Our GDPR Policy
Data Protection Notice
BC Podiatry is committed to safe guarding your privacy when you visit the clinic or use the website. We process your data in accordance with the General Data Protection Regulation (GDPR) 2018.
What information do we collect?
We may hold and process personal information that you provide when you visit the clinic, for example, your name, address, telephone number, date of birth, GP, next of kin or contact person, medical history, allergies and medications. Your clinical notes are stored on the premises as a basic requirement of out clinical professional standards.
If you use the website, we will collect, store and use personal data from the website only if it is directly provided by you and with your consent. For example, your name, address, telephone number or e-mail address.
In relation to the website we also collect data indirectly by collecting information about your computer, including IP address, location, browser type and version, operating system, referral source, length of your visit, page views and website navigation.
How do we collect information?
We collect information that you provide from telephone calls or at your clinic appointment or from the website contact form.
When you visit the website we use analytical and statistical tools that monitor details of your visit to our website and the resources you access, including traffic data, location data, weblogs and other communication data.
Cookies are small files of information that save and retrieve information about your visit to our sites such as how you entered our site, how you used the site and what information was of interest to you.
They allow us to administer the website, to improve your browsing experience, to test our security systems and keep the website secure, to monitor and analyze usage of our service and to help deal with enquiries.
Such information does not identify you personally, it is statistical data about our visitors and their use of our website.
You can disable cookies by changing your computer settings.
How do we use personal information?
We rely on a number of legal bases to collect, use and share information including for the purpose of providing medical care when you have given your consent. The provision of quality health care requires a relationship of trust and confidentiality between the podiatrist and the patient and we ask you to provide your personal details and medical history to allow us to properly assess, diagnose and plan your care and treatment. Should you choose not to provide the necessary information we will advise you on how this may affect your treatment.
We also require your information to comply with a legal obligation or court order or in connection with a legal claim. It also allows us to notify you about any changes to our website such as improvements or service changes that may affect our service.
Information sharing and Disclosures
We share your personal information for very limited reasons and in limited circumstances. We may share information with medical professionals such as your GP or nursing colleagues to allow continuity of care but only with your knowledge and consent.
We may share some details with external reception services that provide service for the business. But only to the extent that is necessary to perform these services. If the business is sold or merged we may disclose your information as part of that transaction only to the extent permitted by law and with your consent.
We may disclose your personal information if it is required to do so by law or in connection with any ongoing or prospective legal proceedings or in order to establish, exercise or defend our legal rights including providing information to others for the purpose of fraud prevention and reducing credit risk.
We share information with our authorized data processors, who, must act at all times on our instructions as the Data Controller under the GDPR 2018.
Clinical notes no longer in use are securely destroyed by a specialist company.
You have a number of rights in relation to your personal information. The GDPR 2018 gives you the right to access the information we hold about you, to update and correct your personal details and to change the permissions that you have given to us in relation to how we may use your data. Health records are normally exempt from change and deletion requests.
You can do this by contacting us and there is no charge for requesting this information.
We take reasonable and appropriate security measures to help protect your information from loss, theft, misuse, unauthorized access, disclosure, alteration and destruction. We also keep computers, files, filing cabinets and buildings secure and password protect our devices and cloud storage that hold personal data.
Your information will be stored on secure servers that are password and firewall protected. Transmission of information via the internet or e-mail is not completely secure but once we receive your information we will use strict procedures to prevent unauthorized access. We use Secure Sockets Layer ‘’SSL’’ encryption when collecting data. SSL is designed to make the information unreadable by anyone other than ourselves.
If you contact us to ask about your personal information we will ask you to provide photographic identification to help us protect your information.