Relating to https://lizcastle.com operated by Liz Castle MBAcC Acupuncturist
Effective date 25.5.18 revised 24.06.2020
This policy relates to how I collect, use and disclose data when you use my website, and to your choices and rights relating to that data. Definitions are given at the end.
When you visit this website it collects, stores and uses certain data which is used to deliver and improve the service; however you will have choice about sharing personal data. By visiting my website you agree to this in accordance with this policy.
Please refer to my separate Clinic Privacy Notice for details about how I keep and use clinic and patient case records at https://lizcastle.com/clinic-privacy-notice
Background to this Policy
UK Data Protection Act 2018 which enshrines the General Data Protection Regulations (GDPR) requirements
General Data Protection Regulations (GDPR) – your rights if you are a resident of the EEA (European Economic Area)
Residents of the UK/EEA have the following data protection rights under certain circumstances, relating to personal information that is held about them:
- To access information and have information updated
- For incomplete or inaccurate information to be rectified
- For information to be deleted
- To restrict processing of personal information
- To data portability (receive a copy of the information in a structured commonly used and machine readable electronic format)
- To object to the processing of their data. This includes withdrawing consent when the information was given on the basis of consent.
- Relating to automated decision making including profiling.
Any queries about the GDPR should be addressed to your local UK/EEA data protection authority.
My website collects several different types of information, which are used:
- to provide, maintain and improve my site;
- to look for, to prevent and deal with any technical issues
- to monitor how my site is used
- to tell you the user about any changes
- to allow you to use some aspects of my site; and, if you request it, to send you my newsletter.
Legal basis: UK Data Protection Act 2018 which enshrines the General Data Protection Regulations (GDPR) requirements. (if you are from the EEA (European Economic Area) under the General data Protection Regulations (GDPR))
The legal basis for collecting and processing personal data varies according to the type of data and how it is collected.
Liz Castle MBAcC Acupuncturist collects and process personal data:
- to comply with the law
- in relation to a contract with you
- because of “legitimate interests” which are not overridden by your rights.
- because you have given consent (eg for me to send you a newsletter)
My website may collect ‘usage data’, such as your computer’s IP address, type of browser, when you look at my site and how long you stayed on a particular page, as well as unique device identifiers and other diagnostic data.
Usage data is used to analyse how my site is being used. This is usually kept for less time than personal data, except when the data is used to improve security or the functionality of the site, or if by law I am required to keep this data for a longer length of time.
Tracking Cookies Data
Cookies (and similar tracking technologies) track the activity on my site.
A cookie is a small file which is sent to your internet browser from a website and is stored on your computer or other device. It may include an anonymous unique identifier, such as a serial number.
Third party cookies such as those used by Google or Facebook are included in many websites for functions such as statistics or for advertising data.
You can stop the use of all cookies or get your browser to say when a cookie is being sent. If you decide not to accept cookies, some of my site may not be available to you.
My website currently uses the following cookies:
- Session cookies: in order to operate the website
- Preference cookies: to remember your preferences and some settings
My website is hosted by WP Engine. I understand that they do not collect personal information. The personal data that you may choose to give me to sign up for my newsletter, will only be kept while you are subscribed, and you can unsubscribe at any time.
Any data you submit is transferred to the United Kingdom, where it is processed. If you live outside the UK, the data protection laws may be different from where you live.
Liz Castle aims to take reasonable steps to allow you
- to change, correct, delete, or limit the use of your own personal information. You can update your personal data within your account settings section (for example if you use Mail Chimp to sign up for my website), or you can contact me to make changes to information that I hold. If you would like to know what personal data I hold, please contact me.
- In certain circumstances, you are entitled to access and receive a copy of the personal data I hold in a common electronic form so that you can correct any inaccuracies, or request its deletion. You may need to prove your identity before I respond to any such request.
Patients and prospective patients please refer to my privacy notice for more information about your rights as a patient relating to your case notes.
I may employ a third-party company or individual to assist with, maintain, provide or analyse my internet service on my behalf. Access any third party has to your personal data is limited to what is necessary to perform these tasks. They are not allowed to use it for anything else or to pass it on.
Although I will endeavour to keep your data secure by using responsible service providers, transferring information over the internet or storing it electronically is never completely secure. Therefore, I cannot make an absolute guarantee as to its security.
Patients and prospective patients please note that if you send me emails, the replies that I send to you are not encrypted. For this reason I prefer to receive personal data by telephone or in person, and sensitive information during consultations only.
I may be required to or in good faith believe it necessary to disclose your personal data when requested by a public authority, to comply with a legal obligation, to protect against legal liability, to protect my rights or property, to prevent or investigate possible misconduct in connection with my website, or to protect the public or the personal safety of users of this website.
They will hold your data until you decide to unsubscribe. You can unsubscribe from my newsletter via the ‘Unsubscribe’ link at the bottom of every newsletter. You can change your preferences using the link at the bottom of every newsletter. You can also contact me at any time and ask me to completely ‘forget’ any information Mailchimp holds in connection with you. Email me at [email protected] or telephone me on 01948 880170
I use Google Analytics to monitor and analyse the use of my website Service.
Google Analytics analyses web activity. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/
Links to other sites
My website is not aimed at anyone under the age of 13. I do not knowingly collect personally identifiable information from anyone under the age of 13. If as a parent or guardian you find out that your child has provided me with personal data, please contact me. If I discover that I have collected personal data from children without parental consent, I will take steps to remove that information from my servers.
This website is made using Word Press and hosted by WP Engine.
- by email [email protected]
- by visiting my website https://lizcastle.com/website-privacy-policy
- by telephone: 01948 880170
Further to this in the UK you can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
General Data Protection Regulations
Personal Data means data or informqation about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Data Subject is any living individual who is the subject of Personal Data
The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small pieces of data stored on a User’s device.
Data Processor (or Service Providers)
Data Processor (or Service Provider) means any person who processes the data on behalf of the Data Controller. I may use the services of various Service Providers in order to process your data more effectively.