Privacy

Privacy Notice

This privacy notice explains how JiHi Health, uses the personal information we collect from you, either through using our website or in any other way, electronically, verbally or in writing.

Data controller

JiHi Health is a data controller, that is because we make decisions about what data we collect and how it is used and with whom it is shared with. We can be contacted at eileen@ji-hi-health.co.uk or telephone number 01293 871737.

On what basis do we collect and process your data?

Data Protection law defines the basis by which we can lawfully collect and process personal data.

Consent

We will collect and process your personal data on the basis of your freely given and informed consent where we have concluded that this is the most appropriate basis for the processing. You are free to withdraw your consent at any time and can do so by contacting us on the numbers above or using the email address.

Where we have a legal obligation:

We will collect personal data when we are required to through a legal obligation, such as requirements from public agencies in relation financial returns.

Where processing your data is in your vital interests:

We will process your data if we feel it is required to protect your vital interests, or the vital interests of another person. This might occur in serious life or death situations where immediate disclosure of personal data is required. We have documented our justification for processing your data on this basis.

In our legitimate interest:

We will collect and process personal data where it is in the legitimate interest of JiHi Health to do so. Specifically, we use legitimate interest in relation to processing our customer’s personal data and the personal data of third party emergency contacts.

For the data we act as data controller for, we have determined the following basis:

Clients

Purpose of Processing Data Category Data Type Legal Basis
Engaging commercially Identity details Name Legitimate Interest
Engaging commercially Contact Details Phone number Legitimate Interest
Engaging commercially Contact Details Email address Legitimate Interest
Engaging commercially Contact Details Home address Legitimate Interest
Engaging commercially Identity details Date of Birth Legitimate Interest
Treatment Assessment Family Details Marital Status Legitimate Interest
Treatment Assessment Family Details Children Legitimate Interest
Treatment Assessment Health Data General health Consent of the Data Subject
Treatment Assessment Health Data Specific Health issues Consent of the Data Subject
Treatment Assessment Health Data Medical history (operations/ accidents) Consent of the Data Subject
Treatment Assessment Health Data Family health history Consent of the Data Subject
Treatment Assessment Health Data Sleep Consent of the Data Subject
Treatment Assessment Health Data Appetite Consent of the Data Subject
Treatment Assessment Health Data Digestion Consent of the Data Subject
Treatment Assessment Health Data Wellbeing Consent of the Data Subject
Treatment Assessment Health Data Exercise Consent of the Data Subject
Treatment Assessment Health Data Allergies Consent of the Data Subject
Treatment Assessment Health Data Emotional/ trauma/ mental health Consent of the Data Subject
Treatment Assessment Health Data Medication Consent of the Data Subject
Treatment Assessment Health Data Conditions such as RSI etc Consent of the Data Subject
Treatment Assessment Health Data Addictions Consent of the Data Subject
Treatment Assessment Family Details Religious beliefs Consent of the Data Subject

Where we have used consent to process data, you are free to withdraw that consent at any time.

Health Care Professionals

Purpose of Processing Data Category Data Type Legal Basis
Treatment Assessment Identity Details Name Legitimate Interest
Treatment Assessment Contact Details Phone number Legitimate Interest
Treatment Assessment Contact Details Email address Legitimate Interest

We collect data in relation to your communications and interaction with us. This can include emails, text messaging, voice recording for customer service purposes, postal service delivery, social media posting or any other form of communication. In addition to the lawful purpose described previously for the above categories, we have a legitimate interest purpose to collect and retain this data to enable and improve our communication and for record keeping purposes.

The data we collect as data controllers from our data subjects is obtained directly from the data subject themselves. Please see our Cookie Policy for information on the data collected by our website.

Data recipients and data transfers

We do not sell any of your personal data to any third party. Where required, JiHi Health will share non sensitive personal data with service providers such as our accountants and insurance companies. We may, as required, share your contact details with printing and mailing companies, as well as email service providers and other delivery companies.

We will, with your consent, share your medical data with other relevant healthcare professional for further diagnosis or treatment.

Where required we will disclose your personal data with law enforcement and fraud prevention agencies. This is so we can help tackle fraud or where such disclosure is necessary for compliance with a legal obligation to which we are subject. Additionally, in order to protect your vital interests or the vital interests of another natural person, or in connection with the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Contact details and email contents are transferred to data centres in the USA by Google and is protected by the US Privacy Shield framework.

