This document sets out how Bill Bird Shoes uses and protects personal information as part of its commitment to the General Data Protection Regulation (GDPR).
Bill Bird Shoes understands your data is important to you and we are committed to ensuring that your privacy is protected. We do not share your data unless we receive your express consent to do so with specific third parties such as health care professionals etc., Should we ask you to provide information by which you can be identified, then you can be assured that it will only be used in accordance with this statement.
What customer information may we process?
- name, contact details
- necessary medical details (paper files) and digital photos of clients’ feet and ankles
- bank details, which are used then destroyed.
What is the lawful basis for processing this information?
The GDPR stipulates that there must be a lawful basis for the processing of personal data, there are 6 categories in total but Bill Bird Shoes only processes data that falls into the following 3 categories
Contractual – data held under records that have an active subscription to our services
Legitimate business interest – data within records that have been a customer in the past
Consent – data that has been offered by an individual or business owner/s either via our website or directly by post or electronically in the process of becoming or being a client
Who is the personal data shared with?
Where necessary or required and with the consent of clients we share information with:
- representatives of the person whose personal data we are processing
How long is customer personal data kept?
- Whilst an active subscription is in place or
- A maximum of 6 years since last recorded activity for clients or
- Until a deletion request is made and if no other overriding lawful reason exists
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we hold physically and electronically.
Controlling your personal information
At any time, you may choose to:
- Request a copy of your personal data held by Bill Bird Shoes
- Request your personal information is removed from mailing lists held by Bill Bird Shoes
- Request your personal information is deleted from all records held by Bill Bird Shoes
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the address provided. We will respond to any queries within 30 days and at no cost.
49 Northwick Business Centre
Moreton in Marsh
- a) By entering this website, you agree to all of the terms and conditions as set out below.
- b) This website is owned and copyright of Bill Bird Shoes (hereinafter called “the website owner”)
- c) This website has been developed by Bill Bird Shoes (hereinafter called “the website developer”)
- d) All terms and conditions apply to the website and any other websites or microsites operated by the website owner.
2) Privacy Statement
- a) Your privacy is important. By providing personal information such as your name and e-mail address via the email link on this website, you agree to the website owner contacting you with regard to your enquiry. Your personal information collected on this website will be used solely by the website owner. Under no circumstances will your personal information be sold or made available to any other organisation for their marketing use. We will immediately remove your e-mail address from our communication list when you ask us to do so.
- b) The website owner is committed to meeting all relevant obligations relating to this website that apply under the Data Protection Act of 1998 (and any subsequent new laws). The website owner will always observe the law in respect of the collection and processing of subject data and will meet any subject access request in compliance with the law. The website owner will only use data in ways relevant to carrying out its legitimate purposes and functions in a way that is not prejudicial to the interests of individuals. The website owner will take due care in the collection and storage of any sensitive data and will do its utmost to keep all data accurate, timely and secure.
- b) The website owner may collect technical data about the type of Internet browser and computer operating system that you use. This information does not identify you as an individual and is used only for tracking of site use. We might also place a “cookie” on your hard drive that will help us to identify you when you return to the site and allow us to tailor content to your personal preferences. If you do not wish to use “cookies” you may disable this option in your Internet browser settings. “Cookies” can be removed from your computer. Please refer to our separate section on Cookies below for further helpful information.
3) Intellectual Property Rights
- a) This web site is published by the website owner and is protected by copyright and other intellectual property rights in existence at any time throughout the world. All copy / text, graphics, images and all other material on this web site created by the website owner is copyright of the website owner. The website platform and technical infrastructure, all website design, content not created by the website owner, text / copy, imagery and the typographical arrangement thereof is the intellectual property and copyright of the website developer unless otherwise credited.
- b) Permission is hereby granted to electronically copy and to print hard copy portions of this web site for the sole purpose of using this as an information resource for the website owner’s products and services. Any other use of materials on this website, including reproduction for purposes other than the above, modification, distribution or republication without the prior written permission of the website owner and the website developer is prohibited.
- c) The trademarks, logos and service marks shown on this web site, unless otherwise specified, are the trademarks of the website owner or the website owner has been granted permission to use them by the respective trademark owner. No rights are granted to use any of them in any other manner whatsoever.
- d) Any infringement of copyright will result in appropriate legal action being taken against you.
4) Disclaimer and liability
- a) All warranties, representations, conditions of any kind or other terms implied by statute or common law with respect to this web site or the information, content, materials or products included on this web site are hereby expressly excluded to the fullest extent permitted by law.
- b) The website owner shall not be liable in any circumstances for any direct or indirect, special or consequential loss or damage (whether for profit or loss or otherwise) costs, claims, expenses or other claims for compensation what so ever, whether caused by the acts, omissions or the negligence of the website owner, its employees or agents, which arise out of or in connection with the use of this web site or the information, content materials or products included on this website, except in respect of death or personal injury caused by the website owner or its employees’ proven negligence.
- c) The website owner does not accept any responsibility or liability for access to or material on, any website that is linked from or to this website.
- d) The content appearing on this website do not constitute legal, medical or clinical advice and is provided for general information purposes only. No warranty, whether express or implied is given in relation to this website’s content. The website owner shall not be liable for any legal, medical, clinical, technical, editorial, typographical or other errors or omissions within the information provided on this website.
