Escape to Shanti is the name of my business as an Holistic Therapist. I want to ensure that your personal information is accurate, held securely and kept for only as long as is required. This data privacy statement explains how I use any personal information I collect about you when you come to me for an holistic treatment.
What information do I collect about you, why do I collect it and how do I use it?
I collect personal and lifestyle information as well as your medical history at your first appointment and, more briefly, at each further appointment. This is to ensure that it is medically safe for you to receive treatment and enables me to offer you the best treatment possible to suit your individual circumstances.
After every appointment I create a treatment record summarising what I did during that treatment. I will refer back to this information to inform my treatment plan at future appointments.
I collect contact details in order to be able to contact you by telephone/text message/email. This could be for appointment reminders, to send any information regarding your appointment, in the event that I need to cancel or postpone a treatment, and to be able to follow up with you after a treatment if necessary. In some cases, if you have contacted me via Facebook I may use this for these purposes.
Once or twice a year I may send you a card, possibly including a special offer or discount voucher.
I do not currently send out marketing materials either by text, email or post except as indicated above.
I do not pass your information on to anyone else except in the case of a medical emergency or if required by law including Coronavirus Track and Trace.
Your information will not be sold to anyone else.
How is your information stored?
I keep your information in paper and/or electronic form. Your consultation form and any additional forms and papers are kept in a locked filing cabinet away from my treatment room. Electronic records are securely held and password protected. Where I use external providers of e.g. digital forms these providers are chosen because they offer a high level of GDPR compliance and security. Any data due to contact/dialogue via e.g. email/Facebook is held by those providers and subject to their GDPR and security regulations.
If I usually contact you by telephone, and you normally contact me that way, your contact number may be stored in my phone. My mobile phone is password/PIN protected.
How long will I keep your information?
I will keep your information as long as I am legally required to do so. I am required to keep your information for a minimum of 10 years after your last treatment for insurance purposes. For anyone under 18, I am required to keep your records for a minimum of 10 years after your 18th birthday.
Access to your information and correction
You have a right to request a copy of the information I hold about you. If you would like a copy of some or all of your personal information please contact me.
I want to ensure that your personal information is correct. You may contact me at any time to ask me to correct or remove any incorrect information.
How to contact me: To contact me about anything in this data privacy statement please use the contact information.
