PRIVACY POLICY

This Privacy Policy describes how and when MyFootMedic “MFM” collects, uses, and shares information when you attend an appointment, purchase our products, contact us, or otherwise use our services. This is to comply with the General Data Protection Regulations (GDPR) 2018.

Information we collect

To aid your treatment or as part of purchases from MFM, customers will normally provide MFM with certain information, such as their name, email address, postal address, medical information and payment information. MFM may store such information on an electronic patient record and diary system which is fully password protected.

Why MFM Needs Your Information and How It Is Used

MFM relies on a number of legal bases to collect, use, and share your information, including:

  • Where it is necessary for the purposes of the provision of health care as needed to provide MFM services, such as when MFM uses your information to fulfil your podiatry assessment and treatment, or to provide customer support;
  • When you have provided your affirmative consent, which you may revoke at any time, such as by signing up for our mailing list;
  • If necessary to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law.

Marketing

From time to time MFM may wish to send you direct marketing material which may include product offers and newsletters. This will only be done with your express consent to do so. If you would like to:

  • Tell us about a change of name and address;
  • Stop receiving marketing letters, emails, text messages or calls;
  • Obtain a copy of your prescription;

Please contact us.

Information Sharing and Disclosure

Information about patients/customers is important to MFM. MFM will only share your personal information for very limited reasons and in limited circumstances, as follows:

  • Medical professionals. Only with your consent (unless required as described above), MFM may share information with medical professionals such as your GP or consultant to allow continuity of care.
  • Service providers. MFM engages certain trusted third parties to perform functions and provide services to MFM, such as external reception services. MFM may share your personal information with these third parties, but only to the extent necessary to perform these services.
  • Business transfers. If MFM ‘the company’ is sold or merges with another entity, MFM may disclose your information as part of that transaction, only to the extent permitted by law and with your consent.
  • Compliance with laws. MFM may collect, use, retain, and share your information if legally required to.

Data Retention

MFM retains your personal information only for as long as necessary to provide you with its services and as described in this Privacy Policy. However, MFM may also be required to retain this information to comply with its legal and regulatory obligations, to resolve disputes, and to enforce agreements. The retention of podiatry records is normally a minimum of 8 years, after the last appointment. For customers who are not patients but may have bought products from MFM, MFM may keep any data provided for a minimum of 6 years in line with tax legislation.

Transfers of Personal Information Outside the EU

MFM may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, MFM may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than under EU jurisdiction. Please contact us for further details about our 3rd party provider of podiatry practice management software.

Your Rights

You have a number of rights in relation to your personal information. While some of these rights apply generally, certain rights apply only in certain limited cases. MFM describes these rights below:

  • Access. You have the right to access and receive a copy of the personal information MFM holds about you by contacting MFM.
  • Change, restrict, delete. You may also have rights to change, restrict the use of, or delete your personal information. In the case of health records these are normally exempt from change and deletion requests.
  • Object. You can object to (i) MFM processing some of your information based on MFM’s legitimate interests and (ii) receiving marketing messages from MFM after providing your express consent to receive them. In such cases, we will delete your personal information unless MFM have compelling and legitimate grounds to continue using that information or if it is needed for legal reasons.
  • Complain. If you wish to raise a concern about the use of your information (and without prejudice to any other rights you may have), you have the right to do so with the Information Commissioner at www.ico.org.uk.

How to Contact MFM

For purposes of the GDPR, I, Nicole McCarthy, am the data controller of your personal information. If you have any questions or concerns, you can contact us, or myself directly at manager@myfootmedic.com.