Privacy Policy

Introduction

This Privacy Policy explains how personal data is collected, used, and protected when using this website (the "Site"). It also outlines users' rights regarding their personal data. This policy applies alongside any terms and conditions of the Site.

GDPR Compliance

For users in the European Union, this Site adheres to the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). For users in the United Kingdom, compliance is maintained under the GDPR as enshrined in the Data Protection Act 2018.

A Data Protection Officer has not been appointed, as the data processing activities do not fall within the categories requiring one under Article 37 of the GDPR.

Consent

By using the Site, users consent to the terms outlined in this Privacy Policy.

Users may withdraw consent at any time. Withdrawal does not affect the legality of prior data processing. To withdraw consent, contact us via the website’s contact form.

Legal Basis for Processing

Personal data is collected and processed under Article 6 of the GDPR, based on user consent.

How Personal Data is Used

Personal data is used solely for the purposes disclosed in this Privacy Policy or as indicated on the relevant pages of the Site. Data will not be used beyond what is disclosed.

Who Has Access to Personal Data

Personal data may be accessed by authorized personnel within the organization who require it to fulfill the purposes outlined in this Privacy Policy.

Disclosure of Personal Data

Personal data will not be sold or shared with third parties, except in the following circumstances:

• If required by law;
• If necessary for legal proceedings;
• To protect legal rights;
• To potential buyers in the event of a business transfer.

External links on the Site may lead to other websites, which have their own privacy policies beyond the control of this Site.

Data Retention

Personal data is stored only for as long as necessary to fulfill the intended purpose. Users will be informed if data is retained beyond this period.

Data Security

Security measures include strong encryption and secure storage in protected facilities. Only authorized personnel have access to data, and they are bound by strict confidentiality agreements.

Despite reasonable security measures, data transmission over the Internet may have inherent risks, and absolute security cannot be guaranteed.

User Rights Under GDPR

• Right to be informed;
• Right of access;
• Right to rectification;
• Right to erasure;
• Right to restrict processing;
• Right to data portability;
• Right to object.

Children’s Privacy

This Site does not knowingly collect or use personal data from children under 16. If personal data of a child under 16 is discovered, it will be deleted promptly.

Parents or guardians may contact the privacy officer if they believe such data has been collected.

Accessing, Modifying, or Deleting Data

To inquire about personal data collection, usage, disclosures, or to request modifications or deletions, contact the privacy officer.

Modifications to This Privacy Policy

This Privacy Policy may be updated periodically to comply with legal requirements or changes in data collection practices. The "Effective Date" will be updated accordingly.

Users are encouraged to review this policy periodically. If necessary, users will be notified of changes via email.

Complaints

For any concerns regarding data processing, users may contact the privacy officer through the contact details provided.

If the issue is not resolved satisfactorily, users may lodge a complaint with a relevant supervisory authority, such as the Information Commissioner's Office.

Contact Information

For any questions, concerns, or complaints, contact:

Email: clinic@keltoi.co.uk
Phone: 028 9433 6992