This privacy policy applies to Foot Sure Podiatry Ltd and describes how and when we collect, use, store and share your personal data. It applies to all personal data collected during your appointment, when purchasing a product from the company, when contacting the company or otherwise use the services provided by the company. The policy covers the collection, processing, and other use of personal data under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA)

​

For the purpose of the GDPR and DPA Naomi Springthorpe is the The Data Controller for Foot Sure Podiatry Ltd. When Foot Sure Podiatry Ltd collect and use your personal data, we must comply with the requirements set out in the GDPR and DPA.

This policy also serves as a privacy notice under the GDPR.

1. Our commitment to data protection

• We recognise that your privacy is important and that we have a responsibility to you when handling your personal data.

• We take appropriate steps and put adequate technical measures in place to protect your personal data against misuse.

• We will never provide your personal data to third parties for their marketing purposes.

• If we plan to make substantial changes to the way we use personal data or the personal data we collect, we will undertake a Data Protection Impact Assessment in accordance with the ICO's guidance.

• We will ensure your personal data is used according to the principles set out in the GDPR and the DPA unless an exemption applies.

2. Information the Company Collects

To aid your treatment or as part of purchasing something from Foot Sure Podiatry Ltd you will normally provide the company with certain information, such as your name, email address, postal address, medical information and payment information. The company will store your information on an electronic patient record and diary system which is fully password protected.

3. Why Foot Sure Podiatry Ltd Needs Your Information and How It Uses It

The company has the legal obligation and legitimate interest to record, process and store patient information in patients medical records as per the regulator The Health and Care Profession Council https://www.hcpc-uk.org/registration/meeting-our-standards/information-on-record-keeping/

​

The company relies on a number of legal basis to collect, use, store and share your personal data, including:

•         Where it is necessary for the purposes of the provision of health care as needed to provide the services of Foot Sure Podiatry Ltd, such as when the practitioner uses your information to fulfil your podiatry assessment and treatment, or to provide customer support;

•         When you have provided your affirmative consent, which you may revoke at any time, such as by signing up to the company’s mailing list;

•         If necessary, to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law.

4. Marketing

From time to time Foot Sure Podiatry Ltd may wish to send you direct marketing material which may include product offers and newsletters. If you are happy for the company to do this, please complete the consent form and indicate in which forms you would like to receive this information.

​

5. Information Sharing and Disclosure

Information relating to patients is extremely important to the business. Foot Sure Podiatry Ltd shares your personal information for very limited reasons and in limited circumstances, as follows;

•         Medical professionals: With your consent the practitioner will share your information with medical professionals such as your GP or consultant to allow continuity of care.

•         Service providers: The company engages certain trusted third parties to perform functions and provide services to the business such as external orthotics services. The practitioner will share your personal information with these third parties, but only to the extent necessary to perform these services.

•         Business transfer: If the company sells or merges the business, it may disclose your information as part of that transaction, only to the extent permitted by law and with your knowledge.

•         Compliance with laws: The practitioner may collect, use, retain, and share your information if legally required to do so.

​

6. Data Retention

Foot Sure Podiatry Ltd retains your personal information only for as long as necessary to provide you with the company’s services and as described in the privacy policy. However, the company may also be required to retain this information to comply with its legal and regulatory obligations, to resolve disputes and to enforce its agreements. The retention of podiatry notes is normally 8 years after the last appointment. For customers who are not patients but may have bought products from the business the company will keep any data you may have provided for a minimum of 6 years in line with tax legislation.

7. Transfer of Personal Information Outside the EU/EEA

Foot Sure Podiatry Ltd. uses a patient notes system that may store and process your information through third party sub processors that provide infrastructure services. These sub processors include, but are not limited to, cloud-based data storage and cloud-based email delivery services, whose role is to help the company run efficiently. Some of these third parties are based outside of the European Economic Area (EEA) and conduct some of their processing outside of the EEA. As a result, the processing of your personal data may involve a transfer of data outside of the EEA. Prior to engaging any third party Sub processor, the company providing the patient notes system performs diligence to evaluate the privacy, security and confidentiality practices of the sub processors and executes an agreement implementing its applicable obligations. The company also has an additional agreement, Data Processing Addendum (DPA). The DPA includes Standard Contractual Clauses. These are an approved set of provisions which offer sufficient safeguards and protection for data that's processed outside of the EU/EEA.

​

8. Your Rights

You have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. These rights are described below:

•         Access: You have the right to access and receive a copy of the personal information held about you by contacting Foot Sure Podiatry Ltd using the contact information below.

•         Change, restrict, delete: You may also have rights to change, restrict the use of, or delete your personal information. In the case of health records these are normally exempt from change and deletion requests.

•         Object: You can object to (i) the processing of some of your information based on legitimate interests and (ii) receiving marketing messages from Foot Sure Podiatry Ltd after providing your express consent to receive them. In such cases, Foot Sure Podiatry Ltd  will delete your personal information unless the company has compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.

•         Complain: If you wish to raise a concern about the company’s use of your information (and without prejudice to any other rights you may have), you have the right to do so with the Information Commissioner www.ico.org.uk

9. How to Contact

For purposes of the GDPR, Naomi Springthorpe is The Data Controller of your personal information. If you have any enquiries regarding the collection or processing of your data, please send them to:

Naomi Springthorpe MRCPod BSc 

Foot Sure Podiatry Ltd

8 Oak Drive

Brampton

Cambridgeshire

PE28 4FA

Email: naomi@foot-surepodiatry.co.uk

​

10. Third-Party links

Our website contains hyperlinks to third party websites. Clicking on these links may allow third parties to collect and share your personal data. Foot Sure Podiatry Ltd does not control these websites and accepts no responsibility for their privacy policies. We strongly advise you to read the privacy policy of each website that you visit.