About this privacy policy
We know how important it is for you to understand how we use your data. This Privacy Policy sets out how and why we collect, store, process and share your personal data. We will always be transparent with you about what we do with your personal data.
This Policy also tells you what your rights are in relation to the personal data you give to us. If you have any questions about this Privacy Policy or your rights under it please contact:
Head & Short Podiatrists Ltd, Head Office, 14 High Street, St. Albans, Hertfordshire, AL3 4EL, UK
Telephone: 01727 852286
E-mail: mail@headandshort.co.uk
We are Head & Short Podiatrists Ltd. (company number: 6741445) (trading as “HEAD & SHORT FOOTWEAR & PODIATRY”) and our registered address is Wren House, 68 London Road, St Albans, AL1 1NG.
HEAD & SHORT PODIATRISTS is the “data controller” of any personal data it may collect, process and hold about you, unless we inform you otherwise.
What personal data we collect?
The personal data we collect from you directly can include your name, email address, mobile/landline telephone number, date of birth, address, your medical history, your purchasing activity, your credit, or debit card or other payment information, and information you give us when you contact our Reception and Administration team, when you engage with our social media platform (for example by tagging us in a post on Facebook) or when you sign up for HEAD & SHORT PODIATRISTS newsletters.
If you are using a mobile device and shopping with us online or browsing our website, we may collect your IP address or other device identifier, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other portable device information.
We may, where we have a lawful basis for doing so, also collect personal data about you from third parties, such as your General Practitioner, who provide us with additional medical information about you. This information will always be held securely, confidentially and only used for your benefit to enable us to care for you in accordance with UK and GDPR laws on use of such data.
When do we collect your personal data?
-
When you purchase products and services from us in shops/clinics, online, or over the phone
-
When you access our website, complete online forms or use any of our mobile Apps.
-
Our website also uses cookies; to find out more about the use of cookies and how you can manage them, please read our cookie policy
-
When you join our HEAD & SHORT PODIATRISTS patient newsletter
-
When you contact us or we contact you to take part in surveys or promotions
-
When you contact our Reception or Administration team in clinics, online or over the phone
-
When you engage with us on social media (by mentioning/tagging us or by contacting us directly)
How do we use your personal data and what are our legal justifications for doing so?
To make our products and services available to you…
We use your personal data to provide you with the information, products and services that you request or purchase from us (i.e. to complete certain tasks, processes or orders on our website or within our apps, take payment online (where applicable) and deliver your products or services), and to communicate with you regarding those products and services that you purchase from us and respond to your questions and comments;
We may also use your personal data to measure how satisfied our patients/customers are and provide customer service (including troubleshooting in connection with purchases or your requests for services or when you ask us questions on social media);
We rely on our contractual arrangements with you as the lawful basis on which we collect and process your personal data when you make an order for products and services. Alternatively, in some cases, we rely on our legitimate interests as a business (for example, to measure customer satisfaction and troubleshoot customer issues). Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
For administrative and internal business purposes…
We may use your personal data for our internal business purposes, such as enhancing our site, improving our services and products and identifying usage trends. We may also use your data to monitor the use of our website and ensure that our website is presented in the most effective and relevant manner for you and your device and setting default options for you (such as language and store location);
It is in our legitimate interests as a practice/business to use your personal data in this way. For example, we want to ensure our website is customer friendly and works properly and that our products and services are efficient and of high quality. We also want to make it easy for you to interact with us. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
For security and legal reasons we use your personal data to…
-
ensure the personal and financial information you provide us is accurate
-
conduct fraud checks or prevent other illegal activity
-
protect our rights or property (or those of others)
-
fulfil our legal and compliance-related obligations.
In some cases we will use your personal data because it’s necessary for us to comply with a legal obligation (such as if we receive a legitimate request from a law enforcement agency). In other cases (such as the detection of fraud) we will rely on our legitimate interests as a business to use your personal data in this way. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights
In relation to your HEAD & SHORT PODIATRISTS newsletter….
We use your personal data to personalise your experience with HEAD & SHORT PODIATRISTS to:
-
provide you with marketing material via SMS, post and email if you have given us your consent to this;
-
process your registration details, account activity and purchase history to analyse how you shop and what you shop for. This may include information on products you have viewed, historical transactions and products you have added to your online basket. This allows us to provide a browsing experience which is relevant to you;
-
in some instances we will send specific offers to our members based on their in clinic spend or on a special occasion such as when we know it’s your birthday;
-
measure the effectiveness of our marketing campaigns and our advertising;
-
carry out limited automated decision making based on the information you have given us when we segment our HEAD & SHORT PODIATRISTS newsletter database to determine which offers that you may be interested in.
