which came into effect in May 2018, replacing the existing data protection framework under the EU Data Protection Directive.
PRIVATE PRACTICES AND DIRECT MARKETING
We will never use your data for direct marketing purposes without your consent. At any time you may opt out (i.e. refuse the use of your personal data), including at the time the data is collected, or on every subsequent marketing message. Unsubscribing will always be free of charge and fully respected.
It should be noted that other methods of communication (confirmation of appointments or reminders, etc.) do not fall under “direct marketing”, however consent will still be collected for this.
WHAT TYPE OF DATA IS COLLECTED?
Sarah Breslin Wellness complies with the EU Data Protection Directive 95/46/EC as set forth by the European Union regarding the collection, use, and retention of personal data from European Union member countries. Sarah Breslin Wellness has certified that it adheres to the requirements of notice, choice, onward transfer, security, data integrity, access and enforcement.
We collect two types of data: personal data, and sensitive personal data.
Personal data can be used to identify, or contact you and may include: your name, address, date of birth, telephone number, and email address. This will only be collected if you voluntarily submit it to us.
Sensitive personal data is relating to your health, and is collected for the purposes of assessment, treatment or advice, and is necessary to be obtained in order to provide the most accurate service for you.
WHAT IS MY DATA BEING USED FOR?
When you contact Sarah Breslin Wellness to avail of any of our services, including but not limited to:
We will ask you to provide, either by phone or electronic means, your name, telephone number and/or email address. This information provided will be used by Sarah Breslin Wellness to:
verify your identity
provide you with the service you have requested
respond to your inquiries or provide customer support
create your file and book your appointment(s)
send updates regarding your appointments
contact you in the case of a data breach
provide you with advice, dependant on the information you have given
seek feedback for ongoing service improvements
communicate with you regarding other Sarah Breslin Wellness products and services
When you attend Sarah Breslin Wellness you will be asked to provide further sensitive data to allow your service provider to:
perform a consultation
identify if any contraindications to treatment exist
provide you with appropriate treatment and/or advice
Sarah Breslin Wellness uses an online booking system. Therefore, your appointment and service type will be visible to Sarah Breslin Wellness staff. Sarah Breslin Wellness will never share your personal information with any other third party without your consent unless required to do so by law.
WHAT HAPPENS TO MY DATA?
All of your personal and health data is stored securely in an electronic format in a patient management system. All electronic communications are hosted within platforms which are password protected. Consultation forms are securely stored in a locked cabinet on site.
WHO HAS ACCESS TO MY DATA?
Access to all clients personal data is restricted to the staff of Sarah Breslin Wellness.
We will only disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other statutory requirements.
HOW LONG IS MY DATA HELD FOR?
Your data will be held by Sarah Breslin Wellness as long as is legally required. In the case of consultation forms, we are required for insurance purposed to retain all records for a minimum of seven years from the date of last treatment.
WHAT ARE MY RIGHTS?
You can contact us at any time to:
Request personal or sensitive personal data about yourself
Correct any information if it is incomplete or misleading
Withdraw your consent regarding the processing of your data at any time
Review our Data Protection Policy
Ask any questions about your data
Any request should be put in writing and will be responded to, by us within 30 days. Please contact us either by email at firstname.lastname@example.org.
UPDATES TO THIS PRIVACY STATEMENT
We may change this privacy statement, however, the “last updated” date will always be listed at the top of this page. Any changes will be effective immediately.