CF Therapy complies with their obligations under the General Data Protection Regulation (GDPR) by keeping personal data up to date; by storing (and destroying it) securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
How your data is protected
Technical and organisational steps will be taken to protect your confidentiality. Personal client data is used by CF Therapy for the following purposes:
- To deliver professional therapy services that clients have requested.
- To contact those clients as necessary in accordance with the services they have requested.
- To maintain accurate accounts and records.
CF Therapy will only share personal data with an authorised 3rd party if the law requires this.
Individuals are provided with legal rights governing the use of their personal data under the Data Protection Act 2018. The following list details these rights.
- The right to be informed about the personal data being processed.
- The right to access your personal data.
- The right to object to the processing of your personal data.
- The right to restrict the processing of your personal data.
- The right to rectification of your personal data.
- The right to erasure of personal data.
- The right to data portability
In exercising your individual rights in some circumstances, for example: a request to erase all your personal data. CF Therapy may be required to retain some data for prevention of crime and for regulatory and other statutory purposes.
The client has the right to complain to the Independent Commissioner’s Office (ICO) if they think there is a problem with the way their personal data is handled.