Privacy Notice

You can visit our Website/Facebook Page/Instagram/Twitter Social media pages without telling us who you are and without revealing any information about yourself. However, there may be occasions where we do ask you to provide certain information by which you can be identified.

You can be assured that we will protect any information you provide to us and we will only use your information in accordance with this privacy notice and to ensure that your privacy is protected.

You can choose to provide your information in the following circumstances:

You contact us for an appointment.

You request information from us.

You request a subscription to our newsletter or download a digital product for free or purchase a digital download.

Data that we collect

  • Your name

  • Your contact information including a telephone number and e-mail address.

  • A brief reason for requesting an appointment.

How do we use your data you provide to us?

It allows us to provide you with the information requested and to offer you an appointment.

  • Your data will be used to enable us to contact you in relation to your enquiry or appointment.

  • Should you book and attend an appointment your data will be transferred to your record. If you do not wish to make an appointment your original e-mail will be deleted and any paper copy containing your data will be destroyed.

  • If you have opted in to receiving our newsletter or purchased an online product, we will send you our newsletter and details of the online product to your e-mail address. You may opt out at anytime by clicking the link at the bottom of the email.

Security of your data

We will ensure that your information data is securely protected. We have electronic security measures in place to ensure that your data is protected against unauthorised access, loss or destruction.

Hyperlinks

Our Social Media Pages may contain links to other websites that we believe may be of benefit to clients, however once you have used these links to leave our site, you must know that:

  • We don't have any control over these websites and the content contained within those websites.

  • We cannot be responsible for the protection and privacy of any information which you provide whilst visiting other websites.

  • We strongly suggest that you read any privacy notice / policy attached to any individual website that you choose to visit.

·  Information regarding to collection of your data.

Managing Cookies

You can choose how web browser cookies are handled by your device via your browser settings. This includes the option to delete and refuse cookies. Please be aware the website my not function properly.

Why we collect your data?

When you make an appointment and attend the premises, we will request and record specific data from you, which is required to establish your treatment plan. We have set out below the type of data that we require for your treatment using Hypnotherapy.

Data controller
Debra Clarke

Data processor
Debra Clarke

Lawful basis
Our lawful basis for collecting, recording, storing and using your data is "Legal obligation". However, we access other lawful bases for certain criteria, as listed below.

Legal obligation
We have determined that our lawful basis is "legal obligation" which represent our activity in regards to Practitioner and client relationship and our relationship with a client's health insurance provider, or health care professional. Therefore, we have a statutory requirement to collect, record, store and use your data.

Performance of a contract
Should we be in a position to receive payment using a credit / debit card service then we will process your payment, via this lawful basis. The credit card service we use is Sum Up and Stripe.

Legitimate interest
We use this lawful basis if you have requested our newsletter and or purchased an online digital product whether free or paid.
Our newsletter informs you of current issues surrounding wellbeing, provides useful tips to help you feel better and includes special offers/discounts for treatments and the purchase of online products.

Consent
Please note on your first appointment, you will be provided with a copy of our privacy notice and you will be required to read and sign the form below.
1. Treatment consent form for Hypnotherapy

GDPR Article 9 - Processing of special categories of personal data
We collect your data specifically for your wellbeing and as such your data is considered as special category data.

What information is being collected?

Information provided by you and recorded by Debra Clarke will consist of personal identifiable information and sensitive personal data regarding to your health and wellbeing.

Personal details
Name, date of birth, postal address, telephone numbers and your e-mail address.

Sensitive health related details
Presenting condition, general health and wellbeing,
Your Doctors details and any other Professional involved in your care.
Health insurances involved in your care.

Lifestyle activities
Employment details, Sleeping/Eating Patterns, Sports, hobbies, habits/behaviours, smoking and alcohol consumption.

Assessment and treatment details
Basic wellbeing related notes will be compiled during your assessment, treatment and your progress in respect of any therapy provision that you have requested and undertaken.

Payments history

Details of your payments are recorded on our Tax records and to our accountants and HMRC.

Who is collecting it?

Debra Clarke

How is it collected?

Data which is provided by you will be stored on paper or electronically. The paper documents will be stored in a locked case in a locked room. The electronic documentation will be securely stored on a computer under a password protected system along with up to date antivirus/Firewall systems in place.

Why is it being collected?

To formulate a treatment plan. We also have a legal obligation to collect, record and store your data.

How will it be used?

Your records are stored solely for the purpose of recording a treatment plan and to meet legal requirements. Your treatment plan is stored as a historical and evidence-based report of your treatment plan, progress and results should they need to be referred to in the future.

Who will it be shared with?

We provide our accountants and HMRC with our taxation records on a yearly basis. Information sent to these organisations will consist of your first name and surname and your payment methodology such as: your bank, cheque number, cash payment, BACS and / or credit and debit card transaction.

Our Accountants
Details available on request

Your data will not be shared with any other party unless you request it to be shared and you provide your explicit consent for us to do so.
With your consent, we may share your data with your G.P. (General Practitioner) and health insurance provider as they will have obtained your consent for us to report certain data back to them.

If requested, we are legally bound to share your data with any lawful and / or Crown agency that requests access to your data via appropriate data release requests.

What will be the effect of this on the individuals concerned?

In communicating with your G.P, Health Care Professional, health insurance provider we will be able:
1. Enhance your general wellbeing.
2. To comply with the reporting requirements of the above organisations.

If we need to write to your G.P. or Health Care Professional then we will discuss our reasoning for this activity and gain your explicit consent before we do so.

How is my data protected?

Our software programmes are protected with antivirus/malware/firewall systems which are constantly updated by the software company to meet any new cyber threats.

Under the General Data Protection Regulations (GDPR) you have individual rights:

  • 1. The right to be informed

  • 2. The right of access

  • 3. The right of rectification

  • 4. The right of erasure

  • 5. The right to restrict processing

  • 6. The right to data portability

  • 7. The right to object

  • 8. Rights in relation to automated decision making and profiling

 

How long do we keep your medical records?

Personal information that we process for any purpose shall be not be kept for longer than is necessary for the duration of that purpose.

We are legally bound by statutory requirements to hold your data for:

Adults: We keep you treatment records for a period of 8 years from the date of your last appointment.
Children: We keep your records until you reach the age of 25.

There may be occasions where we need to keep your records for an indefinite period of time and we may withhold personal information that you request to the extent permitted by law. We may also retain your personal information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Controlling your personal information

We do not sell or distribute your information to any other organisation unless you have consented or contracted us to do so. If your personal and sensitive data should change then please inform us immediately in order for to update your personal records.

If you wish to contact us for any aspect in regards to your data or you have subscribed to our newsletter and subsequently decide that you wish to withdraw your request then you may do so by contacting Debra Clarke by emailing info@debraclarkewellbeing.co.uk, clicking the unsubscribe link on the footer of an email or in writing at the address below.

C/O Debra Clarke

Bedford Consulting Rooms

4 Goldington Road

Bedford

MK403NF

Tel: 07783 565685

If you wish to complain about the manner in which we have handled, recorded, stored and / or used your data then you may do so by contacting:

  • Information Commissioners Office

  • Wycliffe House

  • Water Lane

  • Wilmslow

  • Cheshire

  • SK9 5AF