Privacy Policy
Dani Clarke Nutrition may hold some information about you. This document outlines how that information is used, with whom we may share that information with and how we keep it secure. This notice does not provide exhaustive detail. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to dani@daniclarke.com. We keep our Privacy Notice under regular review. This Privacy Notice was last reviewed in December 2019.
What We Do
Dani Clarke Nutrition provides nutrition services to clients to improve their health through diet and lifestyle changes. We focus on preventative healthcare, the optimisation of physical and mental health and addressing chronic health conditions. Through nutritional consultations, dietary and lifestyle analysis and biochemical testing, we aim to understand the underlying causes of your health issues which we will seek to address through personalised dietary therapy, nutraceutical prescription (e.g. supplements) and lifestyle advice.
How We Obtain Your Personal Data
Information provided by you
You may provide us with personal data in any of the following ways:
By contacting us through this website
By completing a nutritional and health questionnaire
By signing a terms of engagement form
During a consultation
Through email, over the telephone or by post
By taking credit card and online payment Information
This may include the following information:
Basic details such as name, address and contact information
Details of contact we have had with you such as referrals and appointment requests and attendance records
Health information including your previous medical history, dietary, lifestyle, supplement and medicine details, biochemical test results, clinic notes and health improvement plans
GP contact information if you wish to provide this
We use this information in order to provide you with our services. This means that the legal basis of our holding your personal data is for legitimate interest.
In accordance with our insurance provider, we hold client records for 8 years from the date of the client’s last contact with us. Once a record passes the relevant regulatory time limit, it will be securely destroyed within 1 year. This also enables us to process follow up questions or even complaints should one be made. In this case the legal basis of our holding your personal data is for contract administration.
Information we get from other sources
We may obtain sensitive medical information in the form of test results from biochemical testing companies or others. Such tests would only have been undertaken with your prior authorisation. We use this information in order to inform our advice and provide you with appropriate healthcare in our area of expertise. This means that the legal basis of our holding your personal data is for legitimate interest.
We may obtain sensitive information from other healthcare providers. The provision of this information is subject to you giving us your express consent.
How we use your personal data
We act as a data controller for use of your personal data to provide direct healthcare. We also act as a controller and processor in regard to the processing of your data from third parties such as testing companies and other healthcare providers. We act as a data controller and processor in regard to the processing of credit card and online payments.
We undertake at all times to protect your personal data, including any health and contact details, in a manner which is consistent with our duty of professional confidence and the requirements of the General Data Protection Regulation (GDPR) concerning data protection. We will also take appropriate security measures to protect your personal data when in storage in our offices.
Also where there is a legal requirement such as a formal court order. We may use your data for marketing purposes such as newsletters but this would be subject to you giving us your express consent. Also where there is a legal requirement such as a formal court order.
Do you share my information with other organisations?
We will keep information about you confidential. We will only disclose your information with other third parties with your express consent, with the exception of the following categories of third parties:
Our registrant body, or professional insurance provider, for the processing of a complaint made by you
Any contractors and advisors that provide a service to us (such as biomedical testing companies) or act as our agents on the understanding that they keep the information confidential
Anyone to whom we may transfer our rights and duties under any agreement we have with you
Any legal or crime prevention agencies and/or to satisfy any regulatory request if we have a duty to do so or if the law allows us to do so
We may share information about you with supplement companies (i.e. to discuss an appropriate supplement regime) and biochemical testing companies (i.e. to order a test, or to discuss a test result with an expert advisor) as part of providing you with direct healthcare. We will not include any sensitive information or any Information that you explicitly require us not to divulge.
We will seek your express consent before sharing your information with your GP or other healthcare providers. However, if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or your GP in case of self-harm) using the legal basis of vital interests.
We may share your case history in an anonymised form with our peers for the purpose of professional development. This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, trade magazines or online professional sites. We will always seek your consent before processing your data in this way and your identity would be hidden.
What are your rights?
Every individual has the right to see, amend, delete or have a copy of data held that can identify you, with some exceptions, where the rights of other individuals might be infringed. You do not need to give a reason to see your data.
If you want to access your data you must make a subject access request in writing to dani@daniclarke.com.
Under special circumstances, some information may be withheld. We shall respond within 20 working days from the point of receiving the request and all necessary information from you. Our response will include the details of the personal data we hold on you including:
Sources from which we acquired the information
The purposes of processing the information
Persons or entities with whom we are sharing the information
You have the right, subject to exemptions, to ask to:
Have your information deleted
Have your information corrected or updated where it is no longer accurate
Ask us to stop processing information about you where we are not required to do so by law
Receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit that data to another controller, without hindrance from us.
Object at any time to the processing of personal data concerning you
We do not carry out any automated processing, which may lead to automated decisions based on your personal data.
If you would like to invoke any of the above rights, please contact the Data Controller at Dani Clarke Nutrition or email dani@daniclarke.com.
What safeguards are in place to ensure data that identifies me is secure?
We only use information that may identify you, solely in accordance with General Data Protection Regulation (GDPR). This requires us to process personal data only if there is a legitimate basis for doing so and requires that any data processing must be fair and lawful.
Within the health sector, we also have to follow the common law duty of confidence, which means that where identifiable information about you has been given in confidence, it should be treated as confidential and only shared for the purpose of providing direct healthcare with your express permission. We will protect your information. We will inform you of how your information will be used. We will allow you to decide if and how your information can be shared.
