General data protection
Laura Gil recognises that your privacy is important and is committed to respecting your privacy. We will apply appropriate protection and management of any information you share with us. The information you submit will be kept confidential and with the highest standards of security. The information you provide will be held and used in accordance with the General Data Protection Regulations.
Any personal information provided by you will only be used for the following purposes:
Marketing & Newsletters (When you agree, and knowing that the individual can easily opt-out at any time). This means you may ocassioanlly receive emails advising you of other products & services, courses, anything new, important changes or relevant information which may be of interest
I will therefore only access your records for these purposes. Your personal data and information are strictly confidential and will not be shared with third parties.
We may also be required under law to surrender records to legal authority. We will inform you of any such request unless forbidden by law.
Please understand it is not possible to treat you if we cannot hold any records on you at all.
You should contact our Data Controller for all matters related to your records. The Data Controller for this clinic is Laura Gil. She can be contacted by phone on + 353 (0) 89 213 3301, by email at firstname.lastname@example.org, and by post at 7, Pembroke Street Upper, Dublin 2, Ireland.
Where is the data stored?
Records are stored in a locked filing cabinet.
Who has access to your records and why?
Laura Gil is the only entitled person to access your records for all purposes of the above described.
We will not share your records with any commercial organisation or therapist under any circumstances.
Our site may contain links to and from other websites. If you follow a link to any of these websites, please note that they have their own privacy policies and we do not accept any liability for these policies.
How long is data retained?
All records must be retained for a period of 7 years after the last appointment. However, all records will be destroyed at any time if you request it.
You can demand to see all our records on you at any time. Please allow up to 14 days for us to provide them. If you think some information is incorrect, or not needed for the above purposes, you may request we correct or remove it. Since this is an important change, please do so in writing via registered post. Where records are held in computers, in the interest of preserving data security, we reserve the right to provide printed copies instead of electronic files.
You can demand we destroy all records we hold on you. Please allow up to 14 days for us to comply. Requests for the destruction of records should be sent in writing via registered post.
What the New Laws mean for you as an individual from the Official GDPR Website
General Data Protection Regulation (GDPR) from 25th May 2018 will replace current data protection laws in the European Union.
The new law will give individuals greater control over their data by setting out additional and more clearly defined rights for individuals whose personal data is collected and processed by organisations. The GDPR also imposes corresponding and greatly increased obligations on organisations that collect this data.
Personal data is any information that can identify an individual person. This includes a name, an ID number, location data (for example, location data collected by a mobile phone) or a postal address, online browsing history, images or anything relating to the physical, physiological, genetic, mental, economic, cultural or social identity of a person.
The GDPR is based on the core principles of data protection which exist under the current law. These principles require organisations and businesses to:
collect no more data than is necessary from an individual for the purpose for which it will be used;
obtain personal data fairly from the individual by giving them notice of the collection and its specific purpose;
retain the data for no longer than is necessary for that specified purpose;
to keep data safe and secure; and
Provide an individual with a copy of his or her personal data if they request it.
Under the GDPR individuals have the significantly strengthened rights to:
obtain details about how their data is processed by an organisation or business;
obtain copies of personal data that an organisation holds on them;
have incorrect or incomplete data corrected;
have their data erased by an organisation, where, for example, the organisation has no legitimate reason for retaining the data;
obtain their data from an organisation and to have that data transmitted to another organisation (Data Portability);
object to the processing of their data by an organisation in certain circumstances;
Not to be subject to (with some exceptions) automated decision making, including profiling.
Organisations and businesses collecting and processing personal data will be required to meet a very high standard in how they collect, use and protect data. Very importantly, organisations must always be fully transparent to individuals about how they are using and safeguarding personal data, including by providing this information in easily accessible, concise, easy to understand and clear language.