Kings Mill Osteopathic Clinic
Privacy Notice Kings Mill Osteopathic Clinic are committed to protecting and respecting your privacy.
to us, will be processed by us. Please read the following carefully to understand our views and
practices regarding your personal data and how we will treat it. We keep certain basic information
when you visit our website and recognise the importance of keeping that information secure and
letting you know what we will do with it.
For the purpose of the General Data Protection Regulations 2018, the data controller is Kings Mill Osteopathic Clinic, Room 30, Aero 16, Redhill Aerodrome, Kingsmill Lane, Redhill, RH1 5YP
This policy only applies to our website. Our site may, from time to time, contain links to and from the
websites of our partner networks, advertisers and affiliates. If you leave our site via a link or
otherwise, you will be subject to the policy of that website provider. We have no control over that
policy or the terms of the website and you should check their policy before continuing to access the
We may collect and process the following personal data about you:
Information that you provide by filling in forms at the clinic. This includes
information provided at the time of registering to use our site, subscribing to our service or
requesting further services, such as your name, email address, address, telephone number, bank
details, profile picture and where required additional personal information. This data may be
processed for the purposes of providing our services and communicating with you. The legal basis for
this processing is consent (where you have supplied the information) and our legitimate interests
which includes promoting the services offered by the organisation and the administration of our
We may also ask you for information when you report a problem with our site. This could include your
name, email address and even membership details. This is for the purposes of operating our website,
and the legal basis for this processing is consent.
If you contact us, we may keep a record of that correspondence.
We may also ask you to complete surveys that we use for research purposes, although you do not
have to respond to them.
IP addresses and cookies
We may collect information about your computer, including where available your: IP address,
operating system and browser type, for system administration and to report aggregate information to
our advertisers. This is statistical data about our users’ browsing actions and patterns and does not
identify any individual and we will not collect personal information in this way.
We may obtain information about your general internet usage by using a cookie file which is stored
on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. The legal basis for this is our legitimate interest, as they help us to improve
our site and to deliver a better and more personalised service. They enable us to:
• estimate our audience size and usage pattern
• store information about your preferences, and so allow us to customise our site according to
your individual interests
• speed up your searches and recognise you when you return to our site
You may refuse to accept cookies by activating the setting on your browser which allows you to
refuse the setting of cookies. However, if you select this setting you may be unable to access certain
system will issue cookies when you log on to our site.
Where we store your personal data
Some of the data that we collect from you will be stored outside the European Economic Area (“EEA”)
at Basecamp, who is an organisational solution provider. Basecamp has signed the EU privacy shield
and is based in Chicago.
It may also be processed by staff operating outside the EEA who work for us or for one of our
suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the
processing of your payment details and the provision of support services. By submitting your personal
data, you agree to this transfer, storing or processing. We will take all steps possible to ensure that
your data is treated securely and protected in accordance with the GDPR.
All information you provide to us is stored on our secure servers. Any payment transactions will be
encrypted. Where we have given you (or where you have chosen) a password which enables you to
access certain parts of our site, you are responsible for keeping this password confidential. We ask
you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we
will do our best to protect your personal data, we cannot guarantee the security of your data
transmitted to our site; any transmission is at your own risk. Once we have received your information,
we will use strict procedures and security features to try to prevent unauthorised access.
Uses made of the information
We use information held about you in the following ways:
• To ensure that content from our site is presented in the most effective manner for you and
for your computer.
• To provide you with information, products or services that you request from us or which we
feel may interest you.
• To carry out our obligations arising from any contracts entered into between you and us.
• To allow you to participate in interactive features of our service, when you choose to do so.
• To notify you about changes to our service.
Disclosure of your personal data to others
We may disclose your personal information to certain third parties:
• We are under a duty to disclose or share your personal data in order to comply with our legal
obligations. This includes exchanging information with other companies and organisations for
the purposes of fraud protection and credit risk reduction.
• Basic information may be shared with our professional advisors and service providers
• We may also disclose your data to third party EU based providers of goods or services which
may be of interest to you and we or they may contact you about these by post or
Retaining your personal data
We will only retain personal data for as long as it is necessary to fulfil the purpose for which it was
collected and our legal obligations. Members records will be retained for seven years after they
You have the right to:
a) Access your data, including being notified of the details of what data is held, the purposes of
the processing and who it is shared with;
b) Rectification of personal data that is incomplete or inaccurate;
c) Erasure of your data in some circumstances; i.e. when it is no longer necessary for the
purposes it was collected, you withdraw consent or you object to its processing;
d) Restrict processing of your data
e) Object to processing of your data
f) Data portability
g) Complain to a supervisory authority; and
h) Withdraw consent.
You can also exercise any of your rights in relation to your personal data at any time by contacting us
Access to information You can request the following information:
• Identity and the contact details of the person or organisation that has determined how and
why to process your data.
• Contact details of the data protection officer, where applicable.
• The purpose of the processing as well as the legal basis for processing.
• If the processing is based on the legitimate interests of the Business and information about
• The categories of personal data collected, stored and processed.
• Recipient(s) or categories of recipients that the data is/will be disclosed to.
• How long the data will be stored.
• Details of your rights to correct, erasure, restrict or object to such processing.
• Information about your right to withdraw consent at any time.
• How to lodge a complaint with the supervisory authority (ICO).
• Whether the provision of personal data is a statutory or contractual requirement, or a
requirement necessary to enter into a contract, as well as whether you are obliged to provide
the personal data and the possible consequences of failing to provide such data.
• The source of personal data if it wasn’t collected directly from you.
• Any details and information of automated decision making, such as profiling, and any
meaningful information about the logic involved, as well as the significance and expected
consequences of such processing.
To access what personal data is held, identification will be required
The iO will accept the following forms of ID when information on your personal data is requested: a
copy of your driving licence, passport, birth certificate and a utility bill not older than three months. A
minimum of one piece of photographic ID listed above and a supporting document is required. If the
Organisation is dissatisfied with the quality, further information may be sought before personal data
can be released.
All requests should be made to email@example.com or by phoning 07715 027 256 or writing to
us at the address below.
appropriate, notified to you by e-mail. However, we advise that you check this page regularly to keep
up to date with any necessary changes.
In the event that you wish to make a complaint about how your personal data is being processed by
the Business you have the right to complain to us. If you do not get a response within 30 days you can
complain to the ICO.
Kings Mill Osteopathic Clinic, Room 30, Aero 16, Redhill Aerodrome, Kingsmill Lane, Redhill, RH1 5YP, email:
firstname.lastname@example.org or telephone 07715 027 256