Corinna Mainberger, 18 Spillman's Road, Rodborough, Stroud, Gloucestershire GL5 3ND.
www.naturopathy-outsidethebox.com / email@example.com
It is important that the contact information I hold about you is accurate and up to date. If you would like to make any changes to your contact information, you can do so by emailing me.
2. How I use your personal data
Set out below is a description of the ways I use your personal data and the legal grounds on which I will process such data.
|Purpose or Activity||Type of data||Legal basis for processing|
|To register you as a new patient, which may include sharing your contact details with Helios Clinic.||(a) Identity (b) Contact||Performance of a contract with you|
|To send you a follow-up email with regard to the naturopathic consultation.||(a) Identity (b) Contact (c) Treatment details including personal supplement protocol||Performance of a contract with you|
|I may instruct a third party to send you products, remedies or printed information, in which case I will share your contact details with them to enable delivery.||(a) Identity (b) Contact||Performance of a contract with you|
If you are not happy with any aspect of how I collect and use your data, please do let me know so that I can try to resolve the concern for you – firstname.lastname@example.org. Alternatively, you have the right to report your concern to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
You will not receive any marketing communications from me.
I will never share your personal data with any third party for marketing purposes.
3. Disclosures of your personal data
I may share your personal data with the parties set out below:
- Helios Clinic in order to arrange appointments.
- Payment processors.
- Suppliers of supplements who need your address in order to arrange delivery.
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
4. Data security
I have security measures in place to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, I limit access to your personal data to third parties who have a business need to know such data. They will only process your personal data on my instructions and they are subject to a duty of confidentiality.
I have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where I am legally required to do so.
5. Data retention
I will only retain your personal data for as long as necessary to fulfil the purposes I collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
By law, for tax purposes, I have to keep basic information about my patients (including Contact, Identity, Payment and Transaction Data) for seven years. Payment and Transactional Data are held by payment processors rather than me. I do not take or retain any financial information, except for my invoices.
You can ask me to delete the personal data that I hold about you at any time by emailing me email@example.com. Please see your legal rights below for further information.
6. Your legal rights
Under data protection law, you have the following rights in relation to your personal data:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
You can see more about these rights at:
If you wish to exercise any of the rights set out above, please email me at firstname.lastname@example.org.
I will respond to all requests within one month.