THAI DERM POLICY STATEMENT REGARDING DATA PROTECTION ACT 2018 AND GENERAL DATA PROTECTION REGULATIONS (EU) 2016/679
1. Thai Derm will routinely receive personal data from clients and employees in the ordinary course of business to include, where appropriate and relevant, the following :
- Telephone numbers
- Email addresses
- Employment history
- Health information insofar as that relates to the type of massage therapy that will be appropriate
- National Insurance number
- Date of birth
- Tax Code
The data we receive from clients will not be shared with any other party and will be used for the sole purpose of facilitating communication between Thai Derm and our clients and in order to ensure that the services provided are appropriate to the client having regard to his or her state of health and any medical condition. The bases for all data received will be consent and contractual with particular reference to our duty of care to our clients.
The data we receive from employees or workers engaged under contracts for services will not be shared with any other party save by consent eg corresponding with HMRC and the basis for the acquisition of that data will be consent arising from the mutual needs and expectations inherent in the employer/employee relationship and the overriding objective of Thai Derm to provide an efficient service in the course of which relevant information is handled safely.
2. Our clients and employees will be told to the extent that it is necessary having regard to common sense why we accept their personal data and they will understand that such data will not be shared under any circumstances save by consent. Personal data will not be used save for the purposes identified above and the data will not be retained for any longer than necessary. All data held will be reviewed on a monthly basis and destroyed unless it is still required for lawful purposes arising from contractual obligations and the only data to be stored electronically will be any email correspondence engaged in between Thai Derm and its clients and or its employees on the basis that such correspondence is entered into by the parties consensually and on the understanding that each party is entitled to keep a record thereof for a reasonable period, subject to review and the overriding principle that no data will be retained for any longer than necessary. The person responsible for data protection at Thai Derm is Rongtong Larkin and she is the proprietor of the business and a sole trader and she will hold personal data in accordance with the provisions of the DPA 2018 and the GDP regulations on the basis of contract and consent for the reasons identified above. The data held will be supplied to Thai Derm by clients and employees or contractors and will not be shared with any other party within or outside of the UK.
3. The data will be kept for as long as it is reasonably required and will be reviewed monthly. Clients and workers are at liberty to request access to their data at any time and to request correction and or deletion of their personal data. Thai Derm’s aim is to retain personal information only for so long as it is relevant and to delete or destroy it safely and permanently for the benefit of all parties concerned. Parties are entitled to complain to the Information Commissioner’s Office about breaches of the Act and or the regulations and will be referred if necessary to the ICO website. Paper versions of this statement are available for inspection at Thai Derm’s premises and a suitable notice advising clients is displayed at the premises. The statement will appear on the Thai Derm website.
4. Thai Derm will not make automated decisions or carry out any profiling or similar activities based on the personal data it may hold.
5. Thai Derm will seek only personal data that is needed for the purpose of the business and the services carried out in accordance with contracts with staff and clients. Clients will be given the option of supplying email and telephone numbers if they wish but they will always be told that this is optional and for their own convenience. Clients will be asked to sign a form stating whether they have any medical condition or injury and so on that might be relevant to or have implications with for the type of massage therapy being offered or sought so that an informed decision may be taken by Thai Derm as to the appropriate treatment, if any, to be offered and so that Thai Derm may properly discharge its duty of care towards its clients. Such sensitive personal data will be kept in paper form only and will be retained until the expiry of the limitation period under the Limitation Act
6. Thai Derm will only accept data that is needed for facilitating its contractual and legal relations with clients and staff and to enable it to discharge its duty of care and the need for the receipt of such data will be in each case be discussed by the parties and dealt with consensually.
7. Data will only be retained for as long as it is reasonably required having regard to the contractual and legal relations between the parties concerned and the objective will be to review data regularly with a view to disposing of or destroying it securely and permanently at the earliest convenient and reasonable juncture subject to the relevant limitation periods for contractual and tortious liability namely 3 and 6 years respectively from the date of treatment.
8. The aim will be to keep all data accurate and up to date so that communications between parties can be conducted efficiently and without avoidable delay or misunderstanding. Returning clients will be invited to check and update their personal data as a matter of routine procedure and will be invited to sign a form to confirm that the data held is accurate and up to date.
9. All data will be kept securely so that it is not lost or misused. Paper and documentary records such as personnel files will be kept in locked filing cabinets to which only the proprietor/Information Officer will have access. When appropriate paper records will be destroyed by shredding. All personal data will be kept securely under lock and key at Thai Derm’s premises.
10. Clients have the right to be told about the data we hold and to request copies of their data. They are entitled to have such data corrected if it is inaccurate.
EQUALITY, DIVERSITY, RESPECT AND NON-DISCRIMINATION POLICY
1. Thai Derm values its staff and clients and aims to be an organisation that makes certain that everyone is treated with respect and dignity in accordance with our own fundamental values and the rights and principles of fairness contained in the Equality Act 2010.
2. All our staff will be given equal opportunities regardless of their gender, ethnicity, cultural and religious views, age, sexuality, disability ,marital or civil partnership status, pregnancy/maternity and gender reassignment.
3. Our clients will be accorded respect and will be treated in exactly the same non-discriminatory manner.
4. Pursuant to section 26 of the Equality Act 2010 we will take all reasonable steps to ensure that our staff are protected from harassment including sexual harassment or any conduct by any party which has the purpose or effect of violating anyone’s dignity. Thai Derm provides services to the public strictly in accordance with the terms of its local authority special treatment license and appropriate legal action will be taken against any party who by words or conduct engages or attempts to engage in sexual conduct or attempts to solicit conduct of a sexual nature. Our staff must be treated with dignity and respect and they will accord our valued clients the same consideration.