We are registered with the ICO under the Data Protection Register. The Data Protection Officer is Dr Christine Penny, who can be contacted via firstname.lastname@example.org – ICO Registration reference ZA787891
Personal data collected – Personal data is any data that could identify you as an individual. Personal data you give to us may include (but is not limited to) your name, contact information, photographic identification, and web usage. Your health records may include both our own records and those on occasion as required, provided by third parties.
How is personal information collected – may be provided by you by telephone, via our website, by email or during a face to face consultation. We may seek your consent to contact your employer or other healthcare professionals – either to gain further information or to seek expert opinion.
Why is personal information collected – To enable Aquamarine Medicals Ltd. provide a medicals service, it is necessary to hold information about you, including but not limited to, your contact details, and your health records. Information may be used to meet legal requirements and also to check your identity for security and anti-fraud purposes or to seek feedback to improve our services.
How is personal information stored and kept secure – paper or electronic form. Procedures are in place to prevent unauthorised access or disclosure of your records. Only those with genuine and demonstrable need will be able to access your personal data. A GDPR compliant medical records software is used with password protection with back-up storage on a secure server at physically separate locations. Paper records are kept in locked cabinets.
Policies and procedures are in place to deal with any suspected data breach so that any loss of data, or consequential damage, is minimised.
Aquamarine Medicals Ltd do not store any bank or credit card details, these are held securely by our nominated payment partner Stripe.
How is personal information used – Processing of data encompasses all activity to do with your personal data which includes but is not limited to, obtaining data, storage, amendment, transfer and deletion of data. Personal data provided forms your medical record held by Aquamarine Medicals Ltd but also may be used for purposes of communication with you, other healthcare professionals if expert advice is needed. On occasion your consent may be sought to liaise with your employer.
Aquamarine Medicals Ltd welcomes feedback to help improve services and you may be contacted for this purpose. We will not sell or distribute your information to third parties, unless we have your permission, or we are under a legal obligation to do so.
If you wish to request details of personal information held on systems and in hard copy stored by Aquamarine Medicals Ltd, please contact the Data Protection Officer using the contact details on this website.
How long we keep personal data – Current legislation requires retention of medical records for a minimum of seven years, or longer in some cases. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We will not store your information for longer than is reasonably necessary or required by law.
Your information will be kept securely at all times and at the end of the retention period, your files and personal data will be permanently deleted or destroyed.
Individual rights under GDPR – Under the GDPR you have a number of important rights, these can be accessed here
Need to make An Appointment?
Easily make a booking 24 hours a day, 7 days a week. Simply choose your prefered date and time and pay the fee. We will remind you of your appointment nearer the time.Make An Appointment