5) Misuse Statement
The website owner reserves the right to prevent your usage of this site if you misuse the contents contained within this website in any manner. We are the final arbiter as to what shall constitute misuse and our decision will be final.
6) Governing Law
This website is intended primarily for use by persons located and resident within the United Kingdom, including Northern Ireland, the Channel Islands and the Isle of Man. Accordingly, these terms and conditions shall be subject to English law and the parties to any dispute or action hereby submit to the exclusive jurisdiction of the English courts.
The practice aims to meet the requirements of the Data Protection Act 2018, the General Data Protection Regulation (GDPR], the guidelines on the Information Commissioner’s website as well as our professional guidelines and requirements. The data controller is the practice owner, who is also the information Governance Lead and the Data Protection Officer.
This Privacy Notice is available by email or by calling us.
You will be asked to provide personal information when joining us. The purpose of us processing this data is to provide optimum care to you.
The categories of data we process are:
- Personal data for the purposes of staff and self-employed team member management
- Special category data including health records for the purposes of the delivery of health care
We never pass your personal details to a third party.
- Personal data is stored in the EU whether in digital or hard copy format
- Personal data is obtained when a client joins us, when a client is referred to us and when a client subscribes to an email list
The lawful basis for processing special category data such as clients’ and employees’ health data is:
- Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional
The lawful basis of processing personal data such as name, address, email or phone number is:
- Consent of the data subject
- Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
The retention period for special data in client records is a minimum of 10 years and may be longer for complex records in order to meet our legal requirements.
You have the following personal data rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure (clinical records must be retained for a certain time period)
- The right to restrict processing
- The right to data portability
- The right to object
Further details of these rights can be seen at the Information Commissioner’s website. Here are some practical examples of your rights:
- If you are a client you have the right to withdraw consent for important notifications. You can inform us to correct errors in your personal details or withdraw consent from communication methods such as telephone, email or text. You have the right to obtain a free copy of your records within one month, plus any postal fees incurred, which will be charged to the client.
Comments, suggestions and complaints
Please contact us for a comment, suggestion or to make a complaint about your data processing. We take complaints very seriously.
If you are unhappy with our response or if you need any advice you should contact the Information Commissioner’s Office (ICO) by visiting https://ico.org.uk/. Their helpline telephone number is 0303 123 1113, you can also chat online with an advisor. The ICO can investigate your claim and take action against anyone who’s misused personal data. You can also visit their website for information on how to report a concern.
What are cookies?
Cookies are small text files that websites send to your computer. A cookie can be thought of as an Internet user’s identification card. They let the website know when the user has returned. This might be used to bring up information relevant to that user when they re-viist a website, for example their name, past orders etc.
Cookie fact and fiction
Cookies are not computer programs, and can’t read other information saved on your hard drive. They cannot be used to disseminate viruses, or get a user’s email address etc. They only contain and transfer to the website as much information as the users themselves have disclosed to that website. It is possible to opt out of cookies via your browser’s cookie settings. Please note that cookies are device / computer specific, so if you log on to any site from a different computer, ONLY the cookie settings on that computer will apply.
Cookies cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used to track users’ browsing activities which was a major privacy concern that prompted European and US law makers to take action.
Cookies are used by most websites for a variety of reasons – often very practical reasons to do with the operation of the website. However, they are also used to monitor how people are using the website (which pages are visited and how long is spent on each page). Each ‘visitor session’ is tracked even though no effort is made to try to identify them in person.
The law in the EU now states that you must be able to opt-out from having cookies stored on your computer.
We DO NOT store personal information in cookies
The original EU legislation that became known as the “E-Privacy Directive“ was published in 2003 and implemented as European Directive – 2002/58/EC. It was concerned quite widely with the protection of privacy in the electronic communications sector. In 2009 the Directive was amended by Directive 2009/136/EC that included a requirement to seek consent for cookies and similar technologies. The EU Directive entered UK law on 26th May 2011 as “The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011”. It is regulated by the Information Commissioner’s Office (ICO) www.ico.gov.uk who decided that enforcement would commence from 26th May 2012.
How do I disable cookies?
You can disable cookies using your browser’s settings / control panel. Please refer to your browser’s user guide for details.
What happens if you disable cookies?
If you decide to disable cookies, most of the website should work as expected although functions that rely on cookies are obviously disabled. These functions include using online forms or any feature that requires a login or person specific preferences. This has a couple of consequences:
- If you delete all your cookies you will have to tell us your preferences again
- If you use a different device, computer profile or browser you will have to tell us your preferences again
Different flavours of Cookies
When you visit our site, cookies are either served directly by us, or by our business partners. Here is a description of the different kind of cookies we may use:
These cookies allow you to use the basic functionality of our website. For example, browsing our products, ordering and paying for items, checking your account information and viewing your order history.
These cookies allow us to get to know how you use our website. They are used to analyse visitor information such as usage, visitor numbers and help us see how effective our advertising is and to understand what you like. We also use this information to help improve our website, make our marketing more relevant and improve the user experience.
These cookies allow us to provide additional functionality on the website and will retain some settings information. Whilst not essential for the functionality of our site, they do enable extra features that should improve your website experience.