Privacy Notice
This privacy notice explains how JiHi Health, uses the personal information we collect from you, either through using our website or in any other way, electronically, verbally or in writing.
Data controller
JiHi
Health is a data controller, that is because we make decisions about what data
we collect and how it is used and with whom it is shared with. We can be
contacted at eileen@ji-hi-health.co.uk or telephone number 01293 871737.
On what basis do we collect and process
your data?
Data Protection law defines the basis by which we can
lawfully collect and process personal data.
Consent
We will collect and process your personal
data on the basis of your freely given and informed consent where we have
concluded that this is the most appropriate basis for the processing. You are
free to withdraw your consent at any time and can do so by contacting us on the
numbers above or using the email address.
Where we have a legal obligation:
We will collect personal data when we are
required to through a legal obligation, such as requirements from public agencies
in relation financial returns.
Where processing your data is in your vital interests:
We will process your data if we feel it is
required to protect your vital interests, or the vital interests of another
person. This might occur in serious life or death situations where immediate
disclosure of personal data is required. We have documented our justification
for processing your data on this basis.
In our legitimate interest:
We will collect and process personal data
where it is in the legitimate interest of JiHi Health to do so. Specifically,
we use legitimate interest in relation to processing our customer’s personal
data and the personal data of third party emergency contacts.
For the data we act as data controller for,
we have determined the following basis:
Clients
|
Purpose
of Processing
|
Data
Category
|
Data
Type
|
Legal
Basis
|
|
Engaging commercially
|
Identity details
|
Name
|
Legitimate Interest
|
|
Engaging commercially
|
Contact Details
|
Phone number
|
Legitimate Interest
|
|
Engaging commercially
|
Contact Details
|
Email address
|
Legitimate Interest
|
|
Engaging commercially
|
Contact Details
|
Home address
|
Legitimate Interest
|
|
Engaging commercially
|
Identity details
|
Date of Birth
|
Legitimate Interest
|
|
Treatment Assessment
|
Family Details
|
Marital Status
|
Legitimate Interest
|
|
Treatment Assessment
|
Family Details
|
Children
|
Legitimate Interest
|
|
Treatment Assessment
|
Health Data
|
General health
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Specific Health issues
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Medical history (operations/ accidents)
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Family health history
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Sleep
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Appetite
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Digestion
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Wellbeing
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Exercise
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Allergies
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Emotional/ trauma/ mental health
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Medication
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Conditions such as RSI etc
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Health Data
|
Addictions
|
Consent of the Data Subject
|
|
Treatment Assessment
|
Family Details
|
Religious beliefs
|
Consent of the Data Subject
|
Where we have used consent to process
data, you are free to withdraw that consent at any time.
Health
Care Professionals
|
Purpose
of Processing
|
Data
Category
|
Data
Type
|
Legal
Basis
|
|
Treatment Assessment
|
Identity Details
|
Name
|
Legitimate Interest
|
|
Treatment Assessment
|
Contact Details
|
Phone number
|
Legitimate Interest
|
|
Treatment Assessment
|
Contact Details
|
Email address
|
Legitimate Interest
|
We collect data in relation to your
communications and interaction with us. This can include emails, text
messaging, voice recording for customer service purposes, postal service
delivery, social media posting or any other form of communication. In addition
to the lawful purpose described previously for the above categories, we have a
legitimate interest purpose to collect and retain this data to enable and
improve our communication and for record keeping purposes.
The data we collect as data controllers from
our data subjects is obtained directly from the data subject themselves. Please see our Cookie Policy for information on the data collected by
our website.
Data recipients and data transfers
We do not sell any of your personal data to any third party. Where
required, JiHi Health will share non sensitive personal data with service
providers such as our accountants and insurance companies. We may, as required,
share your contact details with printing and mailing companies, as well as
email service providers and other delivery companies.
We will, with your consent, share your medical data with other relevant
healthcare professional for further diagnosis or treatment.
Where required we will disclose your personal data
with law enforcement and fraud prevention agencies. This is so we can help
tackle fraud or where such disclosure is necessary for compliance with a legal
obligation to which we are subject. Additionally, in order to protect your
vital interests or the vital interests of another natural person, or in
connection with the establishment, exercise or defence of legal claims, whether
in court proceedings or in an administrative or out-of-court procedure.
Contact details and email contents are
transferred to data centres in the USA by Google and is protected by the US Privacy
Shield framework.
Sensitive information
JiHi Health does process special
category data as defined by Article 9 of the GDPR. This is in relation to
health related personal data and religious beliefs. This data supports our
diagnosis and treatment decisions. We will ask for your explicit consent to
process this data however, you must be aware that if you do not provide this, then our ability to
successfully diagnose any condition and treat it will be severely impaired.
