At Rotherham Massage Practice we take your personal data very seriously and that’s why we want to let you know why and how we collect and store your personal details in accordance with the GDPR legislation that came into effect on 25th May 2018.
How we collect your data
We collect your data in several ways at Rotherham Massage Practice, as detailed below.
1. In the practice using a printed Client consultation form, further details of all information collected can be found below under the heading ‘What personal data we collect and why’. We then store your name, address, phone number, treatment history and any medical alerts on our premises in a locked and secure place and on our private database that is backed up regularly.
2. Social media – You may contact us via Facebook messenger or other networks and we will reply to your message but we DO NOT GET PAID FOR OR USE YOUR PERSONAL DATA FROM SOCIAL MEDIA.
What personal data we collect and why
When arriving for your appointment at the practice we will ask you to complete a client consultation form. We require the below personal details from you and have given a legal reason why we need these
1. Your full name – So we can address you in the practice and ensure all communication is with the correct person.
2. Age Band but not necessarily the date of birth, to enable us to treat you accordingly.
3. Address – To aid the emergency services in case of an emergency whilst at the practice. If any of your loved ones contact us to send you a gift voucher.
4. Email address if you have chosen to share with us – to send you invoices of any services you have received.
5. Medical history including operations, diseases, disorders – Medical history is crucial to allow us to perform our treatments safely and adhere to the terms of our insurance.
6. Allergies – To ensure nothing we use during a treatment or around you at the practice can cause you harm, irritation or any other complications and to adhere to the terms of our insurance..
7. Medication – Some medication can be a contraindication to treatment or react with products we use or certain treatments. It is essential we know details to protect you the client and adhere to our insurance terms.
8. Treatment history – This is so each therapist can see what and how the last therapist carried out a treatment on you to ensure results are consistent amongst all staff.
9. Your Consent – We require you to read and sign a paragraph that allows us to obtain this information lawfully from you and legally store it in accordance with GDPR.
10. Your Contact preferences. If you do not want to receive our promotions and offers on Facebook or other networks then you simply block or remove us from your friends list or subscription to Rotherham Massage Practice. We do not send e-mails or contact you with promotional offers other than on social media.
11. Your consent to use treatments photos – Some of our treatments involve before and after photos on beauty treatments to aid the client experience and proof of progress/treatment. Sometimes we like to use these on social media and need your permission to do so. We will not upload anything without prior consent.
12. Your signature – To prove it was you that was present in the practice and that you answered all of the above to the best of your knowledge and honestly. That you agree to Rotherham Massage Practice holding your data on our database and on paper form in our secure locked filing cabinets.
How your data is stored
Your
data is in digital and paper form at Rotherham Massage Practice. Paper
copies of consultation forms are stored alphabetically in a locked
filing in a staff only restricted area. Digital information is stored
on the practice computer and back up on a disk which are password
protected.
Electronic devices at Rotherham Massage Practice The mobile phone may contain client phone numbers which is used only for us to confirm or make appointments.
Images from previous
treatments with client permission may be stored are not used for any
marketing purposes other than agreed by the client in their consultation
form. Photos do not contain personal details or clients full face.
How long we hold your personal data for
We
may hold your data for up to 3 years unless you ask us otherwise as we
appreciate some clients visit us weekly whereas some may come yearly.
In order to continue to provide the client with the best service
possible we need these records to see exactly what treatments were
performed, reactions, likes, dislikes, patch tests, products used etc.
Third parties
We
DO NOT sell or share your personal data with anyone. Our computer is
strictly monitored for Management only. No other third party including
our accountant has any client personal data.
Your right to access or changed your mind?
Your
data control officer for Rotherham Massage Practice is Anne Frogson.
In the event of a breach of personal data you will be contacted by the
above mentioned person within 72 hours of discovery.
If at anytime you no longer wish to be on Rotherham Massage Practice database that’s no problem, simply send an email to anne@rotherham-massage-practice.co.uk
and I will personally remove your digital file, however the paper
consultation form will be held under lock and key for a minimum of 3
years for legal and insurance purposes.