PRIVACY POLICY
Privacy Notice and Data Protection
1. At your appointment, you will be asked to sign to say that you have read, understand and agree to this Privacy Notice which applies to this site and all services provided by THRIVE Infant Wellbeing Service
2. THRIVE Infant Wellbeing Service will only ever use, share and hold your personal information for the purposes of insurance and for providing care to the parent-baby dyad. It is a legal requirement for your health records to be kept for 25 years post last contact after which, the records will be securely destroyed. The information held includes the health questionnaire, the tongue tie assessment, your consent form, any other relevant forms related to the procedure, follow up communications and anonymised photos for training purposes, audit etc.
3. Your information is not stored online, and is not passed on to third parties, and you will not be subscribed to mailing lists. None of the information will be used for marketing purposes unless explicit consent is gained.
4. We use cookies on our website to improve your experience, understand how you use our website and so that we recognize and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
5. You can set your browser not to accept cookies, however, in a few cases, some of our website features may not function as a result.
6. Your infant's anonymised information and/or photographs may be used for auditing, teaching or research purposes. Photographs taken or received are saved on a password protected device before being transferred to an encrypted device along with your health record.
7. Paper records are transported securely to and from the clinic in a locked document carrier in the locked boot of a vehicle. They will be scanned and saved as PDF documents at the earliest opportunity following which they will be shredded in a cross cut shredder.
8. All electronic records will be stored on an encrypted password protected storage device that is not connected to the internet and is kept in a locked safe which in turn is secured in a further locked cabinet. All electronic devices used have anti-virus/spyware protection in place.
9. Should your GP need to be informed of any treatment/procedure undertaken, identifiable data and information from your consultation is included on a letter which will be given to you prior to leaving the clinic for you to hand deliver to your GP.
10. For payment for services, no personal banking details are held by THRIVE Infant Wellbeing Service.
11. Copies of your records are available on request and can be collected in person within 10 working days of the request being received. Upon collection you will be required to provide identification (child’s red health care book, NHS number, proof of address, date of birth) and a signature.
12. Measures are in place to allow you to access your records should I have ceased trading. You would need to contact the ICO to trace the appointed data controller: stating business name: ‘THRIVE Infant Wellbeing Service’ and Registration number: ZB315353. That will give you the details of who to contact.
13. In the event of your practitioner suffering a critical illness or death, a third-party person would need to access your personal information. This person may take some time to gain legal authority to do so which may result in a delay making contact with you.
14. Should I have concerns relating to the welfare of an infant or adult I believe to be "at risk" to self or others, safeguarding concerns or health complications out of my sphere of practice, I may contact other professionals for additional intervention, thus breaching confidentiality. This may include the GP, Health Visitor, Social Worker or Police.
15. The GDPR (General Data Protection Regulations) enhances and replaces the current Data Protection Regulations as of 2018. Anyone who holds personal data of any EU citizen through personal identifiable records and mailing lists are obliged to comply.
16. Complaints in relation to a breach in data collection or record keeping should be forwarded to the Information Commissioner’s Office (ICO) at www.ico.org,uk Telephone: 0303 123 1113
Head Office,
Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow
Cheshire,
SK9 5AF
What are your data protection rights?
Our company would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request our company for copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that our company correct any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete.
The right to erasure – You have the right to request that our company erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that our company restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our company’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that our company transfer the data that we have collected to another organization, or directly to you, under certain conditions.