Data and Privacy Policy

Gwent Ear Care values your privacy and aims to always demonstrate transparency and fairness in the collection and use of personal information. This is our Data Privacy Policy in compliance with the GDPR Protection Act 2018 and UK General Data Protection Regulation (UK GDPR).

What is Personal Data under the GDPR?

The GDPR applies to “personal data” meaning any information relating to an identifiable person (“data subject”) who can be directly or indirectly identified by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. The GDPR applies to both automated personal data and to manual filing systems where personal data is accessible according to specific criteria.

Data Controller

A Data Controller is an organisation that determines the purposes, conditions and means of the processing of personal data. Gwent Ear Care is a Data Controller, for the purposes of operating its business.

The Data Protection Officer for Gwent Ear Care is R. Davies-Keane who can be contacted via bookings@gwentearcare.co.uk

A Data Processor is an organisation that processes personal data on behalf of the Controller. Gwent Ear Care does not use third parties.

How do we use personal data

Gwent Ear Care uses your data for the following lawful basis and purposes

  1. To enable our business to respond to enquiries, referrals and contacts about the quotation/provision on Microsuction and Ear Irrigation as advertised in print, online at www.gwentearcare.co.uk, and through associated social media platforms. Enquiries, referrals and contacts include those received through phone calls, emails, WhatsApp, Facebook messenger, or in response to newsletter, printed advertisement and social media.
  2. To enable provision of contacted services according to your personal instruction, or the instruction of your nominated representative (for instance POA).
  3. To advise or remind you about your appointments with us and to preform appointment triage.
  4. To record your clinical data via offline encrypted PDF documents which are held securely.
  5. To maintain a clinent record card detailing your ear health. These are stored securely and available on request.
  6. To keep in touch with you during the planning and delivery stages of the hearing treatments and services you have contracted us to provide.
  7. We may occasionally contact you by email or letter to follow up about the service you have received or to inform you of similar services we offer that may be relevant to you.

We will keep your personal and clinical data on our secure systems as a requirement of insurance and to enable the continued provision of your ear care (unless your request removal or transfer according to your rights under the GDPR).

Security of Event Data

We operate a “safe file” system in our site locations and are fully trained in data security. This applies to all client files and contacts whether securely stored in physical files or held on desktop/handheld devices. Non-essential paperwork is routinely shredded and recycled.

Payment/Financial Security

When making credit card payments to Gwent Ear Care, your details are destroyed after payment has been processed through our payment terminal.

Your rights under the GDPR

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data.

  1. The right to request a copy of your personal data which Gwent Ear Care holds
  2. The right to request that Gwent Ear Care corrects any personal data if it is found to be inaccurate or out of date
  3. The right to request your personal data is erased where it is no longer necessary for Gwent Ear Care to retain such data
  4. The right to withdraw your consent to the processing of personal data at any time
  5. The right to request that the data controller provides the data subject with his/her personal data and where possible to transmit that data directly to another data controller, (known as the right to data portability).
  6. The right where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
  7. The right to object to the processing of personal data
  8. The right to lodge a complaint with the Information Comissioners Office (ICO)

Contact Details

To exercise all relevant rights, queries or complaints please in the first instance contact our Data Protection Officer: R. Davies-Keane on bookings@gwentearcare.co.uk