PRECIVA HEALTH

Privacy Policy

Preciva health is a leading Functional and Integrative medicine clinic providing a range of specialist services.

We are committed to being open and transparent about how we collect and use data. We are also committed to meeting our data protection obligations. This privacy policy sets out how we use and protect any personal information we hold and process about you. In this document, when we mention the Regulations, we refer to the General Data Protection Regulation 2018. We also refer to the Data Protection Act 2018 unless otherwise specified.

Data Protection Principles

All personal data obtained and held by us must be processed in accordance with a set of core principles set out in legislation, as follows:

  • Processing must be fair, lawful and transparent;
  • data must be collected for specific, explicit, and legitimate purposes;
  • data collected must be adequate, relevant and limited to what is necessary for the purposes of processing;
  • data must be kept accurate and up-to-date. Data which is found to be inaccurate will be rectified or erased without delay;
  • data must not be kept for longer than is necessary for its given purpose;
  • data must be processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures;

Personal Data 

In providing you with our services, we may process your personal data. Personal data is information about you. You can be identified from it. Examples include your name, date of birth, and contact details. We also may process ‘special category data’ such as health data.

HOW DO WE PROTECT AND SAFEGUARD YOUR DATA?

We take the security of your data very seriously. We will only use information collected lawfully. This compliance aligns with the General Data Protection Regulation (GDPR) 2018. It also aligns with the Data Protection Act 2018, Common Law Duty of Confidentiality, and NHS- Code of Confidentiality. Our internal policies and controls are designed by default. They ensure that your personal data is not accidentally destroyed, misused, disclosed, or lost. Access to your data is restricted only to our employees or contractors in the performance of their duties.


Where we engage third parties to process personal data on our behalf, they do so under written instructions, a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

HOW LONG DO WE KEEP YOUR DATA?

We only keep your data for as long as necessary. We do this in accordance with legislation and medical and industry guidelines.

Your rights and how to exercise them

As a data subject, you have a number of rights and freedoms. You can:

  • obtain confirmation as to whether your personal data is being processed and where that is the case, gain access to the personal data;
  • require The Precision Doctor to rectify incorrect or incomplete data;
  • require The Precision Doctor to erase or stop processing your data, for example where the data is no longer necessary for the purposes of processing; however please note that we are required by law to retain certain medical data
  • Object to the processing of your data. The Precision Doctor relies on its legitimate interests as the legal ground for processing.
  • move, copy or transfer your personal data from one IT environment to another, securely and without affecting its usability.

If you would like to exercise any of these rights, please contact us at the address at the bottom of this document. We will ask you to provide documentation to confirm your identity. If you are acting on behalf of another individual, we will ask you for proof of their consent. Alternatively, you may need to show your legal right to receive their personal information.

If you believe that The Precision Doctor has not complied with your rights and freedoms you can make a complaint. Please see the contact details in this document.

Changes to our processing arrangements

If we need to change the way we collect your data, we will contact you. This applies if we store or process your data differently.

We have provided the rest of the information in a layered format to ensure it remains clear and concise. Please see the sub-headings below and select the heading that best describes you:

Visitors to Our Website

When you use our website we may collect the following personal data:

  • your name, email address and telephone number;
  • the internet protocol (IP) address of the device you are using, the browser software you use, your operating system, the date and time of access and information on how you use our website;
  • information you give to Preciva Health when responding to online surveys for research purposes or via our contact form

We may also collect technical data via Google Analytics, however these reports do not contain any personal data.

HOW DO WE COLLECT YOUR DATA?

We may collect this information in a variety of ways. For example, we might collect data when:

  • you email us or complete our ‘contact us’ form;
  • you fill in your details to register as a customer, book an appointment, or book an event
  • you subscribe to email notifications and/or newsletters;
  • you complete an online survey.
WHY DO WE PROCESS YOUR PERSONAL DATA?

We may process your personal data for any of the following reasons:

  • to enable us to contact you in response to a query or request for information;
  • to register you for email notifications and/or newsletters that you have subscribed to;
  • to book you onto an appointment/meeting, event and/or webinar;
  • to collect your opinions as part of any research we may carry out;
  • to send you further information regarding Preciva Health services that may be relevant to you and your profile

What is the lawful basis for processing?

We may process your data on the grounds of contractual or legitimate interests. This occurs if we need to respond to your enquiry or enter into a ‘contract’ of services with you. It also applies if we need to book you onto an event we are hosting. If you have subscribed to our email notifications or newsletter, we are relying on your consent. We need your consent to process your personal data. You can withdraw this consent at any time.

Who do we share your data with?

Your data may be shared internally within Preciva Health. Our employees and contractors may view your data as part of their job role.

We share your data with Cliniko, the provider of our online portal. We ensure that they apply the same level of security as we do in order to protect your data. Cliniko only store data in the U.K.

We also use Google G Suite – Google are registered with Privacy Shield

We do not share your personal information with any third-party organisations to use for their own purposes, except:

  • when we have your permission;
  • to comply with a legal obligation or to perform a public task;
  • if we are under a duty to disclose or share personal data in order to enforce or apply our terms of use (of our website or any part of it) or terms and conditions of supply of any relevant products or services and other agreements;
  • to protect the rights, property, or safety of ourselves, our customers, or others;
  • in order to detect, prevent and help with the prosecution of financial crime;
  • if there are other exceptional circumstances, and we are unable, or it is not appropriate to seek your permission;
  • to archive for statistical or research purposes or in the public interest;
  • in the reason of public interest.

