The policy is effective as from 25th May 2018.
Why NutrEat collects your data?
NutrEat collects your data because you give them consent to do so, in order to provide independent dietetic service to you.
What NutrEat collects?
NutrEat may collect the following information:
Information relating to the new patient registration form
Information regarding your health and eating habits provided by you during the consultation
Further clinical information provided by reports from other health care professionals
What NutrEat does with the information she gathers?
NutrEat requires this information for the purpose of:
Providing you with a dietetic service that is tailored to you.
Professional clinical record keeping of client information
Sharing information on a need to know basis with relevant health professionals, including GPs, in line with GDPR and the British Dietitian’s Association code of ethics.
Security and sharing your personal information
NutrEat is committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place standard operating procedures to safeguard and secure the information we collect.
Where necessary or required, and with your consent, information may be shared with:
other healthcare professionals
your family, friends or other representatives
Communication may be facilitated by post, email, phone (from a private location), or using your private health insurance company’s secure online facility to process your bill, send reports, or communicate about anything pertaining to your treatment or payments. Depending on your preferences we may also communicate over text, although this would be kept to basic communications such as setting up or changing appointment times. If you have sessions over FaceTime, or Skype, this also counts as a method of sharing information.
Controlling your personal information
NutrEat will not distribute, sell or lease your personal information to third parties unless she has your explicit permission to do so or are required by law to do so.
You may request details of personal information which we hold about you under the General Data Protection Regulation (GDPR). If you would like a copy of the information held for you, please contact us at firstname.lastname@example.org.
If you believe the information, we hold is incorrect or incomplete, please email or write to us as soon as possible and we will promptly correct any information deemed to be incorrect.
How you can withdraw and request to be deleted from our files?
Under the GDPR, you have the right to ask for the information held about you to be deleted. However, this must be balanced against the requirements of the Department of Health’s legal and statutory requirement that information is kept for eight years. After that time your information will be delete
Should you wish to put in a request to have your information deleted please contact Penny Vlachou at email@example.com/ 07715405307. Should you have any queries in relation to General Data Protection Regulation (GDPR) here are the contact details of our Data Controller: Penny Vlachou at firstname.lastname@example.org.