Sensitive information

JiHi Health does process special category data as defined by Article 9 of the GDPR. This is in relation to health related personal data and religious beliefs. This data supports our diagnosis and treatment decisions. We will ask for your explicit consent to process this data however, you must be aware that if you  do not provide this, then our ability to successfully diagnose any condition and treat it will be severely impaired.

Retention policy

The data we collect directly from you is the minimum we require to facilitate the lawful processing described above. Personal Data placed on our system will be deleted in accordance with legal obligations, such as HMRC requirements or in compliance with our own professional codes of practice or retention policy. This is to ensure personal data is held only for as long as is required for the purpose we collected it or for our legitimate purposes.

In summary, personal data required for financial transaction and audit purposes, including reporting to the HMRC will be retained for 6 years plus the current year it is collected. The data we process for delivering our health care services will be retained for a period of 20 years.

 

Data Storage and Security

JiHi Health follows strict security procedures to ensure that your personal information is not damaged, destroyed, or disclosed to a third party without your permission and to prevent unauthorised access. We store both physical and electronic records. We have put in place technical and organisational measures to ensure our physical security as well as technical measures for data backup, authorisation and authentication onto systems. We use secure firewalls and other measures to restrict electronic access, including anti-virus and anti-malware measures. If the data must be transferred to a third party, we require them to have in place similar measures to protect your personal data. We have a process in place to mitigate the impact of any data breach that should occur.

Only persons who need the information to fulfil their duties are granted access to personal data. We may require you to cooperate with our security checks before we disclose information to you. You can update the personal information that you give us at any time by contacting us directly.

Cookies from our website

To make our website work properly and to provide viewing data, we place small data files called cookies on your device. See our Cookie Policy for details of the Cookies we use.

What are cookies?
Cookies are pieces of data, normally stored in text files, that websites place on visitors’ computers to store a range of information, usually specific to that visitor – or rather the device they are using to view the site – like the browser or mobile phone. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another. They can also provide anonymous analytical data of your browsing on our website.

How do we use cookies?
We set cookies on your browser that are strictly necessary for the operation of our website as well as analytical cookies and cookies to enable third party functions such as video playback and links to social media sites. The cookie-related information is not used to identify you personally and the pattern data is fully under our control. These cookies are not used for any purpose other than those described here.

How to control cookies
You can control and/or delete cookies as you wish – for details, see https://cookiepedia.co.uk/all-about-cookies

You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

 

Your rights as a data subject

The regulations provide a number of rights to you as the Data Subject. JiHi Health is committed to upholding those rights and those applicable to the personal information we collect and process are listed below. In addition to these rights, you have the right to escalate any concern to the Supervisory Authority, which in the UK is the Information Commissioners Office https://ico.org.uk.  A full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/

  • The Right to be Informed – you should be clear about what, why and in what way your personal information will be processed at the time it is processed. This privacy policy sets out that information
  • Right of Access – you have the right to know what personal information is held, by whom and why.
  • The Right to Rectification – If the information we have collected and processed is inaccurate or incomplete, you have the right to have it rectified.
  • Right to Erasure – You have the right to have your personal data erased and to prevent processing in some specific situations.
  • Right to Restrict Processing –  If you contest the accuracy of the personal data we hold, we will restrict the processing of your data until accuracy is verified.
  • Right to Data Portability – You have the right to move, duplicate or transfer your data easily from one IT environment to another in a safe and secure way.
  • Right to Object – You have the right to object to profiling and direct marketing
  • You also have rights in relation to automated decision making.

You also have the right to lodge a complaint with the UK’s supervisory body, The Information Commissioners Office www.ico.org.uk

 

Automated decision making

JiHI Health does not use automated decision making to process personal data.

 

Third party websites

Our website may contain links to other websites. This privacy policy only applies to JiHi Health, so if you follow a link to another website, you should read that organisation’s own privacy policy.

Changes to our privacy policy

We keep our privacy policy under review and we will place any updates on our website. This privacy policy was last updated in December 2019

How to contact us

You can write to us at this address:

Eileen Beckmann

JiHi Health

Horsham Rd

Rusper

Horsham

RH12 4PR

You can telephone us on this number: 01293 871737.

You can email us by using this link:

eileen@Ji-Hi-Health.co.uk

You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

Cookies we use

Cookie Name Duration Purpose Third Party Transfers
_ga 2 Years This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier  
_gat 10 Minutes This cookie is used to throttle the request rate – limiting the collection of data on high traffic sites.  
_gid It stores and updates a unique value for each page visited.