{"id":500,"date":"2018-05-23T11:26:01","date_gmt":"2018-05-23T11:26:01","guid":{"rendered":"http:\/\/yantheosteopath.com\/?page_id=500"},"modified":"2018-05-23T12:25:29","modified_gmt":"2018-05-23T12:25:29","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/yantheosteopath.com\/?page_id=500","title":{"rendered":"Privacy Policy"},"content":{"rendered":"<p><b><span style=\"font-family: ArialMT, sans-serif;\">Overview<\/span><\/b><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-family: ArialMT, sans-serif;\"> Your personal data may be required in order to:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><span style=\"font-family: ArialMT, sans-serif;\">provide healthcare<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">arrange appointments<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">manage fees and payments<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><span style=\"font-family: ArialMT, sans-serif;\">and also to respond to any enquiries you may have. This Privacy Policy explains:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><span style=\"font-family: ArialMT, sans-serif;\">what data we collect and store<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">who we obtain this data from<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">why and how we use this data<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">what we do to keep your data safe<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">how you can find out more, or raise a concern about data protection with us.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><span style=\"font-family: ArialMT, sans-serif;\">We are committed to keeping your data safe and secure, and meeting the requirements of the General Data Protection Regulation (GDPR), namely that personal data be:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><span style=\"font-family: ArialMT, sans-serif;\">obtained fairly and lawfully<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">obtained for a specific and lawful purpose<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">adequate and relevant, but not excessive<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">accurate and kept up to date<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">held for no longer than necessary<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">processed in accordance with the rights of those to whom the data pertains<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">kept subject to appropriate security measures<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Data Controller<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">The Data Controller, Yan-Chee Yu, is responsible for determining the purposes and means of processing personal data. He may be contacted by post at 11 Silverwood Way, Up Hatherley, Cheltenham, Glos, GL51 3TW, or by email at yan@yantheosteopath.com.<\/span><\/p>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Summary of Data Use<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\"><a href=\"http:\/\/yantheosteopath.com\/wp-content\/uploads\/2018\/05\/Privacy-Notice-Table.pdf\">Table 1<\/a> shows:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><span style=\"font-family: ArialMT, sans-serif;\">what data is collected<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">who it is obtained from<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">why this data is collected and processed<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">the legal basis for processing this data<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">who processes this data<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">how long this data is kept, and what happens to it once it is no longer needed<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">how this data is kept safe<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Data Security<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">Your data is kept secure at all times against unauthorised or unlawful access or loss using:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><span style=\"font-family: ArialMT, sans-serif;\">locked filing cabinets,<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">password protected device access,<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">GDPR compliant email storage,<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">written confidentiality and data protection agreements for data processors.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Data Transfer Outside of the EU<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">The Data Controller uses an email service which is GDPR compliant, which means that any data stored in this email inbox is appropriately protected even if it is stored on a server outside of the EU. Data transfer outside of the EU can also occur if we communicate via email and your email inbox is hosted on a server outside of the EU, or if we communicate by phone and one of us is located outside the EU. In such cases this will be because:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><span style=\"font-family: ArialMT, sans-serif;\">it relates to provision or administration of your healthcare<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">is for reasons of public interest<\/span><\/li>\n<li><span style=\"font-family: ArialMT, sans-serif;\">is necessary for legal reasons<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">What Happens if There is a Data Breach?<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">In the event of a data breach that is likely to result in a risk to people\u2019s rights and freedoms, the data breach will be reported to the Information Commissioner\u2019s Office (ICO), not later than 72 hours after it has come to light. People whose data is affected will be notified in line with current legislation.<\/span><\/p>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Your Rights<\/span><\/b><\/p>\n<ul>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Access<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; you have a right to confirmation that we are processing your data, and a copy of any of your personal data which we hold.<\/span><\/li>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Rectification<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; you have a right to correct data that we hold about you that is inaccurate or incomplete.<\/span><\/li>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Erasure<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; in certain circumstances, you have a right to ask for the data we hold about you to be erased from our records (see also <a href=\"http:\/\/yantheosteopath.com\/wp-content\/uploads\/2018\/05\/Privacy-Notice-Table.pdf\">table 1<\/a>).<\/span><\/li>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Restriction of processing<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; in certain circumstances, you have a right to restrict the processing of your personal data which we hold.<\/span><\/li>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Portability<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; where data is processed on the basis of consent or performance of a contract, and in addition by automated means, you have the right to have your data transferred to another Data Controller.<\/span><\/li>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Objection<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; under certain circumstances, you have the right to ask us to stop processing your personal data.<\/span><\/li>\n<li><b><span style=\"font-family: ArialMT, sans-serif;\">Automated decision-making including profiling<\/span><\/b><span style=\"font-family: ArialMT, sans-serif;\"> &#8211; you have the right not to be subject to legal or similarly significant effects which are based solely on automated processing.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-family: ArialMT, sans-serif;\">If you wish to exercise any of these rights, please contact the Data Controller. In the event that the Data Controller refuses your request, you will be given a reason as to why, which you may challenge legally and\/or with the Information Comissioner\u2019s Office (ICO).<\/span><\/p>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Raising a Concern<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">In the event that you have a concern about how your personal data has been handled, you have a right to complain to the Data Controller. If the situation cannot be resolved to your satisfaction, then you may contact the Information Commissioner\u2019s Office (ICO). Details of how to do so can be found at <a href=\"http:\/\/ico.org.uk\/concerns\/\">ico.org.uk\/concerns\/<\/a>.<\/span><\/p>\n<p><b><span style=\"font-family: ArialMT, sans-serif;\">Reviewing and Revising our Privacy Policy<\/span><\/b><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">We aim to incorporate best practice into our policies, and as such a review of our Privacy Policy will take place six months (November 2018) after the GDPR becomes law on May 25th 2018. This review may take place sooner if additional relevant or significant information becomes available. After this, review will take place annually.<\/span><\/p>\n<p><span style=\"font-family: ArialMT, sans-serif;\">Notice of any amendment to this Privacy Policy will be made available on this website.<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview Your personal data may be required in order to: provide healthcare arrange appointments manage fees and payments and also to respond to any enquiries you may have. This Privacy Policy explains: what data we collect and store who we &hellip; <a href=\"https:\/\/yantheosteopath.com\/?page_id=500\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":7,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=\/wp\/v2\/pages\/500"}],"collection":[{"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=500"}],"version-history":[{"count":37,"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=\/wp\/v2\/pages\/500\/revisions"}],"predecessor-version":[{"id":540,"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=\/wp\/v2\/pages\/500\/revisions\/540"}],"wp:attachment":[{"href":"https:\/\/yantheosteopath.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=500"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}