N8 Health treats the privacy of its customers and website users very seriously and we take appropriate security measures to safeguard your privacy. This Policy explains:
Who we are
N8 Health is a chiropractic and wellness clinic promoting to serving our patients with the highest standard of care.
N8 Health is subject to the General Data Protection Regulation (“GDPR”). Please read this Policy carefully as it describes the types of personal data we may collect from you or that you may provide and the legal basis and practices of N8 Health’s processing of your personal data. This Policy forms part of, and should be read in conjunction with, www.n8health.co.uk (“Website”) Terms of Service.
What Personal Data We Collect
Personal data mean information by which you may be personally identified directly or indirectly; this includes your name, address, phone number and other information. We collect personal data about you when you use our Website and contact us about our services or making a booking online. We are committed to protecting the privacy of children. Neither N8 Health nor any of its services are designed or intended to attract children under the age of 13.
We also collect personal data that you provide us either on your initial consultation form, at a screening event, by email, or over the telephone. This includes name, address, date of birth and email address. If you take a membership with us, it would also include your direct debit details. We use this information in order to manage and administer your care.
We may also keep information contained in any correspondence you may have with us by post or by email.
We may obtain sensitive medical information directly from you or your GP or other third parties in relation to the assessment of care or insurance claims. The provision of this information is subject to you giving us express consent to contact this third parties and you specifically given them permission to allow them to pass this information on to us.
How we use your personal data and on what legal basis
We use your personal data to manage and administer your care plan which forms the basis of a contract for services with us or insurance claims which relate to your contract for services with us. We undertake at all times to protect your personal data, including any health and financial details, in a manner which is consistent with our duty of professional confidence and the requirements of GDPR concerning data protection. We will also take reasonable security measures to protect your personal data in storage.
We may also use your personal data for specific business purposes which are in our legitimate interests without affecting your rights and freedoms to enable us to provide you with appropriate products and services and a secure experience. Our business purposes include providing communications which we think will be of relevance to you. You have the right to object to us processing your personal data for such business purposes and in certain circumstances we will ask for your consent.
Who we share your personal data with and why
We will keep information about you confidential. We will only disclose your information with other third parties with your express consent with the exception of the following categories of third parties:
Categories of third parties
Transfer of your personal data outside of the European Economic Area (EEA)
We do not currently transfer your personal data outside the EEA
How we keep your personal data secure
We are committed to ensuring the confidentiality of the personal data that we hold and continue to review our security controls and related processes to ensure that your personal data remains secure.
We keep information in line with the regulations surrounding health records. These retention periods are in line with the length of time we need to keep your personal information in order to manage and administer your care plan and handle any insurance claims.
We keep your personal data only for as long as is necessary for the purpose for which it was collected, or for legal or regulatory reasons. Personal data will be securely disposed of when it is no longer required, in accordance with our data retention and disposal policies, which can be made available on request.
Under applicable data protection law, you have the right to ask us:
You also have the right to:
If you wish to request a copy of the personal data we hold about you please contact us using the details below.
More information about your data protection rights can be found by contacting the Information Commissioner’s Office (details below).
Invoking your rights
If you would like to invoke any of the above rights with us, please write to the Data Controller at N8 Health, 775a High Road, Finchley, N12 8JY
Questions and queries
If you have a complaint
If you have a complaint regarding the use of your personal data or sensitive information then please contact us by writing to the Data Protection Officer at N8 Health, 775a High Road, Finchley, N12 8JY, or email firstname.lastname@example.org and we will do our best to help you.
If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (“ICO”), you can contact them on 01625 545745 or 0303 123 1113. You also have the right to judicial remedy against a legally binding decision of the ICO where you consider that your rights under GDPR have been infringed as a result of the processing of your personal data. You have the right to appoint a third party to lodge the complaint on your behalf and exercise your right to seek compensation.