Trusted Practitioner is committed to respecting the privacy of our members, their patients/clients, our contacts, and all visitors to our website (the ‘website’).
We intend to ensure any data we hold is kept secure, managed respectfully and only used for the purposes for which it has been provided.
What information do we collect?
We may collect personal information from you in the course of our business, including when you contact or request information from us, when you engage our services, when you use our website, or as a result of your relationship with one or more of our staff or members.
Information provided by you:
You may choose to provide us with personal information, for example, by asking us to contact you, signing up for a newsletter, purchasing a product or service, or by submitting a review about one of our members.
This may include contact information (e.g. name, address, telephone number and/or email address), financial or payment related information (such as invoices and payment receipts) and any other personal information you choose to provide us (e.g. as part of a review submission).
If you become a member, you may also provide us with your patient/client’s contact details (e.g. name, email) and optional personal message, so we can provide our services as one of your Data Processors.
Information logged automatically:
Web servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your web browser.
Information from third parties:
We may receive information from third parties, such as social media or other public sources.
If you are the patient or client of one of our members, then in our capacity as one of their authorised Data Processors, they may supply us with your contact information (such as name, email) so that we can request a review.
On what basis do we use this information?
Under the European Union’s General Data Protection Regulation (GDPR) law, we are permitted to use your personal data if there is a lawful basis to do so.
We use your personal information on the following bases:
- To perform a contract, such as delivering our products and services; or
- Where you have provided your consent; or
- To comply with legal and regulatory obligations; or
- For legitimate business purposes;
Where we process any special category information (e.g. health information, religious or philosophical beliefs), this will be on the following bases:
- your explicit consent; or
- where you have made the information public; or
- for the establishment, exercise or defence of legal claims;
How is this information used?
We use your information to:
- provide and improve our services and products to you;
- maintain and develop our relationship with you and our members;
- maintain the security of our website and data
- facilitate our internal business operations;
- fulfil our legal requirements and professional obligations;
- monitor and analyse our business to provide the best client experience;
- promote and market our website and services
We may not be able to do these things without your personal information.
How long is this information kept?
We keep your personal information only for as long as required by us:
- to provide you with the services you have requested;
- to comply with the law, including our accounting obligations;
- to support a claim or defence in court;
- to fulfil our legitimate business interests
How is this information shared?
We may share your information with third parties where:
- you have consented for us to do so;
- we are under a legal, regulatory or professional obligation to do so;
- legal proceedings require us to exercise or defend our legal rights;
- suppliers are processing data on our behalf under contract (such as our payment providers, email service provider, advertising and analytics providers);
- we are processing data on behalf of a data controller under contract (such as collecting reviews for our members)
Trusted Practitioner uses servers located in the United States. Our suppliers and data controllers, may be based (or store or process information) in the UK or elsewhere including outside of the European Economic Area (the “EEA”). This may mean your information is transferred from a location within EEA to outside the EEA, or vice-versa.
In the event that retirement, merger or restructuring passes control of our business to a new owner, we may need to pass your information to the new owners.
They are placed by software that operates on our servers, and by third party services, such as Google Analytics, Facebook and Twitter, who may use that information to further help us analyse the popularity and use of our site, and to enable us to appropriately target and measure the effectiveness of our advertising.
The generic information generated about your use of our website (including anonymised IP address) may therefore be transmitted to and stored by third parties, such as Google and Facebook, on servers in the United States.
You may also have the right to request that we:
- Provide you with a copy of your personal information that we hold
- Update your personal information where it is out-of-date or incorrect
- Delete personal information that we hold
- Restrict the way in which we process your information
- Consider any valid objections to our processing of your personal information
- Provide information you have given to us to a third party provider of services (where our lawful basis for processing is consent or contract and where processing is automated)
You may also have the right to submit a complaint to a supervisory authority in your jurisdiction.
Please be aware that these rights are not absolute, so will not apply in all cases or to all information that we hold about you. For example, we may need to continue to hold and process information to establish, exercise or defend our legal rights, or to fulfil our legal and accounting obligations under the Companies Act.
We provide an unsubscribe option in every marketing email, so you can easily opt out at any time without contacting us. We also provide self-management facilities allowing you to view, edit or delete your personal data or review at any time.
Otherwise, to object to the processing of your personal information, withdraw a previously given consent, or provide up-to-date and accurate information, please contact us using the details below, and we will take all reasonable care to respect your wishes in accordance with our legal obligations.
We will respond to your request within the applicable statutory time period, and inform you if the right you wish to exercise applies to the particular circumstances of your request.
Please note that if we are not sure of your identity, we may require you to provide further information in order for us to confirm who you are.
We may update this privacy notice from time to time as necessary to keep it in line with current legislation and industry best practice.