In this policy, “we”, “us” and “our” refer to Northampton Ear Clinic.
Northampton Ear Clinic is the Data Controller (i.e. the person or organisation who decides the purposes for which and the way in which any personal data is processed) as defined in the EU General Data Protection Regulation 2018. Contact information is given in the ‘Our details’ section below.
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
Collection and processing of data
(i) Personal data
This website collects and processes personal data including (but not limited to) your name, e-mail address and phone number. The data is collected via forms to respond to an enquiry.
(ii) IP addresses
An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. Under the EU General Data Protection Regulation 2018, IP addresses are considered to be personal data. When you visit our website our server keeps a record of your IP address in the logs. This is done to help detect and prevent fraud and unauthorized access and to maintain the security of our systems.
(iii) Non-personal data
Lawful basis for the processing of personal data
When processing your personal data to reply to enquiries and provide marketing communications, the lawful basis we use for processing your personal data, as defined in the EU General Data Protection Regulation 2018, is ‘consent’.
When processing your IP address as describe in (ii) above, the lawful basis we use for processing your personal data, as defined in the EU General Data Protection Regulation 2018, is ‘legitimate interest’.
How we keep your personal data secure
We are committed to ensuring that your information is secure. We use reasonable organisational, technical and administrative measures to protect your personal data.
This includes our website being a secure (https) website so that the data you enter in your browser is encrypted before being sent to our server. The data submitted in forms is automatically e-mailed to us by our server. These e-mails are sent using ‘Opportunistic TLS’ which means an attempt is made to send the e-mail in an encrypted form. However this is not always successful and we cannot guarantee that the e-mail will be encrypted. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.
Retention of personal data
We will hold your personal data on our systems for as long as we deem necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Under the EU General Data Protection Regulation 2018 you have the following rights that are relevant to how we collect and process your personal data:
- The right to information.
- The right to access the data we hold on you.
- The right for incorrect data to be rectified.
- The right for data to be erased.
- The right to restrict processing of the data.
- The right to object to processing of the data.
- The right to data portability between organisations.
- The right to lodge a complaint with a supervisory authority (see the ‘Making a complaint’ section below).
If you would like to exercise any of these rights or would like more information on your rights, please e-mail us at firstname.lastname@example.org call us on 07450 659691 or write to us at the address given in the ‘Our details’ section below.
Where the legal basis for our processing of your personal data is consent, if you would like to withdraw that consent (e.g. for us to send you marketing communications) please e-mail us at email@example.com, call us on 07450 659691 or write to us at the address given in the Our Details section below.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you have specifically given your consent for this to happen.
Below are the third parties we use to process personal data on our behalf with links to their respective privacy policies. These third parties have been carefully chosen and they comply with the EU General Data Protection Regulation 2018:
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Making a complaint
Should you wish to make a complaint about anything to do with how we collect, process or store your personal data please contact the Information Commissioners Office.
This website is owned and operated by Northampton Ear Clinic.
You can contact us as follows:
- by e-mailing us at firstname.lastname@example.org.
- by writing to us at Leicester Terrace Health Care Centre, Northampton NN2 6AL.
- by telephone on 07450 659691.