Privacy policy

OUR COMMITMENT

We are committed to protecting your privacy and the privacy of our website visitors. Any information collected will be used in accordance with the General Data Protection Regulation, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003. Information gathered will not be shared with any third-party companies for direct marketing.

The purpose of this notice is to inform you (data subjects) of what personal data we collect about you that is in line with the requirements of GDPR.

HOW WE COLLECT DATA

Restoration Institute will generally only receive personal data from the individual concerned directly in the course of conducting business. This may be in person, via email, web form or telephone.

THE DATA WE COLLECT

In the course of our business, Restoration Institute will collect certain types of personal data, which will include:

  • Names, addresses, telephone numbers, email addresses, and other contact details (telephone calls may also be recorded for training purposes).

  • Financial information, which could include bank details and credit card details.

  • Information supplied in the medical questionnaire about a person’s health and relevant medical conditions that could affect the suitability of treatments.

  • Still images of clients during treatment (to assess before and after) and any video captured by the CCTV security system installed on the premises.

  • Technical information such as cookies, IP address, browser type, etc., when you visit our website.

  • For any disclosure of information of another person, you must have the full consent of the person to disclose and process their personal information in accordance with this policy.

WHY WE PROCESS YOUR PERSONAL DATA

During the course of our business, we need to process a wide range of personal data, and we will only do so in accordance with the law. Some of this is done to fulfil the Restoration Institute’s legal obligations, including those related to its employees, or contractual obligations, such as those to its insurers. In other cases, we will process data where it is in our legitimate interest, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

Restoration Institute believes the following use will fall within the category of legitimate interest:

  • For the purpose of recommending and providing treatments & products

  • For the purpose of providing information on pre-and aftercare before and following treatment.

  • For the purpose of confirmation and reminding individuals of appointments via email & text messages.

  • For the purpose of security to protect our websites, infrastructure and premises from attacks or threats and to report any illegal activities.

Given that we need to collect health information, which is classed as a special category of personal data, we need to identify a specific condition under Article 9. The condition on which we rely is that processing is necessary for the purposes of providing health care or treatment.

WHO HAS ACCESS TO DATA & WHO WE SHARE IT WITH

Personal information gathered will not be shared with any third-party companies for direct marketing. Usually, personal data collected will remain within Restoration Institute and be processed by appropriate employees. Some processing is conducted by third parties, such as website developers and cloud storage providers, but it is always kept securely and only processed with the directions of the Restoration Institute.

On occasion, we will need to share personal information with third parties such as banks, lawyers, insurers, accountants, or government authorities, such as HRMC, if you are an employee, to meet our legal obligations or for contractual reasons.

HOW LONG WE KEEP PERSONAL DATA

We are committed to complying with our legal obligation to retain and delete personal information. The type of data and the purpose for collection will determine how long Restoration Institute will retain your data. We will not process your personal information for purposes longer than necessary.

Our insurers require the Restoration Institute to keep Client records, including medical data, images, and treatment data, for ten years from the date of your last treatment, after which they will be securely disposed of.

Financial and accounting records will be kept for six years from the end of the last company financial year they relate to or longer if the tax return was late or if HMRC requests it.

Your Rights As A Data Subject At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access—You have the right to request a copy of the information that we hold about you.

  • Right of rectification—You have a right to correct inaccurate or incomplete data that we hold about you.

  • Right to be forgotten – In certain circumstances, you can ask for the data we hold about you to be erased from our records.

  • Right to the restriction of processing – where certain conditions apply to have a right to restrict the processing. Right of portability – you have the right to have the data we hold about you transferred to another organisation.

  • Right to object— You have the right to object to certain types of processing, such as direct marketing.

  • Right to object to automated processing, including profiling – You also have the right to be subject to the legal effects of automated processing or profiling.

  • Right to judicial review - If Restoration Institute refuses your request under rights of access, we will explain why. You have the right to complain.

THIS PRIVACY NOTICE

Restoration Institute will update this privacy notice from time to time. Our website will be updated when necessary to reflect the most recent and up-to-date copy of this notice. Please check the Privacy Policy page occasionally to ensure that you are happy with the changes.

COMPLAINTS

If you believe we have not complied with our privacy notice, you may complain to the Information Commissioner’s Office (ICO). However, as recommended by the ICO, please allow Restoration Institute the opportunity to resolve the matter before involving the regulator.

All queries and complaints in the first instance should be directed by email info@riclinic.co.uk