Privacy Policy
We understand we have a responsibility to respect and protect your privacy and look after your personal information.
This policy explains what information we collect, how we use it, the reasons for this, why we might ned to disclose your personal data to others and how we store your data securely.
Contact Details:
Name: Dr Sarah Mills
Address: Collingwood Buildings, 38 Collingwood Street, Newcastle upon Tyne, Tyne and Wear, NE1 1JF
Phone Number: 0191 2457813
E-mail: enquiries@drsarahmills.co.uk
Date of policy: 14/08/2024
We may perform the roles of data controller and data processor for your personal data whilst working with your information.
The law states we are only able to process personal data if we have a valid reason to do so, these include, but are not limited to: with your consent, performance of a contract, billing, for your vital interests or to contact you.
The type of personal information we collect:
We currently collect and process the following information:
Personal identifiers, contacts and characteristics (for example: name and contact details for child and parents)
Information about Professionals known to your child
The concerns you have about health and wellbeing
Medical information
Payment information
Wider family history
How we get the personal information and why we have it:
Most of the personal information we process is provided to us directly by you.
We also receive personal information indirectly, for example, from the following sources in the following scenarios:
Through referral or reports from another professional e.g. GP or school with your consent
We use the information that you have given us in order to:
To identify you and accounts you hold
To provide you with information and services
To comply with the contractual obligations with have with you
To process orders you have submitted to us
To administer accounts, process payments, to monitor billing and payments.
To detect fraud and ensure information held is correct
To carry out marketing and statistical analysis
To notify you about changes to our services and website, or to provide you with information about products which may interest you, where you have given consent for such communications
We may share this information with other health professionals, education or safeguarding agencies. This is when assessments are being collated by a number of professionals or there are safeguarding concerns, following our statuary duties.
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent.
You are able to remove your consent at any time. You can do this by contacting: admin@drsarahmills.co.uk
(b) We have a contractual obligation
This is to carry out assessments you have requested
(c) We have a legitimate interest
We use your data only in ways you would reasonably expect us to. We would never sell, or pass your data to a third party without your explicit consent. When processing personal information we alway ensure your data is respected and protected and especially that of your children.
How we store your personal information
Your information is securely stored. We follow ISO standards to store and protect the data we collect, including the use of encryption where available. Your data may be transferred to and stored in a country outside the EEA in relation to provision of services. The laws in these countries may not provide the same protection. However, any third party involved has agreed to abide by European levels of protection in respect of data transfer, processing and storage.
Data is stored through Secure Cloud based servers for:
Website: https://www.squarespace.com/privacy
clinic software: ClinicYou, their privacy policy is available at: https://clinicyou.co.uk/security.
Third party referrals are shared through Google drive, privacy policy available at: https://policies.google.com/privacy?hl=en-GB&fg=1
When personal information (such as demographics or payments details) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol. However, when data is being transmitted to us we cannot guarantee the security of this data before it reaches us, this is done at your own risk.
We keep the personal data we hold on you only for the period of time necessary. For example, the time period we are working with you, for 7 years following discharge (in adults) or until the child is 25 (Following legal obligations and allowing the child to access that data once an adult).
We will then dispose your information by erasure from our servers and data files. Unidentifiable data may be retained as part of service analysis to modify and improve our services.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at admin@drsarahmills.co.uk if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at feedback@drsarahmills.co.uk or in writing to:
Collingwood Buildings
38 Collingwood Street
Newcastle upon Tyne
Tyne and Wear
NE1 1JF
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk/