Who we are: Cairns Holistic Homeopathy, 2 The Granary Home Farm Wadesmill Ware Hertfordshire SG12 0TZ. We are a ‘data controller’ under the Data Protection Act 1988. And Under GDPR we are registered with the Information Commissioner’s Office.
The Information we collect about you : We require you to provide us with the following – name, address, date of birth and nationality. Contact details, including telephone numbers and email address’. Please note that details relating to card payments are destroyed once the payment has been made unless you have a continuous subscription with us.
Because Cairns provides a Complementary Health service, we will also require additional information such as personal health details and medical & family history.
How we collect information about you: We collect and update personal information from you directly: on each consecutive visit, when you inform us of a change of contact (or other) details. when you respond to communications, surveys’ or similar requests for information.
How we use your information: We store and use your personal information, as is necessary for our legitimate interests, for the purposes of keeping UpToDate personal details and treatment programs and affiliated health related interests. Please note, we do not share your financial information with anyone.
How we store your data: Your data is securely stored both electronically and in hard copy. Only authorised individuals have access to your data, and all electronic systems are password protected. We back-up data on a daily basis to reduce the likelihood of accidental loss or damage to files.
How long do we keep your information: We will retain your personal information for a number of purposes, as necessary to allow us to carry out our business Your information will be kept for a minimum of 7 years, after which time it will be archived or deleted. Your information will be kept for a minimum of 7 years, after which time it will be archived or deleted. Any retention of personal data will be done in compliance with legal and regulatory obligations. Please note that data retention periods may be subject to change without further notice as a result of changes to associated law or regulations.
Your rights Under GDPR: you have the following rights: • to obtain copies of the personal information that we hold about you • to require that we cease processing your personal information if the processing is causing you damage or distress • to require us not to send you news or marketing communications • to require us to correct the personal information we hold about you if it is incorrect • to require us to erase your personal information. This must be a written request, with your reasons for requesting erasure clearly stated Please note that these rights may be limited by Data Protection legislation, Contract law, Criminal law and Human Rights legislation, and we may be required to refuse requests where exemptions apply.
A data breach: In the event of a data breach occurring, we would immediately inform everyone affected, and take whatever steps necessary to minimise impact. We would also report the breach to the ICO.