Anita Andor (I) holds some information about you. This document outlines how that information is used, who I may share that information with and how I keep it secure.
What I Do
I provide nutritional therapy services to clients to improve their health through diet and lifestyle interventions. I focus on preventative healthcare, the optimisation of physical and mental health and chronic health conditions.
Your Personal Data
A. information provided by you
You may provide me with personal data in the following ways:
By completing a client questionnaire
By signing a terms and conditions form
During a nutritional therapy consultation
Through email, over the telephone or by post
By taking credit card and online payment
I use the information you provided in order to provide you with direct healthcare. This means that the legal basis of our holding your personal data is for legitimate interest.
B, information received from other sources
I may obtain sensitive medical information in the form of test results from biochemical testing companies. I use this information in order to provide you with direct healthcare. This means that the legal basis of our holding your personal data is for legitimate interest.
I may obtain sensitive information from other healthcare providers, such as your GP. The provision of this information is subject to you giving me your express consent. If I do not receive this consent from you, I will not be able to coordinate your healthcare with that provided by other providers which means the healthcare provided by me may be less effective.
How your personal data is used
I act as a data controller for use of your personal data to provide direct healthcare. I also act as a controller and processor in regard to the processing of your data from third parties such as testing companies and other healthcare providers. I act as a data controller and processor in regard to the processing of credit card and online payments.
I undertake at all times to protect your personal data, including any health and contact details, in a manner which is consistent with my duty of professional confidence and the requirements of the General Data Protection Regulation (GDPR) concerning data protection. I also take reasonable security measures to protect your personal data storage.
Do I disclose any information to outside parties?
I do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. I may release your information when I believe release is appropriate to comply with the law, enforce my site policies, or protect my or others rights, property, or safety. I may share your information with supplement companies and biochemical testing companies as part of providing you with direct healthcare. I will not include any sensitive information.
I will seek your express consent before sharing your information with your GP or other healthcare providers. However if I believe that your life is in danger then I may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests.
I may share your case history in an anonymised form with my peers for the purpose of professional development. This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites. I will seek your explicit consent before processing your data in this way.
What are your rights?
Every individual has the right to see, amend, delete or have a copy, of data held that can identify you, with some exceptions. You do not need to give a reason to see your data. If you want to access your data you must make a subject access request in writing to email@example.com
How is your data protected?
AnitaAndor.com uses a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into the Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to.
How long do you hold confidential information for?
All records held by Anita Andor will be kept for the duration of 7 years.
If you have any questions regarding the use of your personal data then please contact me by writing to the Data Controller by email firstname.lastname@example.org and I will do my best to help you.