We rely on your consent to send direct SMS, postal and email marketing messages to you as a HEAD & SHORT PODIATRISTS newsletter member based on the consent we acquired from you when you signed up, as amended by you from time to time.
In other cases (for example, measuring the effectiveness of our marketing), we will rely on our legitimate interests as a business to communicate with our HEAD & SHORT PODIATRISTS newsletter members in an engaging and efficient way. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
To personalise your Practice experience and improve our operations we use your personal data to….
-
allow you to create a profile on our website (or third-party providers to us for such purposes) which enables you to purchase HEAD & SHORT PODIATRISTS products and services online without having to fill in your personal data every time you shop online with us;
-
provide you with appointment reminders/marketing material via SMS and email;
-
analyse how you book and what you book in for. This may include information on products/services you have viewed, historical transactions and products/services you have added to your online basket. This allows us to provide a browsing experience which is relevant to you.
It is in our legitimate interests as a Practice/business to use your data in this way and we do this in order to enhance your experience with us. This allows us to help you find the products and services which you may be looking for and avoids you having to browse through products or services which are not relevant to you.
When we send you marketing material via SMS, and email, we will rely on our legitimate interests as a business, always ensuring that your rights are protected.
For information on how we use cookies, please see our cookie policy below
Who do we share your personal data with?
We will never sell any of your personal data to a third party. However, in order for us to provide our services to you, we share your personal data with our trusted third-party service providers (online practice management system, stripe, mailchimp, etc.). Whenever we share your personal data, we put safeguards in place which require these organisations to keep your data safe and to ensure that they do not use your personal data for their own marketing purposes (all are GDPR compliant).
Third party service providers – to fulfil orders for products and services…
We work with a number of trusted service providers who carry out services on our behalf. When you purchase products and services from us, the services provided by these organisations includes management of medical records, online bookings, appointment reminders, processing payments and practice newsletters. It is in our legitimate interests as a business to work with these service providers since we may not have the capabilities to provide these services ourselves. In each case, we will ensure that the service provider is only allowed to use your personal data in order to provide the services to us and for no other purpose.
To prevent crime and comply with laws…
Your credit, debit card or other payment information is captured, processed and held by third parties to ensure that your payment is safe and that your details are not being used fraudulently. This data sharing enables them to conduct fraud analysis which ensures that genuine and accurate payment details are provided to us for any purchase of a service or product.
There may be other scenarios where we are subject to a legal obligation to share or disclose your personal data, such as with law enforcement agencies or public authorities in order to prevent or detect crime or fulfil a legal requirement.
Other professional services…
We may need to disclose your personal data to our insurers/solicitors acting on their behalf where we believe that it is required under our contractual relationship with our insurance provider to do so. These services are provided by the Society of Chiropodists and Podiatrists to us as each Podiatrist is a member of the organisation and their liability insurance is provided through them.
We work with carefully selected third parties, such as our Practice database hosting provider, marketing agencies (mailchimp) who assist us in providing you with a positive patient/customer experience. We work with these third parties to place relevant content and advertisements for you on our website, other websites and online media channels and apps. In order to do this, we use pixels and cookies. You can see our cookie policy.
Transfer of your personal data outside the EEA…
We may need to transfer your personal data outside of the European Economic Area (EEA) for example the USA, in the following circumstances:
-
Where you have requested a service which is fulfilled by one of our group companies which sit outside of the EEA; or
-
Where we work with a supplier which processes some of its personal data outside of the EEA.
These countries may not have the same data protection laws as the UK and the EEA and so your personal data may not be subject to the same protections. However, in such cases, we will make sure that any transfer of your personal data to countries outside the EEA is subject to appropriate safeguards as if it were being processed inside the EEA and under the guiding principles set out in this privacy policy.
If you would like further information please contact us.
Your rights…
You have a number of rights relating to your personal information and what happens to it. You are entitled to:
-
have your data processed in a fair, lawful and transparent way;
-
be informed about how your personal data is being used, an example being this privacy policy;
-
access personal data we hold about you;
-
require us to correct any mistakes in your personal data;
-
require us to delete personal data concerning you in certain situations where there is no good reason for us to continue to process it;
-
request that we transfer your personal data to you or another service provider in a simple, structured format;
-
object at any time to processing of your personal data for direct marketing purposes;
-
object to automated decision making which produces legal effects concerning you or similarly significantly affects you;
-
object in certain other situations to our continued processing of your personal data; and
-
otherwise restrict or temporarily stop our processing of your personal data in certain circumstances.
