1. Introduction
Andarta Health and Performance ("Andarta Health", "we", "us", "our") is committed to protecting and respecting your privacy. This Privacy and Data Protection Policy outlines how we collect, use, store, and disclose personal information in accordance with the UK Data Protection Act 2018, the General Data Protection Regulation (GDPR), and other applicable data protection laws.
2. Data Controller
Andarta Health, located at 843 Finchley Road, England NW11 8NA, is the data controller responsible for your personal data. For any queries or concerns regarding your data, please contact our Data Protection Officer (DPO) at:
Email : tracey@andartahealth.com
Address : 843 Finchley Road, England NW11 8NA
3. Information We Collect
3.1 Personal Information
We collect and process the following personal information:
- Identification data : Name, date of birth, gender, national insurance number.
- Contact details : Address, phone number, email address.
- Health information : Medical history, treatment records, test results, insurance details.
- Financial information : Billing and payment information.
- Usage data : Data on how you use our website and services.
3.2 Sensitive Information
We may collect and process sensitive personal data, including:
- Health and medical information.
- Racial or ethnic origin.
- Religious or philosophical beliefs.
- Biometric data for identification purposes.
4. How We Collect Information
We collect personal information through various means, including:
- Directly from you when you register or use our services.
- From healthcare providers and third-party service providers.
- From your interactions with our website and applications.
- Through surveillance cameras at our premises for security purposes.
5. Purpose of Data Collection
We collect and use personal data for the following purposes:
- To provide healthcare services and manage patient care.
- To ensure the safety and appropriateness of the services we provide.
- To comply with regulatory and legal obligations, including those set by the Care Quality Commission (CQC).
- To process payments and manage billing.
- To communicate with you regarding your care, appointments, and our services.
- To improve our services through research and statistical analysis.
- For security and fraud prevention.
6. Legal Basis for Processing
We process personal data based on the following legal grounds:
- Consent : When you have given clear consent for us to process your personal data.
- Contract : When processing is necessary for the performance of a contract with you.
- Legal obligation : When processing is necessary to comply with legal and regulatory requirements.
- Vital interests : When processing is necessary to protect someone’s life.
- Public task : When processing is necessary for us to perform a task in the public interest or for our official functions.
- Legitimate interests : When processing is necessary for our legitimate interests, provided that your rights and interests do not override those interests.
7. Data Sharing and Disclosure
We may share your personal data with:
- Healthcare professionals involved in your care.
- Third-party service providers assisting us in delivering our services.
- Insurance companies for billing and claims purposes.
- Regulatory bodies such as the CQC.
- Law enforcement and other authorities when required by law.
8. Data Security
We implement appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. This includes:
- Using secure servers and encryption protocols.
- Restricting access to personal data to authorized personnel only.
- Conducting regular security audits and assessments.
- Ensuring our third-party service providers adhere to strict data protection standards.
9. Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory requirements. When personal data is no longer needed, we securely delete or anonymize it.
10. Your Rights
You have the following rights regarding your personal data:
- Access : You can request access to your personal data.
- Correction : You can request correction of inaccurate or incomplete data.
- Deletion : You can request deletion of your personal data under certain conditions.
- Restriction : You can request restriction of processing under certain conditions.
- Portability : You can request transfer of your data to another organization.
- Objection : You can object to the processing of your personal data under certain conditions.
- Withdraw consent : If processing is based on consent, you can withdraw your consent at any time.
To exercise these rights, please contact our Data Protection Officer using the contact details provided above.
11. Complaints
If you have any concerns or complaints about our data processing practices, please contact our Data Protection Officer. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website : [ICO Website](https://ico.org.uk/)
Phone : +44 303 123 1113
Address : Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
12. Changes to This Policy
We may update this Privacy and Data Protection Policy from time to time. The latest version will be available on our website, and significant changes will be communicated to you.
For more detailed information about how we handle your personal data, please refer to our comprehensive Privacy Policy available on our website.
---
Contact Us :
For any queries about your personal data or this policy, please contact our Data Protection Officer:
Email : tracey@andartahealth.co.uk
Address : 843 Finchley Road, England NW11 8NA