Privacy Policy

Privacy and code of ethics

 DATA PROTECTION AND CONFIDENTIALITY

When I work with you, I collect personal information from you to enable me to provide safe and effective therapy. I am bound by two sets of rules in handling this information: the General Data Protection Regulations (GDPR) which came into effect on 25th May 2018, and my professional body’s Code of Ethics. This page will explain how these affect the way I work and will provide detailed information as to when and why I collect your personal information, how I use it and how I keep it secure. GDPR, if you have any questions about this please discuss them with me before you book a session or at our first session together. (I apologise for the length of this policy!)

PROTECTING YOUR PERSONAL INFORMATION
I am the only person who works for my business, Norwich Reflexology with Teresa Coe and I am both the Data Controller and the Data Protection Officer, as defined by the Information Commissioner’s Office (ICO).

My contact details are: Teresa Coe email: info@norwichreflexology,co,uk and telephone: 07811324149

In most cases, the information about you that I collect comes from you, via an email, telephone or during face-to-face sessions. If you are under 18, I may obtain some information from your parents.

I use your personal data in the following ways:
To deliver provide a safe and effective treatment.
To reply to you if you contact me with questions about my services.
To contact you between treatments if necessary.
To allow me to collect payments from you and maintain my records and accounts.

You have no legal requirement to share any information with me, but if you choose not to, unfortunately, I will not be able to treat you.

The categories of data/information I collect includes: your name and contact details, your medical history, lifestyle and the benefits you hope to achieve from your treatment.

Collecting and using your personal information is essential to providing a treatment safely and effectively, and you give me written consent to use your personal data in the ways specified here when you sign my consent form at our first session.

I am the only person who has access to this information unless:
There is a legal requirement for me to share the information (e.g. a court order or warrant is issued)
You ask me in writing to share your information with someone else.
The Duty of Care Provision from my Code of Ethics applies – see the notes about this further down.
I keep the information you give me for 7 years (children until they are 25 years of age) which is the length of time required by my professional body and my insurance company. After this time it is shredded and disposed of securely.
All personal and sensitive data kept by me is held securely in a locked filing case.

You have rights over the information I hold about you. These are:
Portability – you can ask me to send your information to someone else.
Rectification – if you think my records are wrong you can ask me to change them.
Erasure – in some circumstances you can ask me to remove your details from my records (this is sometimes called the ‘right to be forgotten’)
Fair profiling – you can ask that any processes I automate are done by a person instead of a computer. However, I currently don’t automate any information processing.
Right of access – you can have a copy of the information I hold at any time, by requesting it in writing. If you do this it will be provided within 30 days and free of charge.
Restricting processing – in some circumstances you can request that I stop processing your information.
Objection – you can object to the way I process information (e.g. if it is used to send you direct marketing you don’t want to receive) and you can ask me to stop using it in that way. However, I don’t currently use it for marketing purposes.
Information – you have the right to understand how I collect information and process your information (hence this privacy notice).
If you are under 18, I will need permission from a parent or guardian before working with you.

You can withdraw your permission for me to use your information at any time, but unfortunately, this will mean I cannot treat you.
You have a right to complain to the ICO if you have any problem with the way I store or use your data, or if you do not think your rights are being respected.

MY PROFESSIONAL BODY

I am a member of the Association of Reflexologists (AOR); they require me to maintain confidentiality at all times and to obtain the following information from every client and retain it for 7 years in line with GDPR guidelines:

Before the initial treatment:

  1. a)  Name, address, telephone number
  2. b)  Name and Address of GP
  3. c)  Medical history
  4. d)  Dates and details of other relevant treatments
  5. e)  A signature to indicate consent to treatment (see Guideline 4 on obtaining informed consent and the obligations towards minors).

Before every subsequent treatment:

  1. a)  Any reactions after the last treatment
  2. b)  Any changes to presenting condition
  3. c)  Any other changes to general health eg medical conditions, medication, etc
  4. d)  Any changes to lifestyle

For more information on the AOR Code of Practice and Ethics.

https://www.aor.org.uk/wp-content/uploads/2021/03/Code-of-Practice-LF-22-03-2021.pdf

USE OF COOKIES
My website uses cookies to improve the user’s experience while visiting my website. They are used on most major web sites, and are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of my website, but if users wish to block these cookies, they should take necessary steps within their web browser’s security settings.

My website uses tracking software to monitor its visitors, in order to understand how they use it. It will save a cookie to your computer’s hard drive to track and monitor your engagement and usage of the website, but it will not store, save or collect personal information.

CONTACT AND COMMUNICATION
Users contacting me through my website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until such time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure email submission process, but I must advise users that using such forms is at their own risk.

EXTERNAL LINKS
Although this website may include links to other websites of interest, this does not signify that I endorse these websites. Users are advised to adopt a policy of caution before clicking on external links, as I cannot guarantee or verify the contents of any externally linked websites, despite my best efforts. Once you have used a link to leave my site, you should note that I do not have any control over that other website, therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites.

Users should also use caution before clicking on shortened URL links (Uniform Resource Locators), a common system for shortening long URL’s to a length that is more visually pleasing, in order to verify their authenticity before proceeding.

Although I undertake due diligence before including external links, I cannot guarantee or verify the content of them, so users should, therefore, be aware that I cannot be held liable for any damages or implications caused by visiting these links.

SOCIAL MEDIA
Users are advised to use social media platforms wisely, with due care and caution regarding their own privacy and personal details. I will never ask for personal or sensitive information, or passwords through social media, and users wishing to discuss sensitive details should do so through primary communication channels, such as by telephone or email.

Users are advised that using social media sharing buttons is at their own discretion: the social media platform may track and save your request to share a web page through your social media platform account.
To learn more about how individual social media platforms collect, store and use your personal information and other data, I recommend that you read the Privacy Policies published by each respective social media platform.
Norwich Reflexology

This Privacy Policy is under regular review and was last amended on 23 October 2022.

Contact me for a chat

To find out more about Reflexology, and to hear how I can help you, call or email me.