GDPR Statement

From the 25^th May 2018 the laws on data protection are changing with the introduction of the new General Data Protection Regulation (GDPR). In order to fully comply with the new regulations, we must have your permission to hold, store and use your personal data.

The Types of Personal Data we will collect and use
As part of the initial registration and consent of a new patient, we will collect information relating to the following.

• Personal contact details (e.g. Home address, Email address, Home and mobile phone numbers)
• General Personal details such as date of birth
• Medical details including medical history and medication taken.

Using your Personal Information
Your data will only be accessed by personnel associated with Bridge Street Foot Clinic. This includes both employed staff and associated self-employed practitioners working from the clinic. 

• The information held will be used to ensure continued safe practice and maintain accurate treatment records.
• For contacting patients. This will include appointment reminders via phone, text or email.
• Marketing and offers from Bridge Street Foot Clinic.
• Referral to other professional persons (i.e. Doctors or other medical professionals)

Sharing of Personal Data
Your data will never be sold or shared with third parties outside the clinic.

Data Storage
All data is held and stored securely in encrypted files with our clinic office software provider off site. No data is held directly on our computer systems. Data can only be accessed by authorised staff and practitioners with password security.

Removal of Data
Bridge Street Foot Clinic will retain and maintain accurate records of your personal data for the purpose of providing safe and appropriate treatments on an ongoing basis. However, should a patient not attend the clinic for a 24-month period then they will be deemed to be ‘inactive’. After an additional 60 months (7 years in total) all data connected to that patient will be permanently and securely destroyed.