How we collect your data
We collect your data either by using an online client consultation form or paper form depending on the clients’ preference. We also use an online platform for taking bookings called Fresha which will securely hold your name and contact details but you will be asked to review their own GDPR policy and adhere to it accordingly. If you do not wish to use the online booking system then you can quite simply contact us via phone, text or Facebook. Further details of all information collected can be found below under the heading ‘What personal data we collect and why’. We then store all your personal information in a locked file and only Sandra Darawala has access to this unless for business reasons another person is brought in to the business to deal with administration, in which case they will be given full training on how to keep your data as secure as possible.
Social media – You may contact us via Facebook messenger or other networks and we will reply to you message but we DO NOT PAY TO OR USE YOUR PERSONAL DATA FROM SOCIAL MEDIA.
What personal data we collect and why
Before or when arriving for your appointment we will ask you to complete a client record card. We require the below personal details from you and have given a legal reason why we need these.
- Your full name – So we can address you and ensure all communication is with the correct person.
- Date of birth – So we can wish you a happy birthday, to help us distinguish two clients with identical names and also for the emergency services in case of an emergency whilst attending an appointment (yes it can happen!).
- Address – To aid the emergency services in case of an emergency whilst at the appointment. If any of your loved ones contact us to send you a gift voucher.
- Email address – To send booking confirmations and 24 hour reminders as well as email invoices of any services you have received. You may also opt in to receive updates on events and offers relevant to The Recovery Well via email. (See section on client consultation card with tick box.)
- Medical history including operations, diseases, disorders – Medical history is crucial to allow us to perform our treatments safely and adhere to the terms of our insurance.
- Allergies – To ensure nothing we use during a treatment or around you at the premises can cause you harm, irritation or any other complications and to adhere to the terms of our insurance.
- Medication – Some medication can be a contraindication to treatment or react with products we use. It is essential we know details to protect you the client and adhere to our insurance terms.
- Patch test – This is a skin test we may carry out in the centre to test for potential allergic reactions to certain treatments. We keep this on file so all therapists know you are able to have that treatment and in the event of a reaction we know what was used and when.
- Treatment history – This is so we can see what and how the last treatment was carried out on you to ensure results are consistent and to monitor effectiveness to create a care plan accordingly.
- Your Consent – We require you to read and sign a paragraph that allows us to obtain this information lawfully from you and legally store it in accordance with GDPR.
- Your signature – To prove it was you that was present at the appointment and that you answered all of the above to the best of your knowledge and honestly. That you agree to The Recovery Well holding your data securely in a locked cabinet and online as relevant through our booking system host Fresha.
How your data is stored
Your data is in paper form at The Recovery Well either filled in by you at the appointment or sent to The Recovery Well through the internet and printed off and filed accordingly. Once the paper form has been printed we will delete the files from the online source (except in the case of Fresha who keep a record of your data in their secure systems) for The Recovery Well to use and manage as per the reasons mentioned above in points 1-11.
How long we hold your personal data for
We will hold your data for up to 10 years to comply with our insurance Terms and Conditions (7 years after turned 18 if a child).
In order to continue to provide the client with the best service possible we need these records to see exactly what treatments were performed, reactions, likes, dislikes, patch tests, products used etc.
Your right to access or change your mind?
Your data control officer for The Recovery Well is Sandra Daruwala. In the event of a breach of personal data you will be contacted by the above mentioned person within 72 hours of discovery.
You have the right to access your personal data that The Recovery Well holds and the right to rectification if it is incomplete, incorrect or out of date.
You also have the right to Data portability if you wish us to transfer some personal data such as patch test results if you are moving to another salon.
You also have the right to object to processing and direct marketing. Your data can remain in one place but not used.