In Touch Therapies would like to advise on how we will be handling your data to comply with the new General Data Protection Regulation (GDPR) legislation that came in to force in the UK on 25th May 2018. The General Data Protection Regulation (GDPR), is EU wide legislation, and is currently being enacted into UK law and will become the 2018 Data Protection Act.
This legislation will affect every business that handles personal data for clients, customers or staff. Personal data has been defined by the act as ‘any information relating to an identifiable person who can be directly or indirectly identified’.
We do not capture any details related to individuals visiting our website:
The personal data we collect from clients during treatment sessions will include information relating to name, address, date of birth, and wider contact details as well as information about any relevant health or disability issues in order to assess appropriate treatment needs. We will only use your data for the purpose for which it was collected, and it will not be shared with any other third party unless in writing you specifically request or allow it to be.
We will keep your data on record for 7 years after the last treatment or in the case of minors for 7 years after they reach the age of 18, in alignment with the recommendations from our professional associations.
With your expressed permission if you choose to ‘Opt In’, we may contact you periodically with latest news and offers or via social media.
You have the Individual Rights under the Data Protection act 2018
You can exercise your Individual Rights at any time without charge. However, if your request is considered repetitive, unfounded or excessive a reasonable administration fee can be charged. We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data and store it securely.