Purpose of document: This privacy document details how we gather and use your personal information inline with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). It also provides information on your choices surrounding this data.
What kind of data we gather: ‘personally identifiable information’ is information that could be used to identify or contact you. This is the type of information that we may request from you.
This may include:
– First and last name
– Full postal and email address
– Telephone number
– Cookies and usage data
We will also need to collect video of yourself and your child, which is necessary for therapy delivery.
What we will do: We are dedicated to the protection of our clients’ personal information. We endeavour to maintain the privacy and protection of your data. Our processing and handling of your data is bound lawfully under section 6 of the GDPR within the realms of ‘legitimate interest’. We deem it necessary to process a client’s personal information as without it our service delivery would be negatively affected. As such, this data is of benefit to our client.
Where we will store the data: The team use safe, password encrypted laptops for temporary storage of any electronic data associated with a therapy session we have recently delivered. This information will then be safely transferred to secure GDPR compliant cloud based storage or an encrypted, password-protected external hard-drive.
Data security: It is important to note that, although we treat the security of our clients’ data seriously, no transfer method online or via external storage can be guaranteed to be 100% secure.
You have a right: To ask us how we intend to use your information and why we gather the data. You also have a right to request access to the data (known as a ‘data subject access request’). Please contact us if you wish for further information on this.
How long do we keep your personal data: We are bound by requirements stipulated by Records Management Code of Practice for Health and Social Care (2016) and our professional bodies; the Royal College of Speech and Language Therapists (RCSLT) and the Health and Care Professions Council (HCPC) regarding retention of client information. It is recommended that information is held until the child’s 25th birthday or 26th birthday if 17 years old once the treatment period ends. This retention period also makes sure ensures compliancy with section 7 of the Data Protection Act 2018; the ‘Right to Access’ (also called ‘Subject Access’) – Once a child reaches adulthood they have a right to access their records.
Updates to this Privacy Policy
If we make occasional updates to our Privacy Policy we will post the new policy on this page to make you aware. To make things clearer, we will re-date the updated policy and notify you via email.
We suggest you review this policy to note any updates. Once updates are listed on this page they become immediately operative.
Contact Us
If you have any questions about this Privacy Policy, please feel free to contact us.
hello@cascade-therapists.co.uk