WELLSPINE GDPR and Data Protection Policy
Effective Date: 22 September 2022
Introduction
At WELLSPINE, we are committed to safeguarding the privacy and personal data of our patients. This GDPR and Data Protection Policy outlines how we collect, use, disclose, and protect your personal information in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.
1. Data Controller
WELLSPINE, located at 31 High Street East, Uppingham LE15 9PY, is the data controller responsible for your personal data. If you have any questions or concerns about this policy, please contact us at info@wellspine.co.uk.
2. Personal Data We Collect
We may collect and process the following types of personal data:
- **Identity Data:** Name, date of birth, gender..
- **Contact Data:** Address, email address, phone number.
- **Health Data:** Medical history, treatment records, health insurance details, and any other relevant health information necessary for your treatment.
- **Financial Data:** Payment details and transaction history.
- **Technical Data:** IP address, browser type, and usage data when you visit our website.
3. Purpose of Data Collection
We use your personal data for the following purposes:
- **Provision of Services:** To provide and manage your treatment and related healthcare services.
- **Communication:** To communicate with you regarding appointments, treatments, and follow-up care.
- **Billing and Payments:** To process payments for services provided.
- **Legal Compliance:** To comply with our legal obligations, such as record-keeping requirements.
- **Marketing:** To inform you about our services and offers, with your consent.
4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- **Consent:** Where you have given explicit consent for specific processing activities.
- **Contract:** Where processing is necessary for the performance of a contract with you.
- **Legal Obligation:** Where processing is required to comply with legal obligations.
- **Legitimate Interests:** Where processing is necessary for our legitimate interests, provided these are not overridden by your rights and interests.
5. Data Sharing and Disclosure
We may share your personal data with:
- **Healthcare Providers:** Other medical professionals involved in your care.
- **Service Providers:** Third-party service providers who assist us in delivering our services.
- **Legal Authorities:** Government bodies and law enforcement agencies where required by law.
- **Insurance Companies:** For the purpose of processing health insurance claims.
We ensure that all third parties with whom we share your data comply with data protection laws and only use your data for the specified purposes.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or destruction. These measures include secure data storage, encryption, and access controls.
7. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. After this period, your data will be securely deleted or anonymized.
8. Your Rights
Under GDPR, you have the following rights regarding your personal data:
- **Access:** The right to request access to your personal data.
- **Rectification:** The right to request correction of inaccurate or incomplete data.
- **Erasure:** The right to request deletion of your personal data, subject to legal obligations.
- **Restriction:** The right to request the restriction of processing your data.
- **Portability:** The right to receive your data in a structured, commonly used, and machine-readable format.
- **Objection:** The right to object to the processing of your data based on legitimate interests.
To exercise any of these rights, please contact us at info@wellspine.co.uk.
9. Changes to This Policy
We may update this policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes and obtain your consent where necessary.
10. Contact Us
If you have any questions or concerns about this policy or our data practices, please contact us at:
WELLSPINE
31 High Street East, Uppingham LE15 9PY
Email: info@wellspine.co.uk
Phone: 01572345935
---
Thank you for trusting WELLSPINE with your personal data. We are committed to ensuring your privacy and protection at all times.