My Health Matters takes privacy seriously and will only process your personal information and sensitive data which is relevant and specific for the purpose intended; to provide holistic health and wellbeing services, to maintain records, accounts, and promote services. My Health Matters is committed to protecting and respecting your privacy and rights.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the data controller is My Health Matters (registration number ZA329523).
Please read the information carefully to understand My Health Matters views and practices regarding your personal data and how it will be treat.
This policy applies to this site only. If you leave this website via a link or otherwise, you will be subject to the policy of that website provider.
INFORMATION THAT MAY BE COLLECT FROM YOU We may collect and process the following data about you:
- Information that you provide (name, phone number and email address) to request a Health Profile Form or information via the website www.my-health-matters.co.uk.
- If you make contact, a record maybe kept of that correspondence.
- Details of your visits to the website including, but not limited to, traffic data, location data, operating system, browser usage and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
- Your contact information will be stored on my code locked mobile phone.
- Our email correspondence is password protected and my email service ensures that the emails are secure and encrypted.
- All other electronic data is stored in encrypted documents on a secure server.
- All paper notes are kept in a locked filing cabinet. When paper notes are digitised the paper copies are securely destroyed.
- If for whatever reason services/contract are not entered into after you have supplied your personal data, it will be securely destroyed/erased after 30 days.
- Unfortunately, the transmission of information via the internet and e-mail is not completely secure. Although every effort is made to protect your personal data, the security of your data cannot be guaranteed. Any transmission is at your own risk.
- If our sessions are online they will be conducted using Zoom (https://zoom.us/) or the appear.in (https://appear.in) services. The data transmitted during meetings, webinars and chat sessions are encrypted and secure. Both services are compliant with the GDPR.
USES MADE OF THE INFORMATION Information held about you is used in the following ways:
- To provide you with information, products or services that you request or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered between us.
- To notify you about changes to our service.
- I do not sell, trade or rent this information to Third Parties. All the information provided to me is used for my own business/marketing purposes only.
DISCLOSURE OF YOUR INFORMATION We may disclose your personal information to third parties:
- There may be times where it is necessary to share your information with other healthcare professionals, associates and others. I will ask for your consent before doing so or it will have been previously agreed in client agreements. Unless if under a duty to disclose or share personal data to comply with any legal obligation or you or others maybe at risk. This complies with all aspects of the Data Protection Act (DPA)
- Clinical supervision is required to ensure the service you receive is safe, effective and of high quality. Discussion of casework is with a supervisor who is an experienced therapist. Conversations are confidential.
- Exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
YOUR RIGHTS The site may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
ACCESS TO INFORMATION The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. The information held can be request in writing and provided by within 30 days. Any access request may be subject to a fee of £10 to meet costs in providing you with details of the information we hold about you.
REQUEST FOR ERASURE
- Data subjects may withdraw their consent at any time, however the processing taken place before the withdrawal is still considered lawful. Professional insurance purposes dictate your data information must be held for 7 years before it can be securely destroyed. (Please note this legally overrides your right to have your data deleted).
- In the case of a child under 13, records will be kept for 7 years after they reach the age of majority (18). After this date, all data will be securely deleted.
- You may ask me to correct or remove information that you think is inaccurate.