DR NORTH AESTHETICS PRIVACY POLICY…
In accordance with the commencement of GDPR legislation and to ensure complete transparency with our patients, the following information outlines our data collection and protection policy. If you have any further questions please do not hesitate to contact us at leicesteraesthetics@gmail.com.
· Dr North Aesthetics collects and holds its patients medical data through the leading digital Facesplatform. accessible only by Dr North Staff. More information can be found here https://www.faces.com/.
· Patients sign a waiver at the point of treatment, consenting to Dr North Aesthetics storing their data, for medical and treatment purposes.
· Patients medical data, both of ‘legitimate interest’ and ‘vital interest’, is held for the purpose of delivering a first class, medically sound aesthetics service, and all patient and medical records are kept in accordance with GDPR.
- Legitimate interest data – refers to information we hold such as your medical history, which we would need to refer to in the rare case you may present with a complication.
- Vital interest data – refers to data that is necessary to hold, to protect your life. This may include things like allergies to certain products or ingredients that are used in treatments.
· Dr North Aesthetics does not conduct marketing exercises to its patient data base, there are no email newsletters or third party campaigns. Email and phone numbers are stored so that we can easily communicate with you for follow ups, appointment booking, cancellations and where necessary the sending of procedural documentation, quotes and invoices.
· Dr North Aesthetics stores personal data in three places:
- A google docs spread sheet which is linked to the contact us form on our website. It solicits name and email information upon enquiry of a free consultation.
- This information is password protected and accessible only by the business owners, it is regularly updated monitored and cleaned by the Business Director.
- Faces – a secure encrypted cloud-based solution that stores patient medical data and images. See above link for more info.
- Business Mobile Phone/iPad – Client contact details are stored for the purposes of communicating with existing patients. Communications include follow ups, appointment booking, cancellations and the sending of procedural documentation, quotes, invoices and anything relevant to providing you with the best possible service.
- At any point you have the right to request access to all the data we hold, it is our obligation to respond to this request within 30 days. To request data you can email leicesteraesthetics@gmail.com asking to see your records.
- If you would like us to erase your data, again please do not hesitate to contact us via leicesteraesthetics@gmail.com requesting us to do so. In this instance we are obliged to delete email addressed and contact details, and we will comply within 30 days. There are however existing medical legislations, that supersede GDPR compliance and in some cases we may be required to hold certain medical information for longer periods including insurance purposes for up to 10 years and/or more.
- In the extremely unlikely event of a data breach Dr North Aesthetics is required to notify you of the breach within 30 days.
If you have any further questions about the data we hold, please do not hesitate to get in touch by contacting us on email leicesteraesthetics@gmail.com or calling/contacting the business number found on https://drnorth.co.uk.