Privacy Statement
Confidentiality is an important feature of our working together. The Gentle Man Massage is fully committed to complying with the terms of the General Data Protection Regulation (GDPR) regarding the responsible and secure use of your data. The purpose of this statement is to let you know what personal information we collect and hold, why this data is collected, how long it is kept and what your rights are with regards to this personal data. The Gentle Man Massage will ask you to consent to the processing of your data under the terms of our policy. The Gentle Man Massage will be responsible for the data management, will abide by this privacy statement, and will hold a privacy statement that complies with the GDPR terms.
What information does The Gentle Man Massage collect?
We collect personal data such as name, address, date of birth, gender, GP/medical practitioner details, telephone numbers, and email address. We also collect any data you give us regarding personal and family background, alongside potentially sensitive data relating to medical and mental health conditions.
What does The Gentle Man Massage use your information for?
· To notify you about changes to your appointments and the services we provide.
· To fulfil any administrative, legal, ethical and contractual obligations.
What information does The Gentle Man Massage share?
We will not share any information about you with other organisations or people, except in the following situations:
· Consent – we may share information with relevant medical professionals or others whom you have requested or agreed we may contact.
· Serious harm – we may share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person.
· Compliance with law – we may share information when the law requires us to - i.e. safeguarding, terrorism, drug trafficking and serious crime.
· Supervision & Professional Development – We may share non-identifiable, summary information related to our assessment, clinical reasoning and treatment plan with a professional supervisor.
How does The Gentle Man keep your information safe?
· All information you provide is stored as securely as possible. All reasonable precautions to prevent the loss, misuse or alteration of information given.
· All paper forms and correspondence are kept in locked filing cabinets. All electronic files and communication are kept on password-protected devices.
· Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects, we cannot bear responsibility for all communications being virus free.
· Client notes and other documentation are destroyed seven years after the end of the services offered.
· Any known data breaches will be reported to the ICO within 72 hours.
· Any requests for personal data need to be made through a data subject access request and will be supplied within one month.
Your rights. Under the GDPR, you have the right to:
· Access your personal data - Rectify, erase or restrict your data - Object to the processing of your data - Request transfer of data (data portability).
· You may withdraw your consent for The Gentle Man Massage to hold and process your data at any time.
· If you have any concerns about the way The Gentle Man Massage handles your data please contact gentle.manbtn@gmail.com If you feel this has not been resolved effectively you have the right to contact the Information Commissioners Office (www.ico.org.uk)