Information I Collect
To aid your treatment you will normally provide me with certain information, such as your name, address and medical information. I will store this information on an electronic patient record and diary system which is fully password protected.
Why I need your information and how I use it
For this I rely on a number of legal bases:
- To fulfil your podiatry assessment and treatment, and to provide patient support
- You are entitled to see the information that is held in relation to yourself
- To comply with a legal obligation
I share your personal information only in limited circumstances:
- When it is relevant, and with your consent, I will share information with medical professionals such as your GP to allow continuity of care.
- Your contact details (name and phone number) are shared with reception staff so that they can perform reception duties.
Transfer of personal information outside of the EU
Cliniko, the electronic patient record and diary system I use) process your information through a third-party hosting service called Red Guava Pty Ltd, in Australia. Their EU representative is a company called VERASAFE EU. You can contact them at firstname.lastname@example.org. See below for more detail.
You have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases.
- Access. You have the right to access and receive a copy of the personal information I hold about you by contacting me using the contact information below.
- Change, restrict, delete. You may also have rights to change, restrict my use of, or delete your personal information. However, in the case of health records these are normally exempt from change or deletion requests.
- Complain. If you wish to raise a concern about my use of your information (and without prejudice to any other rights you may have), you have the right to do so with the Information Commissioner at www.ico.org.uk
How to contact me
For the purposes of GDPR, I Nicola Spuffard, am the data controller of your personal information. If you have any questions or concerns, you may write to me at:
DW Roberts (Opticians) 63 Queensway, Bletchley, MK2 2DR
Details of Electronic patient record and diary system Cliniko – Data Protection Officer – email@example.com
Managed by Red Guava Pty Ltd Servers are located in Australia
- EU representative is a company called Verasafe who can be contacted at firstname.lastname@example.org Address: Verasafe EU, Zahradnickova 1220/20A, Prague 15000, Czech Republic
- Or Verasafe Ireland Ltd, Unit 3D North Point House, North Point Business Park, New Mallow Road, Cork T23 ATZP Ireland
- Cloud service provider – Amazon, United States
- Platform – Engine Yard. Inc US
- Content Delivery – Fastly Inc US
Other Sub processors
- Cloud based customer support – Intercom, Inc. US
- Cloud based email services – Mailgun Technologies, Inc US
- Cloud based email services – The Rocket Science Group LLC US
- Cloud based SMS services – Messages 4U Pty Ltd, Australia
- Cloud based messaging services – Slack Technologies, US
- Cloud based software error monitoring services – Honey Badger Industries LLC US
- Cloud based Real time Notification services – Pusher Ltd UK