Third party websites

Our website may from time to time include hyperlinks to, and details of, third party websites. We have no control over, and are not responsible for, the privacy policies and practices of third parties.

We cannot ensure the security of your data when it is being transmitted to our website or other digital sites from other pages. All transmission of personal information and other data is done at your own risk.

Cookies

WHAT IS A COOKIE?

A cookie, also known as a browser cookie, is a text file. It contains small amounts of information. A server may download this to your computer hard drive, tablet, or mobile device. This happens when you visit a website or use an app.

Cookies do not typically contain any information that personally identifies a user. However, personal information that we store about you may be linked to the information stored in and obtained from cookies.

Cookies may be either ‘persistent’ cookies or ‘session’ cookies. A persistent cookie will be stored on the web browser. It will remain valid until its set expiry date. It can be deleted if detected by the user before the expiry date. A session cookie, on the other hand, will expire at the end of the user session. The expiration occurs when the web browser is closed.

FIRST-PARTY AND THIRD-PARTY COOKIES

Cookies can be set and controlled by the operator of the website which the user is browsing. This is known as a ‘first-party cookie’. A third party, like Facebook, can also set them. They use them to display advertisements and social sharing features. This is known as a ‘third-party cookie’.

COOKIES USED BY US

The only cookies in use on our website are for Google Analytics. Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website. Google Analytics customers can view a variety of reports. These reports show how visitors interact with their website. This information helps them to improve it.

Like many services, Google Analytics uses first-party cookies to track visitor interactions. In our case, they collect information about how visitors use our website. We then use the information to compile reports to help us improve our website.

Cookies contain information that is transferred to your computer’s hard drive. These cookies store information like the time that the current visit occurred. They also check whether the visitor has been to the website before. They identify what site referred the visitor to the web page.

Google Analytics collects information anonymously. It reports website trends without identifying individual visitors.

HOW CAN YOU CONTROL THE USE OF COOKIES?

You can opt out of Google Analytics without affecting how you visit our website. To learn how to opt out of being tracked by Google Analytics everywhere, visit the Google page.

SHARING OF DATA FROM COOKIES

We may disclose data collected from third party cookies, such as visitor trends, to third parties. This data will be shared in an anonymous form. We use it for research and statistical purposes and to help us optimise our websites.

People Who Use Our Medical and Nutritional Services

WHAT PERSONAL DETAILS DO WE COLLECT?

Details about you include for example:

  • details such as name, address, next of kin and contact details;
  • billing address if different;
  • payment card/bank details;
  • details of contact we have had with you during the booking process for appointments;
  • details of services you have received;
  • written summaries of calls we receive or make;
  • email communications we receive or make;
  • information about complaints and incidents;
  • appointments, consultations, visits, email ;
  • notes/reports about your health;
  • details of investigations, such as laboratory tests, supplements, x-rays, scans ;
  • relevant information from other health professionals, relatives, carers

Under the Regulations, certain information such as health data is known as special category data. It is considered more sensitive. Processing this data requires us to provide you with details of our lawful bases. This is necessary under both Article 6 and Article 9 of the GDPR 2018. This is supplemented by Schedule 1 Part 1 of the DPA 2018. As a health professional, we have lawful bases under Article 6 for processing such data. These include the performance of a contract to provide you with the service. We also rely on our legitimate interests. In our opinion, these do not override your own interests or fundamental rights and freedoms. Under Article 9(2)(h) our lawful basis is the provision of healthcare services.

WHY WE COLLECT INFORMATION

As a health professional who provides you with care, we are legally required to maintain records about your health, treatment and care. We collect and hold information about you for the sole purpose of providing you with healthcare services. These records can be written and/or in digital form.

HOW WE USE YOUR INFORMATION

We primarily use your information to enable us to provide you with healthcare services. However, we may also use information to:

  • process payments for services you receive;
  • investigate patient queries and complaints;
  • review the care we provide through audit;
  • train and educate members of staff

Data Retention

We manage patient records in line with the Records Management Code of Practice for Health and Social Care 2016, which sets the required standards. Financial data may be required by law to be retained for up to 7 years. Other data will normally only be retained for as long as it is required in order to provide you with our services.

Access to your information

You have a right under the Regulations to request access. You can view or obtain copies of the information we hold about you. You need to provide adequate information. This includes your full name, address, date of birth, and details of your request. We require this information to verify your identity and locate your record. We will respond to your request within 30 days. However, if your request is highly complex or you provide repeated requests, we may take longer. We will not charge for access to your information unless the request is highly complex or you provide repeated requests.

Change of details

Please inform us if any of your details have changed. This includes your name, address, or contact information. Let us know if any details are incorrect so we can amend them. You need to inform us of any changes. This ensures our records are accurate and up to date for you.

Email address

If you provide us with your email address, we may use it to contact you about your appointments. We may also reach out about your treatment and billing matters. Additionally, it could be used for administrative purposes. We may also email you a newsletter, any changes to our services, our opening hours of our practice.

We will never use your email for marketing purposes or share your email with third parties. Please let us know if you do not wish to receive email correspondence from us.

Enquiries

If you have concerns or questions about any of our services, or to pass on compliments please contact info@precivahealth.com or speak to us directly