Privacy Policy
Our Privacy Promise
We promise that we’ll tell you how we use your data and we’ll use it responsibly. Plus, we’ll make sure we collect and store your data securely.
The well-being of you and your baby is our number one priority
We have to collect and keep a little data about you, like your name, email address, payment details and some details about your pregnancy. We sometimes have to share your data with your NHS care provider to make sure that in the event of us identifying any problem, you receive the correct care.
We promise to collect, process, store and share your data safely and securely.
We use data to inform you of any changes to your appointment
We can use the contact details you share with us to confirm your appointment and to let you know if there are changes to your scheduled appointment.
Plus by listening to what our customers tell us, we can improve our services.
Our Privacy Policy
This Privacy Policy forms part of your Terms and Conditions and your contract with us for the booking and arrangement of your chosen service
Tongue Tie Northeast is committed to protecting your safety and privacy, and takes its responsibilities regarding the security of customer information very seriously. This privacy policy explains what personal data we collect about you, how and why we use it, who we disclose it to, and how we protect your privacy.
1. Who is responsible for your data
Our Privacy Policy applies to the personal data that Tongue Tie North East and uses.
References in this Privacy Policy to “Tongue Tie North East”, “D.I.Harries ltd”, “we”, “us”, “our Group” (a company registered in England and Wales with registration no 9803940 and registered office at National House. We control the ways your personal data is collected and the purposes for which your personal data is used and we are the “data controller” for the purposes of the UK Data Protection Act 2018 and other relevant European data protection legislation.
D.I.Harries LTD is registered with the ICO
2. Personal data we collect about you
When using the term “personal data” in our Privacy Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include for example your name, your contact details, information relating to your pregnancy.
We collect personal data from you, for example when you book an appointment with us, use our Website, or contact us. If you book an appointment on behalf of someone else, you must have their consent to use their personal information.
For more information on the parties who may share your personal data with us, please see section 7 below.
Categories of data we collect
We may collect and process the following categories of information about you:
-
Your name and surname and your contact details (email address, telephone number and postal address)
-
When you book an appointment on our Website
-
When you attend our clinic for the purposes of your appointment
-
-
Information about your pregnancy history, birth and current feeding history
-
Information about your transaction including your payment card details
-
The communications you exchange with us (for example, your emails, letters, calls, or your messages on our online chat service) When you contact us or are contacted by us
-
Your feedback
Sensitive personal data
In the course of providing services to you, we may collect information that could reveal, physical or mental health. Such information is considered “sensitive personal data” under the UK Data Protection Act 2018 and other data protection laws. We only collect this information where you have given your explicit consent, it is necessary to fulfil our contract with you or you have deliberately made it public.
For example, we may collect this information in the following circumstances:
-
For your safety, when you have a specific medical condition that we should be aware of before your appointment, you will need to inform us of.
-
By providing us with information about your current situation, so that we are well informed prior to completing your appointment.
-
By providing any sensitive personal data you explicitly agree that we may collect and use it in order to provide our services and in accordance with this Privacy Policy. You can be sure that we will never use any sensitive information for any form of marketing or profiling purposes. We will only share this information with your NHS care provider with your written consent.
If you do not allow us to process any sensitive personal data, this may mean we are unable to provide all or parts of the services you have requested from us. Please be aware that in such circumstances you will not be entitled to cancel or obtain a refund of any price you have paid.
How and why we use your personal data
We use your personal data for the following purposes:
-
To manage your bookings and provide our services to you: When you book an appointment with us, we use your information to perform our services in relation to your chosen service. We also use it to change your appointment if you request such changes.
-
To communicate with you and manage our relationship with you: We may contact you by email and/or SMS for administrative or operational reasons, for example in order to send you confirmation of your appointment and your payments. Please be aware that these communications are made to inform you and as such. We will also use your personal data if we contact you after you have sent us a request, filled in a web-form through our website or contacted us on social media. Your opinion is very important to us, so we may send you an email or SMS to seek your feedback.
We will use the communications you exchange with us and the feedback you may provide in order to manage our relationship with you as our customer and to improve our services and experiences for customers. -
To personalise and improve your customer experience: We may use your personal data in order to tailor our services to your needs and preferences and to provide you with a personalised customer experience.
