ChildGutSpecialist is a division of HEAL+H Limited, a company registered in England and Wales, company number 11253438. Our registered address is: 1 Barncliffe Mews, Redmires Road, Sheffield, S10 4JY. ChildGutSpecialist is hereafter referred to as "we", "us", "our" and "ours". We provide a private paediatric consultancy service for the diagnosis and treatment of gastrointestinal conditions in children and adolescents.
We only collect and use the personal data about you that we need to provide you with our services. We do this in accordance with the General Data Protection Regulation (GDPR), the new Data Protection Act (DPA) 2018 and any other applicable laws and regulations (hereafter referred to as 'Data Protection Legislation') that we need to in order to process your data legally and securely.
This policy affects your legal rights and obligations so please read it carefully to understand our practices regarding the collection and storage of your personal data and how we will treat it. If you have any questions, please contact us by emailing: firstname.lastname@example.org (secretary).
HOW WE COLLECT YOUR PERSONAL DATA
When you request information or services from us, we need to know your name, email address, telephone number and the nature of your enquiry. We may also need to collect information about your child’s medical history in order to provide you with a quote and any services you ask us to provide. This information allows us to respond to your enquiry appropriately and provide you with accurate information about what you can expect, and the potential costs of appropriate investigations and treatments.
INFORMATION WE MAY HOLD ABOUT YOU
You don’t need to provide us with any personal data to view our website. However, we still collect a small amount of anonymised information as set out in the ‘Cookies’ section of this policy.
As we ask our clients to pay via BACS, we don’t generally collect or store any payment information, unless you’ve requested to pay by another means, in which case we’ll discuss this with you.
A cookie is a small text file containing a unique identification number that is placed on your device when you visit a website or application. Your web browser (such as Google Chrome, Internet Explorer or Mozilla Firefox) then sends these cookies back to the website on each subsequent visit so that they can remember things like preferences.
Google Analytics cookies do not collect any personal data. They only collect and store information about your device and your activities. This information could include (a) your computer or other device's unique ID number; (b) technical information about your device such as type of device, web browser or operating system; (c) your preferences and settings such as time zone and language; and (d) statistical data about your browsing actions and patterns. We collect and use this information on an anonymous basis to improve our website and the services we provide, and for analytical and research purposes.
If you do not agree to this you can disable persistent cookies in your browser. This will prevent Google Analytics from logging your visits.
To protect the input forms of our websites against spam and abuse, we use the external service reCAPTCHA. This is a service provided by Google. reCAPTCHA makes it possible to differentiate between inputs of human origin and those that are abused by automated software (also called bots). When using the service, the following data will be transmitted to Google's servers in the USA:
HOW WE USE YOUR PERSONAL DATA
We’ll only use your personal data lawfully to provide our services and respond to enquiries/feedback. Generally we’ll use contractual obligation rather than consent as a legal basis for processing your personal data.
We’ll use your personal data to:
In some circumstances we may anonymise or pseudonymise your personal data so that it can no longer be associated with you, in which case we may use it without further notice to you. If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you or we may be unable to comply with our legal or regulatory obligations.
We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.
Most commonly, we’ll use your personal data in the following circumstances:
HOW LONG WE RETAIN YOUR PERSONAL DATA
We’ll only keep your personal data for as long as is necessary to fulfil the purposes for which it was collected. When assessing what retention period is appropriate for your personal data, we take into consideration:
For example, if you make an enquiry with us, but we do not hear anything back from you, or you decide not to take up any of our services, we will only keep your data for approximately two weeks. If you (or your child) become a patient of ours, we will keep your data on file for as long as you remain in our care, and for up to twelve months following treatment in case of any feedback.
HOW AND WHY WE MIGHT SHARE YOUR DATA
We may share your personal data with any service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including medical professionals and hospitals, IT service providers, accountants, auditors and lawyers.
Under certain circumstances we may have to disclose your personal data under applicable laws and/or regulations, for example, as part of anti-money laundering processes or protect a third party's rights, property, or safety.
We may also share your personal data in connection with, or during negotiations of, any merger, sale of assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
HOW WE KEEP YOUR DATA SAFE AND SECURE
We’ll process your personal data in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
We’ve put in place reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to employees, suppliers and/or contractors who have a business need to know.
They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
YOUR DUTY TO INFORM US OF CHANGES AND KEEP YOUR DATA UP TO DATE
All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we’ll record this.
It’s important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of these changes by emailing: email@example.com (secretary).
YOUR RIGHTS REGARDING YOUR PERSONAL DATA
Under certain circumstances, by law you have the right to:
Please note, we reserve the right to charge an administrative fee if your request is manifestly unfounded or excessive.
YOUR RIGHT TO WITHDRAW CONSENT
In the limited circumstances where you’ve provided your consent to the collection, processing and transfer of your personal data for a specific purpose (outside of any contractual obligation), you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email us at: firstname.lastname@example.org (secretary).
Once we’ve received notification that you’ve withdrawn your consent, we’ll no longer process your personal data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law (in which case we will notify you of this).
If any provision of this policy is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision shall be construed, as nearly as possible, to reflect the intentions of the parties and all other provisions shall remain in full force and effect.
This policy shall be governed by and construed in accordance with the law of England and Wales, and you agree to submit to the exclusive jurisdiction of the English Courts.
CHANGES TO THIS NOTICE
We may update or change the terms of this policy from time to time by posting a new version on our website. You’re responsible for regularly reviewing this policy so that you’re aware of any changes to it. If you continue to use our website after the date we state any changes will take effect, you will have accepted the changes.
This privacy notice was last updated on 3 October 2018.
ENQUIRIES AND COMPLAINTS
If you have any complaints in relation to this policy or otherwise in relation to our processing of your personal data, you should contact the UK supervisory authority: the Information Commissioner, see www.ico.org.uk.