Cookies Banner

Personal Information

As a practitioner, or prospective practitioner at BCR, you will need to provide personal information. The following will explain why we need it, how it is stored, and how we use or share it.

On 25/05/18 General Data Protection Regulations (GDPR) replaced the Data Protection Act of 1998.

Here at Bedford Consulting Rooms (part of Shaftesbury Clinic LLP), as a “data controller” we are committed to protecting and respecting your privacy.

On what basis we collect your information?

By asking us for information about our services, or by entering into a contract for us to provide you with services, you are accepting and consenting to the processing of personal information you provide, in a way you would expect, as described below.

This privacy notice applies to information that we collect from:

  • Patients
  • Prospective patients
  • Former patients
  • People who subscribe to our newsletters
  • Visitors to our website
  • Job applicants and our current and former employees
  • Practitioners with a contract for services with BCR
  • Practitioners who have enquired about coming to work at BCR

What information do we collect from you

We only ask for personal data from you that we need in order to provide and oversee services you have asked us to provide to you. This may include, but is not limited to, your name, email address, address, phone number, car registration number, details of your regulatory body(ies), insurance(s) and professional membership organisation(s).

What do we use the information for?

We will only use the information you provide directly to us on a contractual basis in order to:

  • administer and provide the information or services you have requested from us
  • administer the payments you make to us, and the tax and other legal obligations that arise from our contract with you.
  • notify you about changes to our service and to send you service emails relating to your account as part of our efforts to keep our site safe and secure
  • manage and operate your account with us.
  • use a secure third-party provider from time to time to deliver our e-newsletters. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. Information would be available in the privacy notice of the third-party provider, which we would indicate in the content of the mailing.
  • use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
  • use website cookies to improve user experience of our website by enabling our website to ‘remember’ users, either for the duration of their visit – using a ‘session cookie’ – or for repeat visits – using a ‘persistent cookie’.
  • Help us improve our website – our website search is powered by Google. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by us or any third party.
  • use a third-party service (Bright Design Ltd) to help maintain the security and performance of our website. To deliver this service it processes the IP addresses of visitors to our website.
  • to use a third-party service (Bright Design Ltd), to host our website including publishing our blog. This site is hosted at www.bedfordconsultingrooms.com, which is run by Bright Designs Ltd. We use a standard Google Analytics service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. Www.bedfordconsultingrooms.com requires visitors that want to post a comment to enter a name and email address.

Where do we store your information?

Bedford Consulting Rooms (Part of Shaftesbury Clinic) uses Microsoft 365 to store your contact information, only our employees and subcontractors have access to this to enable us to make bookings and contact you about appointments. The system is password protected, and is well protected from unauthorised access, full details about this are available at:

https://cloudblogs.microsoft.com/microsoftsecure/2017/09/25/new-microsoft-365-features-to-accelerate-gdpr-compliance/

We are registered with the Information commissioner’s office (ICO)

Emails are secured in Office 365, which operates their own Privacy by Design Policy.

https://products.office.com/en-gb/business/office-365-trust-center-privacy

Therapists at Bedford Consulting Rooms

Therapists at Bedford Consulting Rooms are responsible for their own patients’ data and medical records under the General Data Protection Regulation. Please therefore additionally ask your therapist for their privacy policy.

Therapist Applicants at Bedford Consulting Rooms

We are the data controller for the information applicants provide during the process.

All the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

The information we ask for is used to assess your suitability to provide services at BCR. You don’t have to provide what we ask for, but it might affect your application if you don’t.

We ask you for your personal details including name and contact details. We may also ask you about your previous experience, education, referees and for answers to questions relevant to the application.

  • Proof of your identity – you may be asked to attend our clinic with original documents, we will take copies.
  • Proof of your qualifications – you may be asked to attend our clinic with original documents, we will take copies.
  • You may be asked to complete a criminal records declaration to declare any unspent convictions.
  • We may contact your referees, using the details you provide in your application, directly to obtain references.
  • Emergency contact details – so we know who to contact in case you have an emergency at work.

If you are successful, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment. This includes your criminal records declaration, fitness to work, records of any references.

If you are unsuccessful at any stage of the process, the information you have provided until that point will be retained for 6 months from the closure of the recruitment process.

Information generated throughout the application process, are retained by us for 6 months following the closure of the process.

Sharing your personal data

Your personal data will be treated as strictly confidential, and will be shared:

  • with named third parties with your explicit consent;
  • with the relevant authority such as the police or a court, if necessary for compliance with a legal obligation to which we are subject e.g. a court order;
  • with your doctor or the police if necessary to protect yours or another person’s life;
  • with the police or a local authority for the purpose of safeguarding a children or vulnerable adults; or
  • our solicitor in the event of any investigation or legal proceedings being brought against us.

For further details about the situations when information about you might be shared please see the Information Commissioner’s website at

https://ico.org.uk/for-the-public/personal-information/sharing-my-info/

We will only share information with companies we have subcontracted directly to work on our behalf, in helping us with administering and providing the services you have requested from us.

  • Obtain your consent if we need to communicate with other health professionals (such as your doctor) about your care
  • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.

If we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements;

Your information will not be transferred to a country outside the European Economic Area (EEA).

If you are completing a contact form: Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary.

We will retain the data for 7 years after the termination of the contract, or 7 years after your last contact with us, this is to comply with the statutory obligations where patient’s records need to be retained in case of any legal claims, complaints or for safeguarding purposes.

MENU