Bodyvie Ltd is registered in England with company number 3849113. Our registered office is Bodyvie Medi-Clinic, 133-135 Kew Road, Richmond, Surrey, TW9 2PN. Our Data Protection Officer is Natalie Weber.
Main Policy Content Summary:
Relevant Privacy Legalisation
In line with our internal processes and systems, Bodyvie internal documentation and website content are designed to comply with the following policies:
The compliance of internal documentation and website content with the above policies will likely mean that they are compliant with data protection and privacy legislation around the world.
What information do we collect about you and where do we store it?
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online and internally.
We may collect and process the following personal information about you, which is stored on our secure encrypted and passworded platforms, including our Medical Spa Software, on our PC’s, internal password encrypted systems spreadsheets, word documents, ipads and as paper records. Bodyvie does not obtain information or purchase databases from any third parties or sell information on.
Information you give to us
* Medical Records – A requirement for your clinic registration. This includes information such as your name, address, date of birth, gender, e-mail address, phone number, next of kin, GP, and medical history. Medical records are recorded in the form of consent forms, treatment records, photography (pre and post treatment imagery where required for insurance purposes), complaints/adverse events/communication between Us and You.
Failing to provide us with this information will result in us being unable to provide treatment.
* Enquiries – We may record your details in order to track and follow-up on enquiries, in addition to scheduling appointments. This includes information such as your name, e-mail address or phone number and details of the nature of your enquiry.
Failing to provide us with this information for marketing purposes will have no impact upon the provision of your treatment.
We will automatically collect the following information, for each visit made, when you visit our online domain www.bodyvie.com.
* Technical information, including the Internet Protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, browser plug-in types and version, operating system and platform; and
* Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page.
Like most websites, our website uses Google Analytics. This tool collects information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. We use this information to better understand how visitors find us and how they interact with our website. We can use this to make adjustments to our website, to deliver a better user experience.
We keep all web usage data in an anonymised form in google analytics, but we do not connect this in any form to personalised data or use to contact anyone.
*Call Recordings – We record calls via a call-tracking provider for statistical management and performance purposes and they hold the data for 30 days, following which calls are deleted.
* Online Contact forms – We collect the following information about you when you complete a form on our website:
A copy is sent to us by email and the information is stored on our customer management system and mailbox (email@example.com). Where you ‘opt in’ for the ‘subscribe to our mailing list’ data is also stored on Mailchimp. See section ‘Email Newsletter’.
* Email newsletter – If you choose to join our mailing list, your email address will be stored in Mailchimp. Mailchimp is a third-party data processor. At any time, you can unsubscribe from our newsletters, either from within the newsletter or by emailing us. Mailchimp’s Privacy and Terms.
How do we use the information we collect from you?
When you provide personal information to us, the purpose for which you are providing the personal information will always be made clear. We need to gather and hold data in order to provide our service and care, to maintain medical records and also to provide our clients with information. We collect information about you to understand your needs and provide you with a better service. Specifically, we use your information for:
We may use this information for some or all of the following reasons:
Information we collect about you
We may use this information for some or all of the following reasons:
Who do we share your personal data with?
We take our obligations under the General Data Protection Regulation and our clinical confidentiality requirements very seriously.
Sensitive information relating to your medical history will be kept confidential and will only be disclosed to the individuals involved with delivering your treatment. We will never sell, distribute or lease your personal information to third parties unless we have your permission or are required to do so by law.
Some information sharing is absolutely necessary for Bodyvie to provide your service and care, for example – the information shared in a prescription. Without consent treatment cannot be provided.
For contact or marketing purposes and information sharing we must gain consent. You must ‘opt in’ to allow us to use your data. We offer selective consent, rather than requiring all or nothing consent.
If you’re unclear as to what you have ‘opted in’ for or wish to make any changes, please contact us at Bodyvie and speak with our Data Protection Office.
We may share your personal information with:
* Other members of Bodyvie staff as part of your ongoing care provisions, or for the purpose of analysing the business.
* Selected third parties such as The Doctors Laboratory for diagnostics, or Healthxchange Pharmacy for prescriptive purposes in order to provide your agreed treatment. Opting out of sharing your information with these providers may affect our ability to treat you.
*There may also be circumstances where we are under a duty to disclose your personal information or share your personal information in order to comply with any legal or regulatory requirement, obligation or request. This includes the police for the prevention or investigation of a crime, or our Insurers, legal advisors or other third parties who need access to it in the context of managing, investigating or defending claims or complaints.
We cannot guarantee that the information you send us over the internet is secure, but once we receive it we will take all reasonable steps to protect the information you supply to us. Bodyvie will not transfer your data outside of the European Economic Area. Backups of electronically stored data are taken regularly, with strong encryption used to protect all files.
If you have concerns as to the safety of your data sent via an online channel, including emails to firstname.lastname@example.org, we would advise you minimise and risk but opting for direct communication by phone.
Under the General Data Protection Regulation and in line with Legal Requirements, we will only hold personal identifiable data for the maximum retention periods:
We employ CCTV on the exterior and public areas of the building in order to aid the security of our staff, patients and premises. CCTV cameras are not in use in our treatment rooms.
A Subject Access Request may be made for footage of you. All CCTV footage is held for a maximum of two weeks. In certain circumstances we may need to disclose CCTV footage for legal reasons.
Website cookies – A cookie is a piece of code that allows the web server to identify and track activity of the web browser. They are widely used in order to make websites work more efficiently, as well as to provide information to the owners of the website. You can enable or disable your cookie settings. For further details please consult the help menu in your browser or visit allaboutcookies.org.
You have the right to ask us not to process your personal information, but where consent is withdrawn for the processing of personal data from your medical records, our ability to continue your treatments will be impaired.
You have the right to ask us not to process your personal information for marketing purposes. We will only contact you for marketing purposes if you have opted in to receive such communications. If you wish to stop receiving some or all marketing communications from us, you can let us know by email to: email@example.com Our website www.bodyvie.com may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these website, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
In some circumstances, you have the right to be forgotten and we will erase all data held about you. Medical records are exempt from erasure before our maximum retention periods. Requests for erasure should be made in writing to firstname.lastname@example.org and will be assessed on a case by case basis.
ACCESS TO INFORMATION AND CORRECTION
If you provide us with your personal information, you have the following rights:
To exercise any of these rights, please email email@example.com or contact our Data Protection Officer. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
It is important to note that whilst personal data can be removed from our systems in relation to marketing, we will be unable to remove any medical records relating to treatment received – which cannot be erased and will be retained as required by our insurers and professional regulatory bodies – for a period of 10 years.
You have the right to request a copy of your personal data held by Bodyvie under the Data Protection Act 1998. We may charge a reasonable administration fee to cover costs. All requests will be subject to the appropriate identification checks.
CONTACT AND COMPLAINTS