This Privacy Notice is intended for you the client. It is provided to provide you with the information you need to ensure that your rights and freedoms as a data subject are protected as required under the (EU) 2016/679 (‘General Data Protection Regulation’), which we call here ‘the Regulation’ and the Data Protection Act 2018, which we call here ‘the Act’.
When processing your personal information, I am defined as the ‘data controller’ under the Regulation and the Act.
My contact details are:
If you have any questions or queries, please contact me in writing:
140c Merton Rd
Tel: 07960 56 44 99
The Data Protection Act (1998)
The GDPR (General Data Protection Regulations) enhances and replaces the current Data Protection Regulations as of 25/05/2018. Anyone who holds personal data of any EU citizen through personal identifiable records and mailing lists are obliged to comply.
Under the Data Protection Act (1998) I have a legal duty to protect any information I hold about you. I use leading technologies to safeguard your personal information and keep strict security standards to prevent any unauthorized access to it.
I take your privacy very seriously. I will only use your information for administration purposes and in order to provide appropriate treatment and care for you and your baby.
In your consent form, you will be asked to sign to say that you agree to this 'Privacy Notice' as set out below:
This Privacy Notice only covers ‘swlondonlactationconsultant’. It does not cover all sites that can be linked/accessed via this site, so you should be aware when you are moving to another site to read the privacy statement on that site too.
Your information is not passed on to any commercial third parties, and I don’t subscribe you to mailing lists. This also applies to information and details you entered on my online contact page. I will not store any of these data but only use it at my first point of contact.
I don’t pass your details on to any third parties. There are 2 exceptions to this:
Your GP needs to be informed of any treatment/procedure undertaken. Minimal identifiable data is included on this letter and I will send your GP letter via first class royal mail. If during your consultation, I suspect additional health factors I may include this on the GP letter too.
Should I have concerns relating to the welfare of an adult or a child which I believe to be ‘at risk’, or if there are any safeguarding or health- concerns which are not within my my sphere of practice, I may contact other professionals for additional intervention, therefore breaching confidentiality. This may include the GP, Health Visitor, Social Worker or Police.
How will I use your information?
I use your information in order to provide continuation of care to you and your baby, through assessment, treatment and support.
I may use you and your infant's information and data without notice; for auditing or research purposes.
In order to care for you and your baby and being accountable it is necessary for me to hold your personal information, but it is also a legal requirement by the NMC (Nursing and Midwifery Council) who stipulate that records will need to be kept for 25 years post last contact made. After the 25 years has passed, the records are securely destroyed (cross-shredded, erased, or burnt).
Online submission of personal information
This website is powered by Wix (www.wix.com). The online submission of your details when contacting me are sent via Wix (the Data Processor) to myself (the Data Controller). Please note that Wix.com is certified under the EU-US Privacy Shield Framework and the Swiss-US privacy shield framework as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal information transferred from the European Union to the United States, and therefore adheres to the Privacy Shield Principles. Their platform also claims to be compliant to the new GDPR regulations from May 2018.
All merchants, who process card payments have to comply with PCI DSS.
Online payments are processed by Paypal. Your card payment details are not visible to me. Further information from them is found here: https://www.paypal.com/uk/webapps/mpp/pci
For card payments via the card terminal, I am paying additional fees to ensure your data is safe. Should you have concerns regarding fraud or card data use since using your card details, you are encouraged to contact your card provider. The Information security policy is available via email if you request it.
What information I hold about your and your child and accessing this information
The records that have been made at your assessment and/or treatment appointment and any written follow ups/notes will be sent to you via a password protected PDF attachment.
I will store this information safely on external drives which are locked away
I take 'before' and 'after' photographs as a visual aid for documentation, and is of your infant's mouth area only.
Your right to withdraw
Until you have achieved your infant feeding goals, I may contact you to follow up and send you a feedback form in order to find out how satisfy you are with my care. At any point you can opt out of this service.
How are my records stored?
Active records (from point of initial contact up until date of agreed discharge) are held on my personal electronic device (iOS). This is password protected with additional fingerprint recognition to access emails.
Once discharged, your record is transferred to an external storage device, which is also encrypted/password protected.
Both active and dormant records are stored in a locked cabinet.
I wish to make a Data Protection related complaint
The ICO (information Commissioner’s Office) is the regulator of the GDPR (General Data Protection Regulations) and complaints should be forwarded to them if it is related to a breech in data collection or record keeping.
I am registered with ICO, Membership number: ZA469472
www.ico.org,uk, Telephone: 0303 123 1113
Information Commissioner’s Office,