We also ensure the information we hold about you is kept in secure locations. We restrict access to information to authorised personnel only and we protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot identify you or make sense of any data about you).
Dani Clarke Nutrition is registered with the Information Commissioner’s Office (ICO) as a data controller and collects data for a variety of purposes. A copy of the registration is available through the ICO website (search by the business name “Dani Clarke Nutrition”).
Where consultations take place via Skype or other electronic meeting software, you may need to provide your name and email address to the software provider in order to register to receive the communication. Please review their privacy policy before doing this, before you agree to use such platforms for communication with Dani Clarke Nutrition as we cannot be responsible for the use of your data by third party providers.
How long do you hold confidential information for?
All records held by the Dani Clarke Nutrition will be kept for the duration specified by guidance from our professional indemnity body.
In accordance with our insurance provider, we therefore hold client records for 8 years from the date of the client’s last contact with us or, when the client is a minor, until their 25th birthday if that is longer. Once a record passes the relevant regulatory time limit, it will be securely destroyed within 1 year. This enables us to process any claim you may make. In this case the legal basis of our holding your personal data is for contract administration
Website technical details
Our website is hosted on the squarespace.com platform. This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies that squarespace.com might use on your device, visit About the cookies Squarespace uses.
These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.
These analytics and performance cookies are used on this site, as described below, only when you acknowledge our cookie banner. We use analytics cookies to view site traffic, activity, and other data.
In line with common practices, we may use website analytics software to track our website impact. Google Analytics is a website analytics service which measures traffic to our website and visitors' general details. By collecting these statistics, a website can make their visitors' experience better e.g. which pages they visit and when, where they are approximately located. Data might also be analysed to determine where, a user lands first or whether they are coming via a specific referral from another website.
Our website and host collect personal data to power our site analytics, including:
Information about your browser, network, and device
Web pages you visited prior to coming to this website
Your IP address
This information may also include details about your use of this website, including:
Clicks made
Internal links visited and patterns of use
Pages visited
Scrolling
Searches
Timestamps
We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity and how best to serve our customers.
If you consent accordingly, we may send you marketing emails. You can unsubscribe from these at any time by clicking the unsubscribe link at the bottom of the email. We share your contact information with Squarespace, our email marketing provider, so they can send these emails on our behalf.
In compliance with EU legislation, the following lists the use of cookies on this web site:
|
Name |
Type |
Duration |
Purpose |
|
Crumb |
Cookie |
Session |
Prevents cross-site request forgery (CSRF). CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in. |
|
RecentRedirect |
Cookie |
30 minutes |
Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO. |
|
CART |
Cookie |
2 weeks |
Shows when a visitor adds a product to their cart |
|
hasCart |
Cookie |
2 weeks |
Tells Squarespace that the visitor has a cart |
|
Locked |
Cookie |
Session |
Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password. |
|
SiteUserInfo |
Cookie |
3 years |
Identifies a visitor who logs into a customer account |
|
SiteUserSecureAuthToken |
Cookie |
3 years |
Authenticates a visitor who logs into a customer account |
|
Commerce-checkout-state |
Sessionstorage |
Session |
Stores state of checkout while the visitor is completing their order in PayPal |
|
squarespace-popup-overlay |
Localstorage |
Persistent |
Prevents the Promotional Pop-Up from displaying if a visitor dismisses it |
|
squarespace-announcement-bar |
Localstorage |
Persistent |
Prevents the Announcement Bar from displaying if a visitor dismisses it |
|
ss_sd |
Cookie |
Session |
Ensures that visitors on the Squarespace 5 platform remain authenticated during their sessions. |
|
Test |
Cookie |
Session |
Investigates if the browser supports cookies and prevents errors. |
|
squarespace-likes |
Localstorage |
Persistent |
Shows when you've already "liked" a blog post. |
|
CHECKOUT_WEBSITE |
Cookie |
Session |
Identifies the correct site for checkout when Checkout on Your Domain is disabled. |
Squarespace also uses Analytics and Performance cookies to collect information about how visitors interact with our site. Storing these cookies is how we populate the data you find in Squarespace Analytics, such as traffic sources, unique visitors, and cart abandonment.
|
Cookie Name |
Duration |
Purpose |
|
ss_cid |
2 years |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cvr |
2 years |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cvisit |
30 minutes |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cvt |
30 minutes |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cpvisit |
2 years |
Identifies unique visitors and tracks a visitor’s sessions on a site |
|
ss_cookieAllowed |
30 days |
Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies |
If you want to delete or block any cookies, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. Information on deleting or controlling cookies is also available at www.aboutcookie.org
Please note that deleting cookies or disabling future cookies or tracking technologies may prevent you from accessing certain areas or features of our website and other websites that you may visit, or may otherwise adversely affect your user experience.
Please note that these cookie services are provided by a third party.
We use standard email software to send and receive emails. If you send personal information to use via email, this may be unencrypted and will be stored in our email system whilst we need access to it. We may monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
Please note that email correspondence may constitute part of the health records we hold about you.
Contact
If you have a concern or question regarding the use of your personal data then please contact us by emailing dani@daniclarke.com and we will do our best to help you on 07861085953.
In the case on any complaint you might wish to make, if your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO), you can contact them on 01625 545745 or 0303 1231113.