Bookings

Book an Appointment online
or call +44 (0) 207 581 2639

PRIVACY NOTICE

Roscop Practice’s privacy notice.

 

The Roscop Practice respects your privacy and is committed to protecting your personal data. This privacy notice will inform you how we look after your personal data when you use our services, or when you visit our website (regardless of where you visit it from), and it will tell you about your privacy rights and how the law protects you.

1.  IMPORTANT INFORMATION AND WHO WE ARE  

 

PURPOSE OF THIS PRIVACY NOTICE

This privacy notice aims to give you information on how The Roscop Practice collects and processes your personal data through your use of our services or your use of this website, including any data you may provide directly to us, by using our services or through this website. It also explains our position as regards the collection and processing of the personal of data of your children.

 

It is important that you read this privacy notice together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your personal data. This privacy notices supplements other notices and privacy policies and is not intended to override them.

CONTROLLER 

For the purpose of the Data Protection Act 2018 (the “Act”) and the EU General Data Protection Regulation (“GDPR”), the data controller is Frederic Roscop Limited of 33b Beauchamp Place, Chelsea, London, England, SW3 1NU. Our ICO registration number is NUMBER.

Our nominated [Data Protection Officer (DPO) / data protection representative] is NAME and you may contact our [DPO / data protection representative] to find out more about the way we treat and use personal data via email at EMAIL.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance at the above specified address. 

For the purpose of the Data Protection Act 2018 (the “Act”) and the EU General Data Protection Regulation (“GDPR”), the data controller is Frederic Roscop Limited of 33b Beauchamp Place, Chelsea, London, England, SW3 1NU. Our ICO registration number is NUMBER.

Our nominated [Data Protection Officer (DPO) / data protection representative] is NAME and you may contact our [DPO / data protection representative] to find out more about the way we treat and use personal data via email at EMAIL.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance at the above specified address. 

CHANGES TO THE PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES  

We keep our privacy notice under regular review.

 

It is important that the personal data we hold about you is accurate and current. Please therefore keep us informed if your personal data changes during your relationship with us.

THIRD-PARTY LINKS  

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

2.  THE DATA WE COLLECT ABOUT YOU

GENERAL PERSONAL DATA

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you, which we have grouped together as follows:

 

  1. Identity Data (including first name, last name, title, date of birth and gender).
  1. Contact Data (including billing address, email address and telephone numbers).
  1. Financial Data (including bank account and payment card details).
  1. Transaction Data (including details about payments to and from you and other details of products and services you have purchased from us).
  1. Technical Data (includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website).
  1. Usage Data (including information about how you use our website, products and services).
  1. Marketing and Communications Data (including your preferences in receiving marketing from us and our third parties and your communication preferences).

SENSITIVE PERSONAL DATA

From time to time, we may collect sensitive personal data from you, including information regarding your racial or ethnic origin, your health, and certain genetic and biometric data. We only collect such sensitive personal data with your consent and we only process it in the way that we describe to you at the time that we request it from you.

IF YOU FAIL TO PROVIDE PERSONAL DATA   

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

3.  HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you, including through:

Direct interactions. You may give us your Identity, Contact and Financial Data, by filling in forms on our website or our other social media, or by corresponding with us by post, phone, email, face-to-face in our practice, or otherwise. This includes personal data you provide when you:

  • book an appointment with us;
  • create an account on our website;
  • subscribe to our service or newsletter;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us feedback or contact us.

Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using server logs and other similar technologies.

Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below:

  • Technical Data from the following parties:
  1. a. analytics providers such as Google based outside the EU; and
  2. b. [OTHER];
  • Contact, Financial and Transaction Data from providers of technical, payment and delivery services [such as [NAME].

4.  HOW WE USE YOUR PERSONAL DATA  

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.
  • Where you have provided us with explicit consent to process your data;

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us at EMAIL.

PURPOSES FOR WHICH WE WILL USE YOUR/YOUR CHILD’S PERSONAL DATA  

Direct interactions. We will use this information:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
  • to notify you about important changes to our service.

Automated technologies or interactions. We will use this information:

  • to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our website to ensure that content is presented in the most effective manner for you and for your device;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our website safe and secure;

Third parties or publicly available sources. We may receive personal data about you from selected third parties that we work with or that provide us with a service (such as payment services for example) and public sources (such as Companies House for example).

MARKETING AND PROMOTIONAL OFFERS

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your Identity, Contact, Technical, Usage and Profile Data that we collect about you, such as your IP address and the way you browse our website to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested such information from us, used our services, or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing directly to you.

We may also send occasional updates and promotional discounts to you.

THIRD-PARTY MARKETING  

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

 OPTING OUT   

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time at EMAIL.

 Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

5.  DISCLOSURES OF YOUR PERSONAL DATA

You acknowledge and agree that from time to time we have the right to share your personal information with:

  • Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
  • Selected third parties including:
    • Google LLC. (“Google”), based in the US, for the storage of documents that include your personal data on Google Drive, the use of Gmail in order to contact you about any services we provide to you and Google Contacts to store and maintain our clients’ details;
    • Red Guava Pty Ltd, based in Australia, for use of their Practice Management Software, Cliniko (“Cliniko”); 
    • Rocket Science Group, LLC for use of their service, Mailchimp (“Mailchimp”) based in the US, to send you our newsletter, if you consent;

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6.  INTERNATIONAL TRANSFERS

All personal data we process is processed by our staff, and, for the purposes of IT hosting and maintenance, this information is located on servers within the European Union.

Some of our external third parties (such as for example Google, Cliniko, Mailchimp and Squarespace) are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

    • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
    • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

Please contact EMAIL if you would like any further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Once we have received your information, we have a Data Protection regime in place to oversee the effective and secure processing of your personal data and we will use strict procedures and security features to try to prevent unauthorised access.

However, and unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website at transmission stage; any transmission is at your own risk. 

7.  DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8.  DATA RETENTION – HOW LONG WILL YOU USE MY PERSONAL DATA FOR?  

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. 

In some circumstances you can ask us to delete your data: see below for further information.

9.  YOUR LEGAL RIGHTS 

If at any point you wish to know which information we are processing about you, or if you do not wish for us to process your information anymore or if you believe the information we process on you is incorrect or obsolete you can request to see this information and/or have it corrected or deleted by us by contacting us at EMAIL. We will fulfil your request to exercise your rights within a month and at no cost.

10. CHANGES TO OUR PRIVACY NOTICE

Any changes we make to our privacy notice in the future will be posted on this page.