DCM Clinics’ Privacy Notice
For clarity, “we” refers to DCM clinics, as will “our”, “business”, “company” and “us”. “You” are the person, firm, business, representative, or organisation reading this notice.
This privacy notice will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you. It is important for you to know that we are governed by the UKs Information Commissioners Office (ICO) and they have in-depth information about the GDPR and how it applies to business within the United Kingdom, detailed guidance can be found here.
Who we are
We are DCM15 Limited, trading and providing services as ‘DCM clinics’.
Our registered business address is Crowhurst Farm Cottage, Crowhurst Lane, West Kingsdown, Kent, TN125 6JE.
You can contact us (Danny Mace - Director) by email at danny.mace@ymail.com.
We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.
What type of information we collect
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous or ‘anonymised’ data).
We may collect, use, store and transfer different kinds of personal data about:
Identity Data includes first name, last name, username or similar identifier, title.
Contact Data includes home address, email address and telephone number.
Usage Data includes information about how you use our website, products and services.
We should also inform you that we may collect, use and share Aggregated Data such as statistical or demographic data. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be processed only in accordance with this privacy notice.
DCM clinics do not, and will not, collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you are approached by someone pertaining to be from DCM clinics, or if a webpage that appears to be DCM clinics marked asks for Special Categories of data or information relating to criminal convictions and offences, we ask that you contact us in the immediate instance.
Using our website
When you use our website to browse our services and view the information we make available, cookies are used by Google Analytics to allow us to collect useful information about visitors and to help to make your user experience better.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. We use cookies to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.
For more information about Google's use of cookies, please see their cookie policy.
Your IP is anonymous to our website.
Submitting an enquiry
When you submit an enquiry via the “Contact Us” page on our website, we ask you for your name and email address and the details of your message.
We use this information to respond to your query, including providing you with any requested information about our services. We may also email you several times after your enquiry to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to entering into a contract for our services with you, if you decide to do so.
Your enquiry is stored and processed as an email which is hosted by Yahoo mail.
We do not use the information you provide to make any automated decisions that might affect you.
We keep enquiry emails for two years, after which they are deleted.
Booking an appointment
When you book an appointment at our clinic online, we ask you for your name, date of birth, contact telephone number and email address.
We will use your information to confirm your booking. We will also send you a confirmation via email and we may use your telephone number to contact you regarding your appointment.
We require this information to make your booking, deliver the service you have booked and fulfil our contract with you.
Your information is stored on our website, which is based within the European Union, and within our Client Management software Cliniko, which is based in Australia. We use Cliniko to take online bookings and keep clients records, such as personal data and medical records. Cliniko is compliant with the GDPR and you can read more on its privacy policy.
Your data will also be shared with our Customer Relationship Management software CliniqApps, also based in Australia. CliniqApps sends reminder emails, important communications about our clinic that might affect you, and recall emails. GDPR compliant and you can read more on its privacy policy.
We do not use the information you provide to make any automated decisions that might affect you. We do not share the information with any other person or business.
We keep your booking information for six years after you attend your appointment, unless you book further services, in which case we retain your details until six years after you cease to be a client.
Attending an appointment
When you attend our clinic, you will need to give the main reception desk your name. This is due to fire regulations in all buildings in the UK.
If you haven’t filled out an online new client form prior to attending your appointment, you will be asked to complete one at your appointment.
The information on the paper form is then added to our Client Management software Cliniko and attached to your profile. The paper form is shredded.
Your Data Protection Rights
DCM clinics would like to make you aware of your legal rights. If you wish to exercise any of the rights set out, please contact us.
Under certain circumstance you have the following rights under data protection laws:
You will not have to pay a fee to access your personal data (or to exercise any of the other rights) if the request is legitimate. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances whereby we would have a legal ability to do so. DCM clinics will never refuse any request without first reviewing the request and considering the circumstance.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
If DCM clinics is involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide notice to you before this happens and becomes subject to a different privacy policy.
In the event of such a transfer of information, your rights under the GDPR are not affected.
Your Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Personal Information transferred outside of the UK
Your information, including Personal Information, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the information, including Personal Information, to United Kingdom and process it there.
Your data is also transferred to Australia to the third parties mentioned above, all of which are compliant with the GDPR.
In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of England and Wales shall have exclusive jurisdiction over the matter.
How to complain about how we use your information
If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint.
However, you can also contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns or write to them at: Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF. Helpline number: 0303 123 1113.