General Data Protection Regulation (GDPR) Statement
Your privacy and personal data are important. I will only use your personal data to provide the service you have requested and store it carefully.
GDPR requires me to clearly inform you how I use, store and destroy your personal data. Here goes …
At your first appointment, I collect personal data on your Client Registration Form.
I use your name, address and date of birth to identify you. I use elements of these to create a client code so that my accounts, on-line calendar and electronic client database do not contain your name. The reference file which links your name and client code is password protected and held on a local drive and backed up to a USB stick which is kept in a locked cabinet.
I use your phone number and/or email address to contact you about your appointments and treatment. Please be aware when you contact me via email or text, I cannot guarantee the security of information.
I also enter your name and email address into an online mailing tool which allows me to send an approximately monthly newsletter. I would like to keep you up to date with e.g. training, useful info & availability but you can opt out of this at any time. Mailchimp’s privacy statement is here
Medical, health and lifestyle information are all used to ensure I give you a safe and appropriate treatment.
Client Registration forms and treatment records are all kept in paper format in a locked cabinet.
After 7 years, forms & records will be shredded and electronic records deleted. If, during treatment, the client is under 18 or there is litigation involved with the injury, records may be kept indefinitely according to the guidelines of my professional body, Scottish Massage Therapists’ Organisation (SMTO)
Still awake? You’ve got to the end and are obviously careful with your personal data, so any questions/comments, please get in touch. Thanks, Helen.