Melisa Jermin, Holistic Health Privacy Policy

 Melisa Jermin, Holistic Health is committed to protecting and respecting your privacy.

It is our policy to collect, process and share the personal data ('data') provided to us by you in order to carry out the services requested by you and any contact in relation to those services only.  Your data will not be used for any purposes other than those explicitly stated in this Privacy Policy or requested by you in your dealings with us.

This Privacy Policy describes how we collect, use, protect, process and share your data when you book appointments with us, either online or directly, and when you communicate with us throughout the process of treatment and at any other time. 

This Privacy Policy does not provide exhaustive detail.  However, we are happy to provide any additional information or explanation needed.  Any requests for this should be sent to Melisa Jermin holistic Health at melisa@melisajermin.com

This Melisa Jermin Holistic Health Privacy Policy does not apply to the information processed by third parties on behalf of Melisa Jermin Holistic Health.  However, we have reviewed their Privacy Policy/ies and are satisfied that they meet the standards set out in the General Data Protection Regulations 2018.

This Privacy Policy was last reviewed on 4 February 2022.

1.  The identity of the data controller

You are hereby informed that the data that you provide is collected, used, protected, processed and shared by Melisa Jermin Holistic Health.

Our Contact Details are:

Address: www.melisajermin.com

Contact: melisa@melisajermin.com

2.  How we collect personal information

We may collect data about our clients, prospective clients and website visitors.

Your data is collected when you browse our website, contact us via email, telephone phone or in person or through our website. 

 Data we collect fall into the following categories:

·         Identification information

·         Contact information

·         Medical information

·         Browsing information

These data are gathered directly from you via online booking and from direct communication with us, i.e. client intake form or email contact.  Browsing history is collected via automated methods.

2.1. The type of Information we collect

We process data you provide directly to us, in particular when you complete a client intake form or book online.

For example, we collect data when you create a booking, use the services, participate in a contest or promotion, register for an event or an online course or otherwise communicate with us.

The data may include the following data as well as any other type of information that we specifically request you to provide to us through our client intake forms, such as:

·         Identity information – This is information such as your name, date of birth, marital status, next of kin.

·         Contact information – This is information such as your address, email address, telephone numbers

·         Marketing information – This is information relating to your marketing and communication preferences.

·         Medical information – This is information such as doctor’s details, Medical history, Medical red flag(s), treatment notes.

·         Account information – This relates to payment information for payments made to us for services received. This includes  the payment amount and date made and method of payment such as credit or debit card or bank account details

·         Website, device and technical information (see 2.2 below).

The information we collect will vary, depending on the relationship we hold with you.

2.2. Data we collect automatically when you use our online services

When you access or use our online services, we automatically collect the following information about you:

·         Log information:  We log information about your use of the services, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our services.

·         Device information:  We collect information about the computer or mobile device you use to access our services, including the hardware model, operating system and version, unique device identifiers and mobile network information.

·         Location information:  We may, with your consent, collect information about the location of your device each time you access or use one of our mobile applications.  If you initially consent to our collection of location information, you may be able to subsequently stop the collection of these data through your device's operating system settings.  You may also stop our collection of location information by following the standard uninstall process to remove our mobile applications from your device.

 

3.  How and why we use your personal information

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

·         (a) Your consent. You are able to remove your consent at any time. You can do this by contacting melisa@melisajermin.com. If we receive a request from you withdrawing your consent to a specific purpose, we will stop processing your personal information for that purpose, unless we have another legal reason for processing your personal information – in which case, we will confirm that reason to you.

·         (b) We have a contractual obligation.

·         (c) We have a legal obligation.

·         (d) We have a vital interest.

·         (e) We need it to perform a public task.

·         (f) We have a legitimate interest.

We may use information about you for the following purposes:

·         Provide, maintain and improve our services

·         To provide and deliver the service you request, process your transactions and send you related information, including confirmations and invoices

·         Send you technical notices, updates, security alerts and support and administrative messages

·         Respond to your comments, questions and requests, and provide customer service

·         Monitor and analyse trends, usage and activities in connection with our services

·         Personalise and improve the services we provide.

·         To recommend and send communications to you about goods, services, and/or digital content that you may be interested in, if you have consented to receive marketing communications from us.

It is important that you keep your personal information up to date. If any of your personal information changes, please contact us as soon as possible to let us know. If you do not do this, this may prevent us from supplying the services you have requested

 

4.  Information on how and who we may share your personal information with

We may need to share your personal information with other organisations or people. These include the below, for the following reasons

·         We share your data with our IT Service providers and payment providers to help us provide our service, including bookings, financial transactions and booking confirmations.

·         We will seek your express consent before sharing your information with your GP or other healthcare providers.  However, if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests.

·         We may share your case history in an anonymised form with our peers for the purpose of professional development.  This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites.  We will seek your explicit consent before processing your data in this way

·         In response to a request for information if we are required by or believe that disclosure is required by – any applicable law, regulation or legal process, including in connection with lawful requests by law enforcement, national security, or other public authorities.

 

5.  How we store your personal information

Your personal information is stored securely.

We will only hold your personal data for as long as is necessary. How long is necessary will depend upon the purposes for which we collected the personal information. See section 2 for more details.

If you become a client of Melisa Jermin, Holistic Health, following the completion of your healthcare, we retain your personal data for the period defined by our professional association, the Association of Master Herbalists (AMH).  This enables us to process any complaint you may make.  In this case, the legal basis of our holding your personal data is for contract administration

 

6.  Data access

Upon receiving a written request from you seeking access to your data, we will provide either a hard or electronic copy of the data that we hold on you, to be sent by registered post or email, respectively.  This will include exports of the information held about you on our website.  We will provide your data to you within a period of 28 working days from the date that we receive your request.

7.  Data amendments

Upon receiving a request from you to update, correct or amend your personal data held by us, we will make the amendments within a period of 7 working days from the date that we receive your request. 

 

8.  Security

We are committed to taking appropriate measures designed to keep your data secure.  Our technical, administrative and physical procedures are designed to protect data from loss, theft, misuse and accidental, unlawful or unauthorized access, disclosure, alteration, use and destruction.  We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received.

9.  Your rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at melisa@melisa.jermin.com if you wish to make a request.

10. Marketing

You may receive marketing information from us where you have consented to receive marketing information for related services and/or products.

You have the right to opt out of this information at any time. Any email communication you receive will provide you with a link to unsubscribe from marketing or change your marketing preferences.

You can opt out of receiving marketing material at any time by contacting melisa@melisajermin.com.

11.  In the event of a data breach

Every precaution will be taken to avoid a breach of your data.  However, if such a breach should occur, it will be documented, assessed as to its severity and appropriate action taken.  The Information Commissioner's Office (ICO) will be informed, and you will be contacted to assist you in taking steps to mitigate the risks to yourself if the breach is deemed sufficiently severe to have put you or your identity at risk.

12.  How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at melisa@melisajermin.com .

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk

13. General

If any court or competent authority finds that any provision of this policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

We reserve the right to change this policy we deem necessary from time to time or to comply with the law. Any changes will be immediately posted on the website and you are deemed to have accepted the terms of the privacy policy on your first use of the website following the alterations.

This agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.