Herbs and Helpers

Herbal Services and Solutions | Herbalist | Supplier | Herbs

May 18

Data Privacy Notice

GDPR PRIVACY NOTICE – (Seeing this again? Our Privacy Notice has been updated and/or you have reset cookies)

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by [the General Data Protection Regulation 2016/679 (the “GDPR”)].

Your sensitive data – what is it?

Sensitive personal data means personal data consisting of information as to –

(a) the racial or ethnic origin of the data subject,

(b) his political opinions,

(c ) his religious beliefs or other beliefs of a similar nature,

(d) whether he is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992),

(e) his physical or mental health or condition,

(f) his sexual life,

(g) the commission or alleged commission by him of any offence, or

(h) any proceedings for any offence committed or alleged to have been committed by him, the disposal of such proceedings or the sentence of any court in such proceedings.

Sensitive Data – Case Notes (e & f see [the GDPR] above)

Additionally Herbs and Helpers may collect ‘Sensitive Data‘ from you during a consultation solely for the purpose of administering to your health care needs. Such data is required as a Legitimate Interest in order to fulfil the service you require from us in a competent and safe manner including any appropriate follow up required.

Who are we?

Lorraine Hodgkinson, on behalf of Herbs and Helpers, is the data controller (contact details below). This means we decide how your personal data is processed and for what purposes. Sensitive data is subject to additional consents and safeguards.

How do we process your personal data?

Herbs and Helpers complies with its obligations under [the GDPR] by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Sensitive Data – Case Notes (e & f see [the GDPR] above)

Additional consents and safeguards apply to any ‘Sensitive Data’ which usually refers to your case notes. We will normally require/request any additional consents to hold/process this data during consultation. We do not store Sensitive data by electronic means, after 7 years any such data is permanently ‘anonymised’ or destroyed. In the event of in house dispensing services/general admin purposes Sensitive Data is kept completely separated at all times from personal data. Sensitive Data is only directly accessible by Lorraine Hodgkinson. Procedures are in place at every stage to ensure that access to Sensitive Data is always logged when removed from secure storage, is transported securely, and logged on return to secure storage.

We use your personal data for the following purposes:

Your name, address, telephone number, email address and other information are kept by us solely for the purposes of recording, processing and maintaining your queries, tests, samples, orders and payments etc., and for issuing invoices, reports, receipts, replies etc.

Our Terms and Conditions also detail our policies on cookies, which may be encountered whilst using our websites, and more detail on the standards we apply in storing and handling your data.

We also may use your data for the purpose of keeping accurate accounts and records relating to quality control and necessary processing procedures.

Other purposes may include: –

  • Administration of records.
  • To maintain our own accounts and records.
  • If you contact us, we may keep a record of that contact.
  • Keeping you informed of any relevant changes/notices.
  • Necessary administration of our web servers/payment processing systems etc.

What is the legal basis for processing your personal data?

☐ Your Consent : Where required to receive optional news, updates, offers etc. We require you to opt in to receive this service and you may unsubscribe at any time. We also request any extra explicit consents required in regard to Sensitive Data during private consultation with you.

☐ Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract :  According to our Terms and Conditions, in order to successfully execute your orders, work on your behalf in performing and processing any services you request of us.

☐ Processing is necessary for compliance with a legal obligation :  In order to follow correct accounting practices demanded by HMRC. Any legal requirements we need to comply with e.g. insurance purposes, employee administration.

☐ Processing is necessary for medical purposes, and is undertaken by a health professional or by someone who is subject to an equivalent duty of confidentiality : Legitimate Interest reasons regarding Sensitive data and where explicit consent has also been acquired as necessary.

Sharing your personal data

Your personal data will be treated as strictly confidential, and will be shared only with anyone directly connected to Herbs and Helpers or any appropriate bodies as outlined above strictly in line with any necessary duties we are required to meet.

Sensitive Data – Case Notes (e & f see [the GDPR] above)

Is kept strictly confidential at all times. Only Lorraine Hodgkinson has direct access to Sensitive Data, it may be shared with you on your explicit written consent. Again with your explicit written consent it may be anonymised to be further discussed with other suitable professionals if you allow/require this.

We will only share your data with third parties outside of this with your consent (see Further Processing below).

How long do we keep your personal data

We keep your personal data for no longer than reasonably necessary and normally for a period of at least 6 years from last contact in order to comply with necessary accounting practices, and any other legal requirements.

We keep Sensitive Data for no longer than 7 years from last contact as advised by our insurers as part of Legitimate Interest reasons. After this it is permanently anonymised or destroyed.

Your rights and your personal/sensitive data

Unless subject to an exemption [under the GDPR], you have the following rights with respect to your personal/sensitive data: –

 The right to request a copy of your personal data which Herbs and Helpers holds about you;

 The right to request that Herbs and Helpers corrects any personal data if it is found to be inaccurate or out of date;

 The right to request your personal data is erased where it is no longer necessary for Herbs and Helpers to retain such data;

 The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable)

 The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;

 The right to lodge a complaint with the Information Commissioners Office.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing. Separate extra consents involving your explicit written consent will always be sought regarding any further anticipated processing of Sensitive Data.

Contact Details

To exercise all relevant rights, queries or complaints please in the first instance contact Lorraine Hodgkinson at 6, Butts Fold, Cockermouth, Cumbria, CA13 9HY. Telephone 01900 826392 Text: 07761489838 Email: info@herbalmedicineuk.com.

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

GDPR PRIVACY NOTICE                                                       Current Version 1.0 17/05/2018

HERBS AND HELPERS | Lorraine Hodgkinson AHG MRCHM | 6, Butts Fold, Cockermouth, Cumbria, CA13 9HY.  UK. | Tel: +44 (0) 1900 826392 | Text: 07761 489838 | Email: info@herbalmedicineuk.com