Retention policy
The data we collect directly from you is
the minimum we require to facilitate the lawful processing described above. Personal
Data placed on our system will be deleted in accordance with legal obligations,
such as HMRC requirements or in compliance with our own professional codes of
practice or retention policy. This is to ensure personal data is held only for
as long as is required for the purpose we collected it or for our legitimate
purposes.
In summary, personal data required for
financial transaction and audit purposes, including reporting to the HMRC will
be retained for 6 years plus the current year it is collected. The data we
process for delivering our health care services will be retained for a period
of 20 years.
Data Storage and Security
JiHi Health follows strict security procedures to
ensure that your personal information is not damaged, destroyed, or disclosed
to a third party without your permission and to prevent unauthorised access. We store both physical and electronic records. We have
put in place technical and organisational measures to ensure our physical
security as well as technical measures for data backup, authorisation and
authentication onto systems. We use secure
firewalls and other measures to restrict electronic access, including anti-virus
and anti-malware measures. If the data must be transferred to a third party, we
require them to have in place similar measures to protect your personal data. We have a process in place to mitigate the impact of
any data breach that should occur.
Only persons who need the information to fulfil their duties are
granted access to personal data. We may require you to cooperate with our
security checks before we disclose information to you. You can update the
personal information that you give us at any time by contacting us directly.
Cookies from our website
To make our website
work properly and to provide viewing data, we place small data files called
cookies on your device. See our Cookie Policy for details of the Cookies we
use.
What are cookies?
Cookies are pieces of data, normally stored in text
files, that websites place on visitors’ computers to store a range of
information, usually specific to that visitor – or rather the device they are
using to view the site – like the browser or mobile phone. It
enables the website to remember your actions and preferences (such as login,
language, font size and other display preferences) over a period of time, so
you don’t have to keep re-entering them whenever you come back to the site or
browse from one page to another. They can also provide anonymous analytical
data of your browsing on our website.
How do we use cookies?
We set cookies on your browser that are strictly
necessary for the operation of our website as well as analytical cookies and cookies
to enable third party functions such as video playback and links to social
media sites. The cookie-related information is not used to identify you
personally and the pattern data is fully under our control. These cookies are
not used for any purpose other than those described here.
How to control cookies
You can control and/or delete cookies as you wish –
for details, see https://cookiepedia.co.uk/all-about-cookies
You
can delete all cookies that are already on your computer and you can set most
browsers to prevent them from being placed. If you do this, however, you may
have to manually adjust some preferences every time you visit a site and some
services and functionalities may not work.
Your
rights as a data subject
The regulations provide a number of rights
to you as the Data Subject. JiHi Health is committed to upholding those rights
and those applicable to the personal information we collect and process are
listed below. In addition to these rights, you have the right to escalate any
concern to the Supervisory Authority, which in the UK is the Information
Commissioners Office https://ico.org.uk. A
full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/
- The Right to be Informed – you should be clear about what, why and
in what way your personal information will be processed at the time it is
processed. This privacy policy sets out that information
- Right of Access – you have the right to know what
personal information is held, by whom and why.
- The Right to Rectification – If the information we have collected and
processed is inaccurate or incomplete, you have the right to have it rectified.
- Right to Erasure – You have the right to have your personal
data erased and to prevent processing in some specific situations.
- Right to Restrict Processing – If
you contest the accuracy of the personal data we hold, we will restrict the
processing of your data until accuracy is verified.
- Right to Data Portability – You have the right to move, duplicate or
transfer your data easily from one IT environment to another in a safe and
secure way.
- Right to Object – You have the right to object to profiling
and direct marketing
- You also have rights in relation to automated
decision making.
You also have the right to lodge a
complaint with the UK’s supervisory body, The Information Commissioners Office www.ico.org.uk
Automated
decision making
JiHI Health does not use automated
decision making to process personal data.
Third party websites
Our website may contain links to other
websites. This privacy policy only applies to JiHi Health, so if you follow a
link to another website, you should read that organisation’s own privacy
policy.
Changes
to our privacy policy
We keep our privacy policy under review
and we will place any updates on our website. This privacy policy was last
updated in December 2019
How to contact us
You can write to us at this address:
Eileen
Beckmann
JiHi Health
Horsham Rd
Rusper
Horsham
RH12 4PR
You can
telephone us on this number: 01293 871737.
You can email us by using this link:
eileen@Ji-Hi-Health.co.uk
You can delete all
cookies that are already on your computer and you can set most browsers to
prevent them from being placed. If you do this, however, you may have to
manually adjust some preferences every time you visit a site and some services
and functionalities may not work.
Cookies we use
|
Cookie Name
|
Duration
|
Purpose
|
Third Party
Transfers
|
|
_ga
|
2
Years
|
This
cookie is used to distinguish unique users by assigning a randomly generated
number as a client identifier
|
|
|
_gat
|
10
Minutes
|
This
cookie is used to throttle the request rate – limiting the collection of data
on high traffic sites.
|
|
|
_gid
| |
It
stores and updates a unique value for each page visited.
|
|