Privacy Policy

Cosmetic Surgery Psychology Privacy Policy (January 2024)

Name: Dr Suzanne Kennedy

E-mail: enquiries@cosmeticsurgerypsychology.co.uk

I am the data controller and data processor for all clients accessing the website. I decide how your information is used and shared. I take privacy and security seriously and do my utmost to ensure that your privacy is protected. The information laid out below explains how I handle your personal data and falls in line with recent legislation from the Independent Commissioners Office (ICO) called General Data Protection Regulation (GDPR). This policy is reviewed on a regular basis.

General information about the ICO and GDPR can be found on the following website http://www.ico.co.uk 

The type of personal information I may collect

I currently collect and process the following information:

Personal identifiers, contacts and characteristics (for example, name, contact details, address, next of kin, GP details and other relevant information related to your enquiry/referral)

Sensitive information for the purpose of the assessment (e.g. prescribed medication, diagnoses, mental and physical health experience, forensic history etc)

Billing information for the purpose of payments/refunds etc

Information about the computer device you use for the purpose on online calls

Information for the purpose of tax returns/invoices/billing etc

If you contact me via the website, your enquiry comes direct to myself. I do not share this information. Your information will only be used to respond and or follow up on your query or after your session for feedback. If you decide not to make an appointment, your email will be deleted after 3 months of the enquiry. The information is held by myself for a short time to allow you to think about whether you would like to make an appointment therefore not repeating information you have already given.

If you make an enquiry via the website, I will respond via email. I cannot guarantee that my reply is 100% secure and it is important to note that no transmission via the internet can ever guarantee 100% security.

I often receive information via third parties, for example a cosmetic surgery referral from a surgeon. If you have any concerns about their privacy policies and confidentiality, please contact them directly. 

I do not work with insurance companies.

During my assessment, I may collect further information that may be sensitive. This is essential for me to complete the assessment. Sensitive information may relate to: ethnic background, culture, relationships, current physical and mental health etc. I may also ask you to complete questionnaires for an objective rating of your health. 

How I get the personal information and why I have it

Most of the personal information I process is provided by you directly or from an indirect source, for example, from a cosmetic surgeon referral.

I may use your information for a number of reasons:

-communicating with you regarding your appointment and/or clinical letter

- If you have medical emergency whilst online and you need emergency assistance.

- to contact you after your appointment for feedback or review of service

I do not sell or distribute your information to third parties unless I have your permission to do so or I am required to by law. 

How I store your personal information?

I take privacy and security very seriously. I take reasonable steps to ensure your personal information is protected but please be aware that no data transmission whether via the internet or data storage facility can be guaranteed to be 100% secure; therefore, any information sent to me online is done so at your own risk. Information is stored in compliance with EU General Data Protection Regulations (GDPR) rules.

I do not use open/unsecure wifi networks. Paper records are stored in a locked cupboard and are disposed of after the statutory period of retaining health records has expired. Please note; I am bound by law to retain your health records for a certain time period (7 years) and will not be able to delete such information until the period has expired. This time frame is stipulated within the guidelines and requirements for record keeping by the British Psychological Society www.bps.org.uk

I try to use paper records wherever possible to avoid storage on a computer system; however, if I receive referrals or write letters then I do keep this information in a secure file on my laptop. The laptop is stored in a locked cabinet at the end of each day.

How long do I keep the information for?

I do not keep personal information for longer than necessary. Basic contact information from the initial enquiry is kept for approximately 3 months before being deleted. All other information, including sensitive information, is kept for for 7 years in compliance with professional guidelines and obligations. Some data is also used for accounting/tax purposes with the HMRC and is stored for a period of 6 years or longer if required to by the HMRC.

Information sharing

Information may be shared with the clinician you have been referred by. Your consent will be obtained before any information is shared. If you need an appointment for a pre-surgery psychological assessment; I may request further details from your cosmetic surgeon. This will be discussed with you. Basic information may be shared for the purpose of invoices/accounts/tax returns.

In most circumstances, I do not disclose personal/sensitive information without your consent. However, there are some exceptions to this, for example, 1. if you or others are at risk from harm; 2.a medical emergency (e.g. suspected heart attack; stroke etc whilst online) 3. If lawfully required including court order 4. To respond to a government request, fraud investigation, protecting your safety and the safety of others and to protect our rights. I may also be ordered to pass on information to a law enforcement body. 

Your data protection rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask me for copies of your personal information.

Your right to rectification - You have the right to ask me to rectify personal information you think is inaccurate.

Your right to erasure - You have the right to ask me to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask me to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have  the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that I transfer the personal information you gave me to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, I have one month to respond to you.

Please contact me at enquiries@cosmeticsurgerypsychology.co.uk  if you wish to make a request.

 

How to complain

If you have any concerns about how I use of your personal information, you can make a complaint to me at enquiries@cosmeticsurgerypsychology.co.uk

If you are not satisfied by my response you can also complain to the ICO if you are unhappy with how I have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk

 

Logo

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.

Privacy Settings

Website Translator

Privacy Settings

This tool helps you to select and deactivate various tags / trackers / analytic tools used on this website.

Select all services
Website Translator
More
Save Settings