Updated May 2018
In providing services to you at Quintessence Portal you will be asked to provide personal data necessary for the purposes of your therapeutic process and its associated administration.
This privacy notice outlines:
- the type of personal information held, and why we hold it
- what we do with it
- how we secure your personal data
- how you can change or delete your personal data
Any reference to “we” or “us” refers to Charlotte Batchelor at this time. Privacy and respect of other human beings is of the utmost importance to us. Hence, we do not share your private information and we have no contracts with advertisers or any third-parties gathering personal information. We secure and manage all website information, personal or otherwise, on our own to the best of our abilities.
Please read the following carefully to understand how we manage your personal data.
How and What Data Is Collected
Data is obtained voluntarily from clients when booking and during therapeutic services offered at Quintessence Portal.
What Data is collected:
- Contact Details: Name, Date of Birth, Email, Address, Telephone contact number
- Written information shared from an Initial Questionnaire and other completed documents
- Information shared verbally during the therapeutic process – including medical and family histories.
- Treatment records -including therapeutic protocols and schedules.
- Audio and video recordings of Skype Sessions
- Appointment information
- Payment information – including invoices, fee amounts, receipts and payment details e.g. Paypal information were applicable.
Cookies are used on the Quintessence Portal Website to gain the necessary information needed for the site to function, to annonymously collect data for statiscical analysis of the usage of the site.
We use Google Analytics on our web pages to better understand how our site is being used. This information is collected in an aggregate way and includes information such as devices, operating system, browser, screen size, location, time and pages visited. This helps us to update the web site in a way that accommodates for current devices and offer a better experience when navigating and viewing our webpages. Please check Google Analytics for more information.
How Is Data Used
We collect and use this information to allow us to fulfil our therapeutic contract with you and provide the highest level of service to meet your needs.
Your personal data is used for personal identification, administration and communication regarding your ongoing therapeutic process and relationship with Quintessence Portal.
To provide you with the highest level of therapeutic care, we require up-to-date and accurate information about you. Please ensure you inform us of any changes you believe should be made to the personal information we hold. You can do this by contacting us by any of the methods below.
We will seek your preference for how we contact you; our usual methods are email, telephone, and text.
We use the information that we collect in a variety of ways during the provision of therapeutic services and operation of the business, including the following:
• To communicate with you regarding your therapeutic process, for example, sending information after a session, arranging appointments
• To send booking confirmations, appointment and payment reminders
• Respond to requests, questions, and comments, and provide other types of client support when requested or required to do so
• Investigate any issues that arise from using our services
• To notify you of any changes or updates to our services
• Provide information regarding products and services you request (such as when you sign up to receive our email newsletters);
• Communicate about, and administer your participation in, events, programs, offers or promotions
• To carry out any essential administrative processes
• To carry out obligations arising from any therapeutic agreements entered into between you and us
• To ensure that all services we provide are available, functional and maintained as advertised
• To allow you to participate in interactive features of our services, if you choose to do so
• To enhance the service we provide by developing new features, and improving functionality of existing features
Personal data may also be used to:
• To provide any information that we feel may be of genuine interest to you. You have the right to opt-out of receiving any promotional information as detailed below under ‘Your Rights’ of this policy.
• Offer you products and services, or direct you to portions of the website or other websites, that we believe may interest you.
• To conduct patient surveys or to find out if you are happy with the treatment you received for quality control purposes.
• Carry out, evaluate, and improve our business (which may include developing new features for the Site; analysing and enhancing the user experience on the Site; assessing the effectiveness of our marketing and advertising; and managing our communications);
• Perform data analytics regarding usage of the Site (including market and customer research, trend analysis, financial analysis, and anonymization of personal information);
• Guard against, identify, and prevent fraud and other criminal activity, claims, and other liabilities
• Comply with applicable legal requirements, law enforcement requests, and our company policies
Data is never shared with outside organisations unless required to by law or with your full consent and at your discretion, and then only with the individual(s) named and in the manner agreed (for example, with another therapist, their partner/family members or with another medical professional)
Exceptions to confidentiality and privacy where information may need to be disclosed to a third party include:
- threats to harm yourself or another,
- any vulnerable child, or adult at risk of abuse or neglect,
- illegal acts or potential illegal acts, treason or terrorism,
- as required under law.
Data Security & Keeping Your Information Safe- How We Store The Information We Collect
Your personal information is stored securely electronically and in a secure manual filing system depending on the services provided to you. Some personal data e.g. Name, email, & telephone number is stored on web-based booking and invoicing systems which are GDPR compliant.
Your information cannot be accessed by those who do not require access to it to administrate the services provided by Quintessence Portal. Currently all client information, data processing, and changes to personal information are tracked personally by Charlotte Batchelor.
When your information is submitted to us, we endeavour to ensure that appropriate security measures are in place to ensure your information is protected. These safeguards are implemented to ensure that personal data in our possession is not subject to any unlawful forms of processing which include accidental loss, unauthorised access or disclosure.
