General Notice

This is a notice to inform you of our policy regarding all personal information that ‘The London Craniofacial Surgery Ltd.’ processes. ‘Processing’ refers to the collection, storage, transfer and sharing of personal information.

We only use information collected lawfully in accordance with the Data Protection Act 2018 and the General Data Protection regulation (GDPR) (EU) 2016/679. Our practice is registered with the Information Commissioner’s Office (ICO) and the care quality commission (CQC).

This Privacy Policy explains what personal data we collect, how we use your personal data, reasons we may need to disclose your personal data to others and how we store personal data securely. The policy outlines the combination of working practices and technology we use to ensure that the information is kept confidential and secure and that we can deliver the best possible medical care and support services.

How do we collect personal data?

We receive information about you when you use our website, complete forms on our website or in clinic and if you contact us by phone, email or otherwise in respect of any of our services. We also collect information from you when you register with private hospitals to see our specialists.

If you provide us with personal data about a third party (for example when registering for an appointment on their behalf, or when registering a minor), you warrant that you have obtained the express consent from the party for the disclosure and use of their personal data or are legally responsible for that person.

What type of data do we collect from you?

The personal data that we collect from you includes your name, postal address, email address, phone number and medical information provided by yourself or referring clinicians. We may also keep details of your visits to our website, including but not limited to traffic data, location data, weblogs and other communication data. We also retain records of your queries and correspondence, in the event you contact us.

 

How do we use your data?

We use information about you in the following ways:

  • To provide you information and services;

  • For our own internal records;

  • To facilitate referrals and multidisciplinary treatment pathways;

  • To help us identify you and any accounts you hold with us;

  • To provide customer care, including responding to your requests if you contact us with a query;

  • To enable us to review, develop and improve our services and website;

  • To administer accounts, process payments and keep track of billing and payments;

  • To provide you with information about products or services that you request from us or where you have consented to be contacted for such purposes;

  • To inform you of service and price changes;

  • To notify you about changes to our services.

  • To carry out marketing and statistical analysis;

 

Data Retention Periods

We will keep your personal data for the duration of the period you are a patient of the London Craniofacial Surgery Ltd. We shall retain your data only for as long as necessary in accordance with applicable laws: for 7 years following discharge, or until 18 if a minor, as is our legal obligation or longer if your condition requires it.

Disclosures to third parties - Who has access to your personal data?

Data may be shared with healthcare professionals such as dentists, general practitioners, referring clinicians and consultants as well as medical insurance companies. This is done in accordance with the written consent obtained from patients during the registration process and/or verbal consent obtained during consultations/appointments. Personal and health data is also shared when we refer patients for specialist advice and/or as part of a multidisciplinary treatment plan.

In addition, data is shared with third parties who assist in the administration of your healthcare and therefore process your personal information on our behalf. Below is a list of all the ways we may use your personal data and how we share the information with third parties.

Information sharing in multidisciplinary teams (MDTs)

Your care may at times be provided by several health professionals from one or more organisations and professions, that work together to make decisions regarding the treatment of individual patients. Health professionals have a duty of care to their patients, and this includes a duty to share information between health professionals to ensure that they have the information needed to support individual patient care where it is lawful to do so, unless you object. Cases may be discussed in regular multidisciplinary team (MDT) meetings held for the purpose of managing a patient’s ongoing care and treatment pathway. All healthcare providers involved in the MDT have a duty to ensure your information is used and shared safely.

 

DGL Practice Management Software

DGL backs up all our data, within the cloud for access on the move in order to facilitate your care and response to queries from yourself and relevant third parties involved in your care. Their terms and conditions regarding privacy are available at: https://www.dglpm.co.uk/privacy-statement.

 

Dropbox

This software enables temporary storage and temporary sharing of electronically filed data between team members only. Their terms and conditions regarding privacy are available at: https://www.dropbox.com/en_GB/privacy.

 

CIVICA Medical Billing & Collection

The team at CIVICA medical billing & collection administer and process the payments for services between yourself, any relevant health insurers, Mr Jonathan Collier and any other relevant third parties. CIVICA also collect debt on our behalf.

Their privacy policy is available at: https://www.civica.com/en-gb/policies-and-statements/privacy-notice/

Dictations / Transcriptions

Wetype transcription services process all our dictations and letters. The dictations are processed through the Wetype mobile app and is handled in accordance with their privacy policy as a data processor. The terms and conditions regarding privacy are available at: https://www.wetype.uk/privacy-policy/.

 

Google

Google email accounts facilitate communication between members of the team and yourself. Google’s privacy policy is available here: https://policies.google.com/privacy.

iScanner & Evernote Scannable

This software enables written documentation to be scanned and filed electronically, prior to the original hard copy being safely shredded.

Clinical Photography

Photographs are held on the camera device with which it is taken for 15 days prior to electronic filling with your records and deleting from the device.

Our Website

Where applicable our website uses ‘cookies’ to help personalise and optimise our online experience. A cookie is a small text file that is placed on the user’s computers hard disk by a web page server. Cookies save and store information about the user’s interactions and usage of the website. This allows the website to provide users with a tailored experience of the website. Cookies cannot be used to run programmes or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. Our website uses tracking software to monito visitors to better understand how the website is used. This software if provided by Google Analytics, which uses cookies to track and monitor usage of the website. The software will not store, save or collect personal information.

Security

We take appropriate organisation and technical security measures to protect personal information that we hold against unauthorised disclosure or unlawful processing.

All our communication containing personal and clinical information is sent via the secure and encrypted email/data transfer system Egress Switch. Their terms and conditions regarding privacy are available at: https://www.egress.com/privacy-policy.

 Personal information transmitted to our website is held on our secure server and encrypted.

 

Liability

We agree to take reasonable measures to protect your data in accordance with applicable laws and in accordance with our General Terms and Conditions.

 

Data Breaches

In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.

Contact Us

Please e-mail any questions or comments you have about privacy to us at office@jcfacialsurgery.com.

 

Consent

In some cases, we may need your consent in order for us to use your personal information to comply with data protection legislation.

 

The right to make a complaint

You have the right to make a complaint about how we process your personal data to the Information Commissioner: https://ico.org.uk/make-a-complaint/

Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

 Tel: 030 3123 1113

 

Changes to our privacy policy

 We keep our privacy policy under regular review. This privacy notice was last updated on 1 August 2023.