Mindfulness with Sarajane Privacy Statement
Mindfulness with Sarajane strives to ensure the highest standard care for each and every person who partakes in a session. All sessions are facilitated in a trusted environment governed by an ethic of privacy and confidentiality. Every precautionary measure is adopted to ensure compliance within the privacy principles of the Data Protection Legislation. This Privacy Statement is about making your consent meaningful by advising you of our policies and practices when dealing with your personal information.
Managing your information:
WHY THE INFORMATION IS REQUIRED
I may in some limited cases require information about your current health and your medical history. This information is used only to provide you with the best possible course of treatment and advises.
I also require your contact details to arrange appointments & scheduling times with you.
WHERE THE INFORMATION IS GATHERED FROM
Personal information may be gathered from:
Email or Text messages sent from individuals to mindfulnesswithsarajane
Discussions with clients during the consultation process and during subsequent treatments
WHAT INFORMATION IS HELD
The following personal information may be held only for a specific purpose and will be retained for no longer than is necessary or for the duration of contact and no more than 5 years after termination of contract.
Name, title and date of birth.
Contact information including email address, telephone numbers and home address.
Emergency contact or next of kin details.
Medical history and other health related information provided on the consultation form and discussed during the first and subsequent treatments. This is only in limited cases where medical information may be vital to carry out effective care.
Follow up information which may be discussed with you by phone email or text after your treatment.
Diarised records of appointment times
WHAT IS DONE WITH THE INFORMATION GATHERED
Information will be gathered to assess your treatment.. Your information will not be shared with anyone else (other than required for legal process) without explaining the reason why this is necessary and obtaining your explicit consent.
The contact information you provide may to contact you in relation to appointment times or dialogue regarding your treatment plan.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, suitable physical, electronic and managerial procedures have been put in place to safeguard and secure the information that is collected both online and on paper.
Contact details including telephone numbers and email addresses are held on a password protected telephone and personal computer.
A back up document is held of client names and contact details (name, email and telephone number).
In the event of a data breach which consists of a breach of security leading to destruction, loss, alteration, unauthorised disclosure of or access to personal data, We understand the Office of the Data Commissioner must be notified within 72 hrs where it is likely to result in a risk to the rights and freedoms of individuals. In the event of such a breach, we will notify those concerned directly and without delay. Records of personal data breaches will be maintained in any case.
Consent for Minors
Where we are required to gather the personal information of a minor (defined as a person aged under 16 years), we will require the attendance and consent of a parent or guardian, and will only acquire and store such data with their permission, as well as the awareness of the minor themselves.
Where the parents of the minor are not in a position to provide such consent, the support of a recognized body will act ‘in loco parentis’ – for example the school principal, social worker or Gardai will be consulted with the medical professional in order to ensure that any such processing of personal data is being done in the vital interests of the minor. As much as possible, the minor will be made aware of the processing activity and its purposes.
From 25th May 2018 GDPR gives an individual:-
The right to be informed as to how personal information will be both used and held. This is contained within this document.
The right to access your personal information so individuals know what is held about them and they can confirm it.
The right to rectification if there is something incorrect or incomplete.
The right to have information deleted
The right to limit how the information is used or shared
The right to portability. Under certain circumstances a copy of electronically held information can be requested so it can be reused in other systems
The right to object if there are certain parts of an individual’s information that they do not want used or to be used only for certain purposes
Rights in relation to automated decision-making and profiling
We hope this statement has explained any issues that might arise. If you have any queries about this Privacy Statement, please email firstname.lastname@example.org