All precautions are taken to ensure security of the data held in secure filing systems and on computers or other devices e.g mobile phones and tablets. Information is routinely backed-up onto hard drive and cloud-based systems.
Our website has Secure Socket Layer (SSL) encryption present amongst other general security measures such as firewalls and password protection. Administrative processes are followed to ensure that your data is handled and processed accordingly to GDPR regulations. These measures are regularly reviewed to ensure that your personal data is being stored in the most secure way possible.
The data we collect from you may be processed, transferred and stored using various services integral to our business administration. These services may be based in locations outside of the European Economic Area (EEA) and only the essential and necessary data will be provided to them for them to fulfill their purpose. By submitting your personal data to us, you agree to this transfer, storing or processing.
We endeavour to ensure that all services we use to transfer, store and/or process data, in or outside EEA, have been verified to ensure that they are compliant with the European Union’s General Data Protection Regulation (GDPR) and any other respective legal framework that applies to that particular service. Further to this, we will continually monitor all services used to ensure compliance is still being achieved at any given time and the data they hold is stored in a safe and satisfactory manner using the most up to date security measures. We will, to the best of our knowledge, not process, store or transfer any data to any service that does not comply with the GDPR or have adequate security measures in place to protect your personal data.
Security of Communications
Please be aware that communications over the internet, such as e-mails and webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the World Wide Web/Internet. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website and in email communication; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Quintessence Portal cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
Access to your information and other rights
Quintessence Portal respect and protect your privacy. Under the GDPR, as a client of our services, you have several rights in relation to your personal data which include:
The right to access your data - you have the right to know exactly what information we hold about you and how we process it.
To update or amend your personal data - you have the right to have your personal data rectified if it is incorrect, incomplete, or needs updating.
To ask us to delete your personal data - You have the right to have some of your personal data removed or deleted without a specific reason for doing so. For legal and insurance reasons, we may be unable to erase certain information (for example, therapeutic records). However, we can, if you ask us to, delete some contact details and other non-clinical information
To stop us using your information – for example, sending marketing information. If we are relying on your consent to use your personal information for a particular purpose, you may withdraw your consent at any time and we will stop using your information for that purpose. There may be circumstances where you ask us to restrict the processing of your information, but we are legally entitled to refuse that request.
To get a free copy of your personal data - you have the right to request the personal data we hold about you for your own use and to receive a machine-readable copy free of charge. This is known as a Subject Access Request.
If you wish to exercise any of your rights in accordance with the GDPR, please contact us with the specific request using the contact details located under the ‘Contact Us’ section of this Policy. The action taken will be free of charge, provided in an easily accessible format (if applicable) and actioned within 30 days, where possible, depending on the volume of information needing to be processed and the level of detail requested.
Please be aware if you no longer wish to have your data stored or used by Quintessence Portal that is necessary for communication and administration of booked services then this will end any therapeutic agreement between yourself and Quintessence Portal.
If you have concerns about the way we handle your personal data, please contact Quintessence Portal at email@example.com or you can contact the ICO (www.ico.org.uk) if you feel your rights have been infringed.
How do I change marketing preferences:
You can opt in and out of marketing communications at any time by contacting firstname.lastname@example.org to change your preferences
You can also opt out of marketing communications by following unsubscribe links at the bottom of any marketing emails or text messages received from Quintessence Portal.
Records are retained after the date of your last therapeutic session at Quintessence Portal in accordance with legal and insurance requirements. At your request, non-essential information (for example some contact details) can be deleted before the end of this period. Financial records are kept in alignment with UK accounting and taxation law.
Links From Quintessence Portal to Other Websites
Links to other websites that are controlled by third parties maybe provided on this website or during the course of your therapeutic process. Linked websites may have their own privacy notices or policies, which we strongly suggest you review. We are not responsible for the content, usage terms, or privacy policies of websites that we do not own or control.
Protecting the privacy of children is paramount at Quintessence Portal. We do not knowingly collect any personal data of anyone younger than 16 unless parental consent has been obtained prior to using our Service. If you are under the age of 16 and we have not been provided clear parental consent, then you will not be able to access our services. If we become aware of any personal data that has been gathered on a child who is under the age of 16 without parental consent, we will take the appropriate action to ensure it is removed from our system.
If you, as a parent or guardian, discover that your child (under the age of 16) is using our Service without your consent, please notify us at email@example.com and will we take the relevant action to ensure the Personal Data of the child is erased.
Information for Users Outside the UK
How to Contact Us
If you have questions about this policy, would like to discuss this further, wish to make changes to your data, or no longer wish your data to be stored, please contact us by emailing firstname.lastname@example.org.
Alternatively you can use the Contact Us page on this website or in writing to:
Quintessence Portal, PO Box 739, York, YO1 0JB