You can read more about your rights, including the circumstances in which they apply, in the Guidance from the UK Information Commissioner’s Office (ICO) https://ico.org.uk/for-the-public. You also have the right to complain about our use of personal data to the ICO. You can do these by contacting the ICO via their website https://ico.org.uk/concerns or by calling 0303 123 1113.
If you would like to speak to us in relation to any of your rights, please contact us at the address above.
Changing your preferences…
If you no longer wish to be contacted by us about our products or services, or for other marketing purposes, you can amend your preferences or unsubscribe by contacting us at the above address. Alternatively, if you have a profile on the HEAD & SHORT PODIATRISTS bookings website, you can unsubscribe by logging into your account, or simply follow the unsubscribe details provided in emails you receive from us.
We want to ensure that all the information we have about our patients/customers is factually correct and up to date. If you find that the personal data we have about you is inaccurate or needs updating (for instance, you may have changed your name or address) then please contact us so that we can correct it. If you have created a profile on the HEAD & SHORT PODIATRISTS bookings website, you can change the details stored about you by logging into your account.
Security and retention of your personal data
Security of your personal data…
We take the security of your personal data very seriously. We have implemented various strategies, controls, policies and measures to keep your data secure and keep these measures under close review. We protect your data by using encryption techniques and we use other safeguards such as firewalls and password protection. This means that your data is protected and only accessible by co-workers who need it to carry out their job responsibilities. We also ensure that there are strict physical controls in our buildings which restricts access to your personal data to keep it safe.
Retention of your personal data…
In broad terms, we will only retain your personal data for as long as is necessary for the purposes described in this Privacy Policy. This means that the retention periods will vary according to the type of the data and the reason that we have the data in the first place.
We have procedures in place regarding our retention periods which we keep under review taking into account our reasons for processing your personal data and the legal basis for doing so.
Changes to this Privacy Policy…
We may update this Privacy Policy from time to time. If we make significant changes we will let you know but please regularly check this policy to ensure you are aware of the most updated version.
This Privacy Policy was last updated on 18th May 2018
Cookies Policy
ABOUT THIS COOKIE POLICY
This cookie policy explains what cookies are and how we use them on our website. You should read this policy so you can understand what type of cookies we use, the information we collect using the cookies and how that information is used. By using our website you are agreeing that we can use cookies in accordance with this policy.
What are cookies?
Cookies are files which contain a small amount of information. Cookies are stored on the browser or hard drive of your computer or device.
How do we use cookies?
We use cookies to distinguish you from other users of our website and to provide a browsing experience that is unique to you. Cookies are used by us so that our website can remember what you have done whilst browsing, for instance, your log-in details, how far you have progressed with an order and what is in your order cart.
What type of cookies do we use?
Cookies can be in the form of session cookies or persistent cookies. Session cookies are deleted from your computer or device when you close your web-browser. Persistent cookies will remain stored on your computer or device until deleted or until they reach their expiry date. We, or partner suppliers, use the following cookies:
-
Analytical/performance cookies. These cookies allow us to recognise and count the number of visitors to our website and to see how visitors move around when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.
-
Functionality cookies. These cookies are used to recognise you when you return to our website. This enables us to personalise our content for you, such as greeting you by name and remembering your preferences.
-
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose. These cookies allow you to share and send information to other websites.
What kind of information do we collect by using cookies?
When you visit our website, we may automatically collect the following types of information from you: Your internet protocol (IP) address, your login information, time zone setting, operating system and platform, information about your visits including the URL you came from, your country, the search terms you used in our website, products you viewed or searched, page response times, download errors, length of visits to certain pages, page interaction information, (such as scrolling, clicks, and mouse-overs) and the methods used to browse away from the page.
How do you block cookies?
Most browsers allow you to refuse cookies. You may block our cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. You can find out more about cookies and how to delete and control them on www.aboutcookies.org or click help in your browser menu.
If you block our use of cookies, you may be unable to access certain areas of our website and certain functions and pages will not work in the usual way. For example, you will not be able to use the shopping list feature or shop online.
How Head & Short Podiatrists Ltd can change the Cookie Policy…
We may update this policy from time to time. Changes in technology, legislation and authorities’ guidance may require us to inform you of the activities we undertake where it affects your privacy rights. You should check this page occasionally to ensure you are familiar with any changes.
Comments…
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media…
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies…
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites…
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
This Cookies Policy was last updated on 18th May 2018
© Head & Short Podiatrists Ltd. – Registered in England
Company Registration No. 6741445 VAT Registration No. 975 7625 65
Information Commissioners Office Registration No. Z1813089