Data Controller: Serena Stubbs Ltd
How is your information collected?
Information is obtained when:
- When you visit our website
- Enquire about our services or appointment availability via our website’s ‘Contact Us’ page
- Book and attend appointments at our physical premises for any of our services
- Provide us with a testimonial through our website or by email
- Communication is received from multidisciplinary professionals involved in your care e.g. referrals or treatment care updates
- Communication received from other healthcare intermediaries involved in your care
How is the information we collect used?
- Sensitive Data
Patient sensitive personal data is collected with relation to health matters pertinent to the provision of our services. Such data is provided with explicit consent of the patient, by themselves or their representatives. The following sensitive data is not collected: genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions.
- Information regarding a Minor
Whilst we do treat minors under the age of 13 years old, any relevant information is only collected with the explicit consent of the parent or legal guardian responsible for the minor. If you learn that a minor under the ages of 13 years old has provided us with personal information without the consent of a parent or legal guardian, please contact us.
- Third Parties
We will not sell, rent or share your information to third any parties. We will not share your information with third parties for marketing purposes.
We do pass your information to third party service providers who we have engaged for the purpose of completing tasks and providing services to you on our behalf. We disclose only the personal information that is necessary to deliver the service. These 3rd party services help us fulfil our contractual and legal obligations. These 3rd party services are listed in full below; we have verified that these 3rd party services are GDPR compliant.
USE OF WEBSITE
Personal Information we collect
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, email address, and phone number. We refer to this information as “Order Information.”
How do we use your personal information?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Sharing your personal information
We share your Personal Information with third parties to help us use your Personal Information, as described above. We also use Google Analytics to help us understand how our customers use the Site–you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Do Not Track
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
There are no intended age limitations of the site, however the site is targeted at a certain demographic that would not appeal or interest Minors under the age of 5.
Controlling your information
You have certain rights concerning the information we hold about you, as defined under the General Data Protection Regulation. If you wish to exercise these rights, please contact us, with your name and email address.
- Requesting a copy of your information
You may request a copy of any data we hold about you. Upon request, we will provide a CSV file containing the personal data we hold on record about you.
- Updating or correcting your information
It is important that the information we hold about you is accurate. If you change email address, or any of the other information we hold is inaccurate or out of date, please contact us so that we can correct our records.
- Deleting your information
You have the right to request erasure of your personal information. Unless there is a justifiable reason for the data not to be erased i.e. if we needed to use that data to fulfil our contractual or legal obligations, your personal data will be deleted on request.
- Automated decision making
We do not use any personal information for automated decision making or profiling; your data is not subject to automated decision making or profiling.
Use of ‘Cookies’
- Google Analytics:Google Analytics sets cookies to help us accurately estimate the number of visitors to the website and what content is most popular. This helps to ensure that our website is responding to your needs in the best way possible.
- WordPress:This website is built using WordPress.
- Facebook:Our website includes an embedded Facebook timeline. Facebook sets a number of cookies to facilitate this. Our website uses Facebook Pixel.
By using and browsing our website, you consent to cookies being used in accordance with this Policy.
If you do not consent, you must turn off cookies or refrain from using the site. Most browsers allow you to turn off cookies. To do this, look at the ‘help’ menu on your browser. Switching off cookies should not noticeably restrict your use of this website.
We take security seriously. In order to protect your information from loss, misuse or unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. These steps include the following:
- Data minimisation
- Password best practice
- Security best practice concerning devices (PCs, laptops, mobile devices), website hosting, physical access and storage
- Staff training and accountability on data protection
Our Information Security Policy includes a clear process for handling a personal data breach, should one occur. Where appropriate, we will promptly notify you of any unauthorised access to your personal information.
If you wish to raise a complaint on how we have handled your personal information, you can contact us directly and we will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org.