PRIVACY POLICY
The EU General Data Protection Regulation EU2016/679 (hereinafter “the Regulation”) applies to the processing of personal data carried out in the process of delivering nutritional analysis and treatments.
Further to Article 11 and Article 12 of this Regulation, Natural Wellness provides the data subjects with the following information:
- The controller is the Natural Wellness clinic.
The person designated as being in charge of the processing operation: Ms Catherine Flynn. Email: catherine@naturalwellness.ie
- The purpose of the processing is to inform and record a safe treatment plan for patients, the implementation and management of that plan, and communication with the patient to schedule treatment sessions.
- The categories of data collected and used for the processing operations are:
- administrative data (contact details)
- medical data (personal medical history – special category)
- treatment data (record of each treatment and outcome – special category)
- bioresonance data (record of bioresonance response – special category)
- The special categories of data are processed under the Regulation’s exemption for medical diagnosis and provision of healthcare by a healthcare professional.
- The recipients of the data are:
- the practitioners at Natural Wellness
- the practice administrators at Natural Wellness
- medical insurance companies only during specific litigation.
- The applicants have the right of access and the right to rectify the data concerning him or her by contacting the person designated as being in charge of the processing operation. The right of rectification can only apply to factual data processed.
- The applicants right to erasure is not available for this data, under the Regulation’s exception for the establishment, exercise or defence of legal claims. Medical records must be kept for a minimum period of 7 years to comply with medical insurance requirements.
- The legal basis of the processing operation is consent by the patient, and the legal obligation required by the practitioner’s medical insurance company.
- The time limits for storing the data are 7 years after the last appearance of the patient at a treatment session.
The candidates have the right to have recourse at any time to the Irish Data Protection Commissioner info@dataprotection.ie or the European Data Protection Supervisor (EDPS) at edps@edps.europa.eu