Poppinghole Farm Data Protection Policy
Our Policy reflects the high standards set out by the General Data Protection Regulation (GDPR).
Your Personal Data
This policy applies to information provided by you, during your appointment, via email, our website, or in any other way including over the phone.
Poppinghole Farm stores personal data relating to Clients and Guests Poppinghole Farm which complies with the provision of the Data Protection Act 1998 and with the EU General Data Protection Regulation 2016/679 (“GDPR”) and national laws implementing GDPR. Any legislation that replaces it in whole or in part, and any other legislation relating to the protection of personal data.
The Data will only be used for the purposes of Poppinghole Farm’s business and will not be shared or transmitted to any third party.
We promise to keep all personal details you give us in connection with your booking confidential. We have appropriate security measures in place to protect this information entrusted to us.
Information Recorded During Your Consultations and Appointments
When you visit Poppiunghole Farm, you provide personal information including your name, address, date of birth, contact details and medical history.
During your consultation, medical notes are taken. You are also asked to read and sign consent forms which form part of your medical records.
During your treatment we will record treatment settings, outcomes and may take photographs which form part of your medical records.
Recorded information from our Website
When you visit our website you may provide us with personal information including your name, address, contact details and financial data for this purpose we use third party software.
This information is gathered when you make a booking, via email or make a purchase from the on-line shop or sign up for our newsletter.
When you correspond with Poppinghole Farm by email, we may retain the content of your email and any photographs supplied together with our replies, as they form part of your records.
How We Use Your Information
Your personal details and medical records are for legitimate purposes and ensure we are able to Protect you and:
- Provide the best possible care
- Confirm your appointment by text, email or phone
- To answer your questions by email or phone
- Keep you up to date on news and New treatments provided you give us permission to do so.
You have a responsibility to inform us if any changes to your details such as name, address, contact numbers change, so our records are accurate and up to date for you.
Confidentiality of your Records
We are committed to protect your privacy and will only use information lawfully in accordance with the Data Protection Act 1998.
Every member of staff has a legal obligation to keep information about you confidential.
We do not hold aby credit or debit card information, it is all destroyed.
How We Share Your Information
We do not share your data. However, if there is a need to share your date we will only do so if you have given us written permission.
We never share any information with third parties and we do not sell our database to third parties.
How Long Do We Hold Your Information
We are required to hold your records for seven years.
Rights of our Clients and Guests
You can withdraw your consent at any time by contacting us via email or letter.
You can request a copy of your consultation records and this request must be put in writing. We are required to respond to you within 30 days.
The revised policy will be displayed on our website and is available to you on request. You will be asked to sign the consultation form each time you visit this ensures our information is accurate and up to date.
Our Data Protection Officer is responsible for ensuring we keep an record your information secure and confidential.
If you have concerns about the way your information is managed please contact the Poppinghole Farm Spa Manager or the Poppinghole Farm Data Protection Officer. Tel:01580 830622 or email firstname.lastname@example.org
If you are still unhappy you can then complain to the Information Commissioners Office (ICO) at www.ico.gov.uk or telephone 0303 123 1113.
To process your booking Poppinghole Farm will need to collect certain details from you. These details will usually include the names and addresses of the Visitor and his/ her Guests, payment details such as credit/debit card or other special requirements such as those relating to any disability or medical condition which may affect your stay at the Cottages. Where you give us details relating to your physical or mental health or condition, we will ask you to give us your written consent to our holding, using and passing on such information. Except where expressly permitted by the Data Protection Act, we will only deal with the personal details you give us as set out above unless you agree otherwise. For example, if we wish to use any of your personal details for marketing purposes, we will tell you this when we ask for the details and give you the opportunity to say no if you do not want us to do so. We promise to keep all personal details you give us in connection with your booking confidential. We have appropriate security measures in place to protect this information entrusted to us.