Name: Simon Lindsay Dickson trading as Stirling Massage Clinic
ICO Reference Number: ZA363516
Date Created/Updated: 15.5.18
WHY THE INFORMATION IS REQUIRED
The lawful basis for Stirling Massage Clinic processing client data is:-
- consent or contract for personal data
- the fact that the processing of the special category of personal data is necessary for the provision of healthcare
- there is also a legitimate interest in retention of records as detailed in ‘ How long is the personal information held for’ below.
In order to provide an effective and safe massage therapy treatment, I require information about your current health and your medical history. This information is used only to provide you with the best possible course of treatment and advises.
I also require your contact details to arrange appointment times with you
As a registered massage therapist with the SMTO (Scottish Massage Therapists Organisation) I abide by these associations codes of conduct and confidentiality requirements.
WHERE THE INFORMATION IS GATHERED FROM
Stirling Massage Clinic may collect personal information from:
- Email or Text messages sent from individuals to Stirling Massage Clinic
- Discussions with clients during the consultation process and during subsequent treatments
WHAT INFORMATION IS HELD
Stirling Massage Clinic may collect the following personal information:
- Name, title and date of birth
- Contact information including email address, telephone numbers and home address
- Emergency contact or next of kin details
- Medical history and other health related information provided on the consultation form and discussed during the first and subsequent treatments
- Treatment detail and assessment notes which will be recorded after each massage session
- Follow up information which may be discussed with you by phone email or text after your treatment
- Diarised records of appointment times
WHAT IS DONE WITH THE INFORMATION GATHERED
Stirling Massage Clinic requires this information to assess your massage treatment requirements and provide you with a safe and effective massage therapy. Additionally the information is used to refer to at subsequent treatments in order to assess levels of improvement.
The information may be shared with another Massage Therapist or with another health practitioner should you be referred to one of these by Stirling Massage Clinic. This will only be done with your consent. Your information will not be shared with anyone else (other than required for legal process) without explaining the reason why this is necessary and obtaining your explicit consent.
The contact information you provide may be used by Stirling Massage Clinic to contact you in relation to appointment times or dialogue regarding your treatment plan.
HOW LONG IS THE INFORMATION HELD FOR
Stirling Massage Clinic will hold clients records for 7 years from the date of the clients last visit or, if the client is a child, until his or her 25th birthday if the client was 17 when the treatment ended.
This means there is a ‘ legitimate interest’ in retaining records for this period
Records are required additionally for professional indemnity insurance purposes which also represents a legitimate interest.
Your data will not be transferred without your consent.
Disposal of Data: Once per year, Stirling Massage Clinic will review all client records and destroy any records that are no longer bound by the regulated legal timescale for such records to be held.
Stirling Massage Clinic is committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, suitable physical, electronic and managerial procedures have been put in place to safeguard and secure the information that is collected both online and on paper.
The health information gathered is held on paper Consultation forms and treatment notes and is stored securely in a locked filing cabinet. None of this information other than your name, phone number and/or email address is held electronically.
Contact details including telephone numbers and email addresses are held on a password protected telephone and personal computer.
A back up document is held of client names and contact details (name, email and telephone number).
In the event of a data breach which consists of a breach of security leading to destruction, loss, alteration, unauthorised disclosure of or access to personal data, Stirling Massage Clinic understands ICO have to be notified where it is likely to result in a risk to the rights and freedoms of individuals. In the event of such a breach, Stirling Massage Clinic will notify those concerned directly and without delay. Records of personal data breaches will be maintained in any case.
The GDPR May 18 gives an individual:-
- The right to be informed as to how personal information will be both used and held. This is contained within this document.
- The right to rectification if there is something incorrect or incomplete.
- The right to have information deleted
- The right to limit how the information is used or shared
- The right to portability. Under certain circumstances a copy of electronically held information can be requested so it can be reused in other systems
- The right to object if there are certain parts of an individual’s information that they do not want used or to be used only for certain purposes
- Rights in relation to automated decision-making and profiling
- The right to lodge a complaint with the Information Commissioner’s Office. An individual can complain to the ICO if the individual feels the information held is incorrect or not being used in the permission was granted or if information is being held unnecessarily.
Full details of individual’s rights can be held at:
- Should an individual wish to exercise these rights, the contact details at the start of the document should be used. In the event that an individual is dissatisfied with the response, then a complaint can be made to the Information Commissioner’s Office at www.ico.org.uk
If an individual does not agree to Stirling Massage Clinic keeping records of information about an individual and treatment records then it may not be possible to provide the therapy.
Additionally, massage therapists have to keep records of treatment for a specific period of time as described above which may mean that even if you ask for information to be erased, they might be bound to keep these details until the period has elapsed.
Last updated: 20/5/18
What are cookies
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognise you and make your next visit easier and the Service more useful to you.
Cookies can be “persistent” or “session” cookies.
When you use and access the Service, we may place a number of cookies files in your web browser.
We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:
– Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.
In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.
What are your choices regarding cookies
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
Where can your find more information about cookies
You can learn more about cookies and the following third-party websites:
- AllAboutCookies: http://www.allaboutcookies.org/
- Network Advertising Initiative: http://www.networkadvertising.org/
CONTROLLING YOUR PERSONAL INFORMATION
You may choose to restrict the collection or use of your personal information in the following ways:
- whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you agreeing to the information to be used
- If you have previously agreed to us using your personal information you can change your mind at any time by writing to or emailing us at
Stirling Massage Clinic will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you information about third parties which we think you may find interesting if you tell us that you wish this to happen.