GDPR Policy for Northwood Chiropractic Oxford

At Northwood Chiropractic Oxford, we are committed to protecting the privacy and security of our website visitors and patients in accordance with the General Data Protection Regulation (GDPR). This policy outlines how we comply with the GDPR and ensure the proper handling of your personal data.

Data Controller

Northwood Chiropractic Oxford is the data controller responsible for the collection, use, and protection of your personal information. If you have any questions or concerns about how we handle your data, please get in touch with us via our contact us page.

Lawful Basis for Processing

We process your personal data based on the following lawful grounds:

Consent: When you provide your explicit consent for us to process your data for a specific purpose, such as sending you marketing communications.
Legitimate Interests: When processing is necessary for our legitimate interests, such as improving our services and website functionality, as long as these interests do not override your fundamental rights and freedoms.
Contractual Necessity: When processing is necessary to fulfill our contractual obligations to you, such as managing your appointments and bookings.

Under the GDPR, you have the following rights concerning your personal data:

Right to Access: You have the right to request access to your personal data and information about how we process it.
Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal data.
Right to Erasure: You have the right to request the deletion of your personal data, subject to certain exceptions.
Right to Restrict Processing: You have the right to request the restriction of processing your personal data in certain circumstances.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
Right to Object: You have the right to object to the processing of your personal data for certain purposes, such as direct marketing.
Right to Withdraw Consent: When we process your data based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at [insert email address].

Data Transfers

We do not transfer your personal data outside of the European Economic Area (EEA). If we ever need to do so, we will ensure that appropriate safeguards are in place to protect your data, such as using standard contractual clauses approved by the European Commission.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Once the data is no longer needed, we will securely delete or anonymize it.

Data Breaches

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach. We will also take appropriate measures to investigate and mitigate the effects of the breach.

We may update this GDPR policy from time to time. Any changes will be posted on this page, and the revised version will be effective as of the date it is posted.

By using our website and submitting your personal information, you acknowledge and agree to the terms of this GDPR policy.

“ You don’t have to be in pain to get checked by a Chiropractor. The primary purpose of Chiropractic is to check and restore function back to your spine and nervous system for optimal health. Just as a tooth cavity can develop long before it causes any pain, spinal misalignments can occur well in advance of any discomfort. Get on top of your health now and book your appointment ”