Please note that we do not share your contact details and other personal data with other companies for marketing purposes.
- To improve our services, fulfil our administrative purposes and protect our business interests: The business purposes for which we will use your information include accounting, billing and audit, credit or other payment card verification, fraud screening, safety, security and legal purposes, statistical and marketing analysis, systems testing, maintenance and development.
- To comply with our legal obligations.
Requesting access to your personal data
You have a right to request access to the personal data that we hold about you. This could include information relating to appointments you have had with us.
If you would like to request a copy of your personal data, please email us to info@tonguetienotheast.co.uk stating your full name, details of your appointment.
Security of your personal data
We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data. When you provide your personal data through our Website, this information is transmitted across the internet securely using high-grade encryption.
Furthermore, Tongue Tie North East is a PCI DSS compliant organisation. This means that we adhere to high security standards in order to protect your payment card details when you are sending us this information.
As described in this Privacy Policy, we may in some instances disclose your personal data to third parties. Where we disclose your personal data to a third party, we require that third party to have appropriate technical and organisational measures in place to protect your personal data; however in some instances we may be compelled by law to disclose your personal data to a third party, such as local authority agencies, and have limited control over how it is protected by that party.
We will retain your personal data for as long as we need it in order to fulfil our purposes set out in our Data Retention Policy or in order to comply with the law.
Sharing your personal data
Your personal data will be shared with other companies within our Group. It may also be disclosed to a third party who acquires us, a member of our Group or substantially all of our assets.
We may also share some of your personal data with, or obtain your personal data from, the following categories of third parties:
-
Suppliers providing services to us in order to help us improve our services and your customer experience. We may for example share your personal data with the NHS or your GP.
-
Credit and debit card companies We may share some of your personal data, which includes information about your method of payment and booking, to the credit or debit card company that issued the card you used to make your booking. In order to ensure the security of your transactions and prevent or detect fraudulent transactions, we may also share your information with our fraud screening partner.
-
Authorities In addition to the parties listed above, we may disclose your personal data when this is required by the law of any jurisdiction to which Tongue Tie North East may be subject.
We select very carefully our suppliers who process your personal data on our behalf and require that they comply with high security standards for the protection of your personal data.
Your rights
You have the following rights:
-
-
The right to access your personal data and supplementary information that we hold. This will allow you to be aware of and verify the lawfulness of the processing
-
The right to have any inaccurate personal data rectified, or completed if it is incomplete. You can make a request for rectification verbally at one of our clinics or in writing to us at info@tonguetienortheast.co.uk. We will respond to a request within a maximum of one calendar month. In certain circumstances we may refuse a request for rectification for example if we reasonably believe that the request is excessive or unfounded.
-
You have the right to have your personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
You have the right to have your personal data erased if:-
the personal data is no longer necessary for the purpose which we originally collected or processed it for;
-
we are relying on consent as your lawful basis for holding the data, and you withdraw your consent;
-
we are relying on legitimate interests as our basis for processing, you object to the processing of your data, and there is no overriding legitimate interest to continue this processing;
-
we are processing your personal data for direct marketing purposes and you object to that processing;
-
we have processed your personal data unlawfully (ie in breach of the Data Protection Act 2018; or
-
we have to do it to comply with a legal obligation
-
-
You have the right to restrict the processing of your personal data where you have a particular reason for wanting the restriction. This may be because you have issues with the content of the information that we hold or how we have processed your In most cases we will not be required to restrict us from processing your personal data indefinitely, but we will need to have the restriction in place for a certain period of time
-
You have the right to obtain and reuse your personal data from us for your own purposes across different services. If you exercise this right, we will help you to move, copy or transfer your data easily from one IT environment to another in a safe and secure way, without hindrance to usability
-
You have the right to object to:
-
processing of your data based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
-
direct marketing (including profiling); and
-
processing for purposes of scientific/historical research and statistics
-
-
Updates to our Privacy Policy
We may make changes to this Privacy Policy from time to time, including as part of the new European data protection legislation which will start to apply on 25 May 2018 (the “General Data Protection Regulation”) - we will update the Privacy Policy and we will publish on our website any new version of this Policy.
Contact information
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@tonguetienortheast.co.uk