Philip Corbin Osteopath. BSc(Hons) Ost Med, DO, BSc(Hons) Sports Science

Privacy Notice

What is a Privacy Notice?

Under EU wide general data protection regulation (GDPR) you, as a patient have specific rights. To communicate these rights to you in a clear and concise manner, we are providing you with this privacy notice. To be able to document and process your personal data, and the GDPR you must give us explicit consent.

Who Are We?

We are an osteopathic practice trading as Corvus Osteo, who diagnose, treat and rehabilitate health conditions. This is carried out in accordance with the individual governing body of the sole practitioner Philip Corbin. Who is insured and is a member of the relevant governing bodies.

Personal Data

We have a legal contractual obligation to collect personal data for the purposes of providing care for which your explicit consent is given during the process of history taking. As a practitioner I may require detailed medical information. I will only collect what is relevant and necessary for your care. Under the terms of GDPR the legal basis for the practice to hold personal data is described by article 9 paragraph 2(h). This data is always held securely and is not shared with anyone not involved with your care. For data storage purposes non-medical pre-vetted staff who have signed a GDPR processor agreement may handle some of that data. We may use your contact details to remind you of future appointments, or other information concerning your treatment. In making initial contact with Corvus Osteo we will keep your contact details unless you do not attend the clinic and then this information will be destroyed/deleted in one month.

Sharing Your Personal Data

We do not share your personal data with anyone. We may have to use some of your data to communicate on your behalf with your insurance company these providers are deemed as processors and we have a contract with them to ensure your data is secure. We may also share your medical data with external treatment providers such as your GP or medical consultant, this will be with your explicit consent only.

Retaining Your Personal Data

Corvus Osteo will process personal data during the duration of any treatment and will continue to store only the personal data needed for eight years after the contract has expired to meet any legal obligations. After eight years all personal data will be destroyed/deleted, unless basic information needs to be retained by us to meet our future obligations to you, such as erase your details. Records concerning minors who have received treatment will be retained until the child has reached the age of 25. Parental consent is obtained prior to the commencement of treatment of minors.

Data Storage

All data is held physically in the United Kingdom and Corvus Osteo does not store personal data outside the EEA.

Your Rights

At any point whilst Corvus Osteo is in possession of, or processing your personal data, all data subjects have the following rights; Right of access – you have the right to request a copy of the information we hold about you – you can make a subject access request and you will need to provide identification. There is no charge for this. Please ask at reception if you require more information. Right of rectification – you have the right to correct data that we hold about you that is inaccurate or incomplete. Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. Right of restriction of processing – where certain conditions apply you have the right to restrict the processing. Right of portability – you have the right to have data we hold about you transferred to another organisation. Right to object – you have the right to object to certain types of processing such as direct marketing. Right to object to automated processing, including profiling – we don’t do this at Corvus Osteo.

Data Breaches

Should your personal data that we control be lost, stolen or otherwise breached, whether this constitutes a high risk to your rights and freedoms, we will contact you without delay. The breach will be dealt with by our Data Protection Officer (details below), who will explain to you the nature of the breach and the steps we are taking to deal with it.

Complaints

In the event that you wish to make a compliant about how your personal data is being processed by Corvus Osteo you have the right to complain to us. If you do not get a response within 30 days you can complain to the ICO. ICO Wycliffe House, Water lane, Wilmslow, SK9 5AF Telephone +44 (0) 393 1231113 or email: https://ico.org.uk/global/contacts-us/email/. Data Protection Officer at Corvus Osteo is Philip Corbin.