Privacy policy

Our contact details

Name: Sally Bramley

Address:  Copse Sene, Little Rissington, Cheltenham, England, GL54 2NA

E-mail: sally@drsallybramley.com

Website: https://drsallybramley.com/

 

This Privacy Policy was last updated on 21st December 2022.

 

The type of personal information we may collect:

We may collect the following Data, which includes personal Data, from you:

a.   Name;

b.   Date of birth;

c.   Gender;

d.   Contact information such as email addresses, home address and telephone numbers;

e.   Details of your GP and NHS number;

f.   IP address, web browser type and version, operating system (automatically collected);

g.   Details of services (e.g. your health plan) and/or treatment you have received from us or which have been received from a third party (e.g. NHS) and referred on to us;

h.  Personal health information such as biometric data, blood test results, lifestyle, nutrition, medical history, and other results from intake forms;

i.   Credit and debit card details (sort code and account number) if paying via instalments;

j.   Records of correspondence between us. This includes text messages, emails, notes made by the practitioner during consultations and related to your health plan, the result of the treatment and any aftercare instructions; 

k.   Metrics to track engagement on our website and newsletter. This might include your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

l.   The name and contact details (including phone number) of your next of kin

m. Details of referrals, quotes and other contact and correspondence we may have had with you;

n. Information obtained from customer surveys, promotions and competitions that you have entered or taken part in;

o. Information about complaints and incidents; and

Where you have named someone as your next of kin and provided us with personal data about that individual, it is your responsibility to ensure that that individual is aware of and accepts the terms of this Privacy Policy.

The data that we request from you may include sensitive personal data. This includes information that relates to mental or physical health or racial or ethnic origin. By providing us with sensitive personal data, you give us your explicit consent to process this sensitive personal data for the purposes set out in this Privacy Policy.

How we get the personal information and why we have it:

  • Data that is given to us by you

 

  1. When you contact us through the Website, by telephone, e-mail or through any other means;

  2. Through your completed intake form(s) or information you provide during consultations;

  3. Through the signed Client Contract;

  4. When you complete health questionnaires and intake forms that we use for your health plan;

  5. When you make payments to us;

  6. When you elect to receive marketing communications from us;

  7. When you use our services or enquire about our services; and

  8. When you submit information via Typeform

  9. When you fill in a form or survey from us or participate in a competition or promotion or other marketing activity. 

  • Data that is received from third parties

  1. Blood test results from Geneva Diagnostics and other Functional Medicine laboratories; and

  2. We may obtain sensitive information from other healthcare providers.  The provision of this information is subject to you giving us your express consent. If we do not receive this consent from you, we will not be able to coordinate your healthcare with that provided by other providers which means the healthcare provided by us may be less effective.

  • Data that is collected automatically

  1. We automatically collect some information about your visit to the website (via Google Analytics). This information helps us to make improvements to website content and navigation, and includes your IP address, the date, times and frequency with which you access the website and the way you use and interact with its content;

  2. We automatically collect some information about your consumption of our newsletter. This information helps us to tailor and make improvements to the content and relevance of the newsletter, and includes (but is not limited to) the dates you have subscribed and unsubscribed from our newsletter, links opened, and frequency of opening our emails; and

  3. We will collect your data automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, see our website terms of use. 


How we use the information that you have given us:

Name, Date of Birth, Gender

  • The provision of health services or treatments to you, and to ensure on-going best standards of care in the delivery of our service.

Contact information such as email addresses, home address and telephone numbers

  • Send test results or correspondence (related to the service you have contracted for) to your home address

  • To hold consultations over the phone, or correspond about appointments or other services we provide.

  • Notify you about key changes to our services

  • Provide you with information about services we offer that we feel may interest you if you have opted in to receive marketing communications electronically (consent-based)

Details of your GP and NHS number

  • Share with your GP any relevant health information (with your written consent)

IP address, web browser type and version, operating system (automatically collected)

  • To ensure that content from any of our websites is presented in the most effective manner for you and for your computer.

Details of services and/or treatment you have received from us (e.g. your health plan, your record of appointments) or which have been received from a third party (e.g. NHS) and referred on to us

  • To process potential future formal complaints.

  • Respond to requests where we have a legal or regulatory obligation to do so

  • Assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise, so that these can be properly investigated

  • Support your doctor or other healthcare professional

Personal health information such as biometric data, blood test results, lifestyle, nutrition, medical history, and other results from intake forms

  • To tailor the provision of our services or treatments to you, and to ensure on-going best standards of care in the delivery of our service.

Credit and debit card details (sort code and account number) if paying via instalments

  • Process payments for the fulfilment of any orders by you.

Records of correspondence between us. This includes text messages, emails, notes made by the practitioner during consultations and related to your health plan

  • Provide you with on-going best standards of care in the delivery of our service.

  • Check the accuracy of information about you and the quality of your treatment or care, including auditing medical and billing information for insurance claims as well as part of any claims or litigation process

Metrics to track engagement on our website and newsletter through cookies, google analytics and newsletter provider.

  • Provide educational and informative material in our newsletters, relevant offers and new services. 

  • Provide you with the best possible service and experience when using our Website, in which case, the legal basis for holding the data that is collected automatically is your consent.

Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws, clinical records retention periods and clinical confidentiality guidelines.

Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with UK laws and guidelines of professional bodies or for the purpose of clinical audits (unless you object). Further details on how we use health related personal data are given below. We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it. Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.

We may share this information with:

  • Other providers involved in your care, including, but not limited to, your GP with your written consent.

  • Any relevant authorities without your consent if the disclosure is mandated by law, for example by court order, for reporting fitness (to drive, fly), for reporting abuse or risk to life, and for any required insurance claims or billing.

  • Partner laboratories that may be involved in the delivery of the service (e.g. blood testing)

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

  • Your consent. You are able to remove your consent at any time. You can do this by contacting sally@drsallybramley.com

  • We have a contractual obligation.

  • We have a legal obligation.

  • We have a legitimate interest.

 

How we store your personal information:

All information you provide to us is stored securely. Any payment transactions will be processed securely by third party payment processors or by direct bank transfer (Monzo).

Your information (including details of your treatment plan, intake forms, and consultations) are collected via Typeform and will be transferred and stored on Google Drive, along with records from your sessions, including updated plans or recommendations made to you. These health documents are anonymised and stored separately from your personal details (i.e. name, date of birth and address).

We keep your information for 7 years after the date of your final session and we will then permanently dispose of your information. 

Whether you are visiting our website or our clinic, we use reasonable security measures to protect the confidentiality of personal information under our control and appropriately limit access to it. We use a variety of information security measures to protect your online transactions with us. We have taken reasonable steps to ensure the integrity and confidentiality of personally identifiable information that you may provide. You should understand, however, that electronic transmissions via the Internet are not necessarily secure from interception, and so we cannot absolutely guarantee the security or confidentiality of such transmissions.


Your data protection rights:

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at  sally@drsallybramley.com if you wish to make a request.

 

How to complain:

If you have any concerns about our use of your personal information, you can make a complaint to us at sally@drsallybramley.com

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:       

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113


ICO website: https://www.ico.org.uk