- what type of information we collect
- how we use your information
- who has access to your information
You can read our full policy below, or click here if you would like to download a copy.
Privacy Notice - (Issued: 1st May 2018. For review: 31 March 2019)
1. Who are we?
1.1 Cosmetic Medical Advice UK Limited (t/a Marguerita Roma Rakus) is registered with the Care Quality Commission (CQC) as an independent healthcare provider in England. We provide independent healthcare services in the form of the following regulated activities:
Healthcare services and treatments provided include the regulated activities of:
Services offered by Dr Rakus include private cosmetic healthcare and aesthetic consultations, physical examinations, prescribing of medicines, injectable cosmetic skin filler treatments, treatments using class 4 laser and intense pulsed light (IPL) equipment, laser lipolysis using local anaesthetic and referrals to other healthcare specialists as necessary.
1.2 The clinic staff and healthcare professionals who provide you with care and treatment maintain records about your health. These records help Dr Rakus to provide you with the best possible healthcare.
2. Protecting your data and GDPR
2.1 Protecting data has always been a priority for Dr Rakus. However, with the General Data Protection Regulation (GDPR) coming into force on the 25 May 2018 we see this as an opportunity to reinforce our commitment to ongoing data protection management. We are improving our policies, processes and systems in line with the requirements of the GDPR as we continue to make data protection a priority.
3. GDPR: When is it coming in?
3.1 The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. The GDPR will be enforced in the UK on 25 May 2018.
3.2 GDPR is only a part of the overall data protection framework. The Government has already introduced a Data Protection Bill into Parliament. Once the UK leaves the EU, the Bill will help ensure that the standards of the
GDPR are enshrined in UK law, and it also extends data protection laws to areas which are not covered by the GDPR (such as law enforcement).
4. What we are doing to get ready for GDPR?
4.1 Dr Rakus handles personal data and we are committed to meeting the requirements of GDPR. Steps that we have taken and are taking include:
5. How do we collect information from you?
5.1 We collect information when you register as a new patient at Dr Rakus and we ask you complete a registration form and answer some questions about your personal health. Once you see a doctor during your appointment, the doctor will create a medical record about your personal health.
6. What type of information do we collect from you?
6.1 The personal information we collect includes your name, date of birth, home address, email address, contact telephone number, emergency contact details, and credit or debit card payment information. If you have attended Dr Rakus for an appointment in the past, we will have a record of that previous contact.
6.2 The medical information our doctors collects is specifically about your personal health. This includes information about your past medical history, any current medicines you are taking, and a description of the health issue that you are experiencing. If you have any tests carried out such as blood tests, X-rays or scans, we will keep the tests results in your healthcare record. If you have been referred to a healthcare specialist outside of the Dr Rakus, we will keep any correspondence from the specialist in your healthcare record.
7. How do we use your information?
7.1 Dr Rakus collects and holds personal information for the sole purpose of providing a healthcare service to patients. Your personal information is used to identify you as a patient who has used the Dr Rakus independent healthcare service.
7.2 Your credit or debit card information is used to allow the Dr Rakus to receive payment for your appointment.
7.3 Your medical information is used by our doctor to recommend the best treatment for you.
7.4 We use patients’ healthcare records to audit and monitor the quality of the Dr Rakus service. For example, we may audit the records of patients who have had a particular treatment to see how well it has worked. When we carry out any audits, we never use any information that could identify a patient such as a name, address, or date of birth.
8. Who has access to your information?
8.1 The processing of your personal information and medical information is accessed only by the Dr Rakus staff. Every member of staff who works for Dr Rakus has a legal obligation to keep information about you confidential. Our staff include medical practitioners, a manager, administration and reception staff.
8.2 Your medical information may be shared with another healthcare specialist outside of the Dr Rakus if our doctor feels that you would benefit from seeing a health specialist. Such healthcare specialists may be based within the National Health Service (NHS) or at another independent healthcare provider. However, this will only be done after our doctor has explained this to you and only if you give your consent to do so.
8.3 We ensure that all information we hold is kept confidential. However, we are obliged to disclose personal information if it is required by law, or it is justified in the public interest.
8.4 Our external healthcare regulator, the CQC, look at healthcare records as part of their inspection processes of the Dr Rakus service.
8.5 We do not sell or rent your personal information to any third parties outside of the Dr Rakus. We do not share your information with any third parties for marketing purposes.
9. Consent and agreement
9.1 By agreeing to this privacy notice, you are giving Dr Rakus permission to process your personal data specifically for the purposes identified. You are able to withdraw your consent at any time. Please contact us if you wish to discuss this.
10. Access to your information and correction
10.1 You have the right to make a request to Dr Rakus for a copy of the information that we hold about you. If you would like a copy of some or all of your personal information please ask us by writing, telephoning or emailing us at:
Dr Rita Rakus 34A Hans Road
Knightsbridge Tel: 020 7460 7324
London SW3 1RW Email: firstname.lastname@example.org
10.2 We want to make sure that your personal information is accurate and up to date and are very happy to remove or amend any information that you think is inaccurate.
10.3 If you would like a copy of the medical information we hold about you, we may need to ask you some additional questions about your reasons for requesting the information. Medical information is known as sensitive data under GDPR regulations.
11.1 When you give us your personal information, we take steps to ensure that it is treated securely. Any information we hold about you in paper format is held securely in locked filing systems. Any information we hold about you in electronic format is held securely on our computer system.
12. Use of ‘cookies’