This privacy notice details the ways we collect, process and store your personal data.
Alice Girling is the Sole Trader and owner of PMDD & Me, which exists under the HMRC registration of BabyBourne. As a registered midwife Alice is bound by the Nursing and Midwifery Council’s Code of Conduct to acknowledge and ensure people’s right to privacy and confidentiality. As a Sole Trader, Alice is also required to act in accordance with The Data Protection Act (1998) and The General Data Protection Regulation (2016).
We may collect information about your computer, including your IP address, operating system and browser type, for system administration and in order to create reports. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
The only cookies in use on our site are analytical ones like Google Analytics (we don’t track, collect or store any personal information via cookies at all). Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website. Google Analytics customers can view a variety of reports about how visitors interact with their website so that they can improve it.
Like many services, Google Analytics uses first-party cookies to track visitor interactions as in our case, where they are used to collect information about how visitors use our site. We then use the information to compile reports and to help us improve our site.
Cookies contain information that is transferred to your computer’s hard drive. These cookies are used to store information, such as the time that the current visit occurred, whether the visitor has been to the site before and what site referred the visitor to the web page.
Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page.
PMDD & Me’s contact details
Telephone: 07712 340 269
Registered address: 39 Tytherley Green, Bournemouth, BH8 0PA
Alice’s professional registration can be verified via the Nursing and Midwifery Council’s website.
How do we collect your personal data?
Your personal data is collected via telephone, email or text conversation as a means of providing health and wellbeing services. Referrals from other healthcare practitioners may also include these contact details. It is your responsibility to provide consent to the referral agency or professional prior to a referral as consent to contact you will be assumed.
Personal and professional data may be requested of you should you be directly involved in an event as a speaker or volunteer etc. This is collected via email. You are responsible for the security of any electronic data you send to PMDD & Me. PMDD & Me strongly recommend you encrypt such correspondence by password protecting attachments. Do not include the password in the same email as the encrypted attachment. Any electronic data sent to you will be encrypted and you will be advised of the password to access any attachments.
What personal data we are collecting?
We will only collect information about you that is directly related to providing safe and effective care, or that is absolutely essential to the organisation of events. Contact information is collected for the purposes of follow up and for accurate documentation of services rendered as required by the Nursing and Midwifery Council. Personal data is held for the purposes of effective business tax monitoring. Medical records for children must also be legally collected in direct relation to the provision of any healthcare service provided.
As a registered midwife with the Nursing and Midwifery Council, Alice Girling is legally and professionally required to maintain clear and accurate records related to practice. This includes but is not limited to; the documentation of gaining consent, records of actions and procedures carried out, written and verbal advice given, and what information has been shared with other healthcare professionals in the interests of patient safety and public protection (NMC, 2015).
To protect your sensitive data we will not use identifiable information in any unsecure communication with you. This includes via emails, text messaging or social media.
We require your explicit consent to collect sensitive and personal data.
Consent on behalf of children under the age of 13 years old is to be provided by a named parent or guardian at the point of consent.
How do we use your personal and sensitive data?
We will only use your personal and/or sensitive data within the limits of the law. This includes but is not limited to:
- Where we need to comply with legal requirements as set out by Her Majesty’s Revenue and Customs (HMRC)
- Where we need to comply with the professional regulations as set out by the Nursing and Midwifery Council
- To provide healthcare services as agreed between us during consultations. This also includes the ongoing communication and relationship we have with your following a face-to-face consultation
- Where we need to perform the contract between us
- Where necessary for insurance documentation purposes in relation to claims, complaints or activity monitoring
- For anonymous audit and research purposes. This may include contacting you for feedback or asking you to leave a review, so we may evaluate and develop our services
- Where we need to communicate with other agencies in relation to safeguarding adults, children and vulnerable people.
- Where we need to communicate with you regarding changes to our data privacy practices
- We may use your personal data to manage payments, fees and charges owed to PMDD & Me for a service agreed to and provided. This may include the sharing of this personal data to law enforcement agencies.
Hard copy personal data is kept in a lockable unit in the address given above and is the sole responsibility of Alice Girling. Personal data kept on electronic devices is secured in a password protected document on a password protected device that is only used on a secure and private internet connection. Your data will never leave the European Economic Area. Personal data is stored in alphabetical order as per your surname.
Personal data is by law required to be stored for six years for tax purposes.
Your personal data will never be shared with third parties except in the following circumstances:
- With your consent I may contact other healthcare professionals involved in your care and share relevant information to enhance the care provided to you. This may include the recommendation for specialist referrals and reviews, prescriptions and care plans
- Should I have a concern about your safety or well-being, I have a legal and professional responsibility to contact the relevant agencies to share information and my professional or personal concerns. Legally I do not require consent to do so
- With your consent anonymised data may be used and shared for the purposes of audit and research
- In the event of an adverse outcome, with your consent I will complete an adverse event report and share it with the Nursing and Midwifery Council or another relevant agency as applicable
- In the event of a complaint or claim relevant information will be shared, with your consent, with my indemnity provider, my union representative and legal team
- Financial data may be shared with the bank, card machine provider, and HMRC as required.
As the owner of your personal data you retain the following rights:
- You have the right to withdraw your consent for PMDD & Me to process and store your personal data. You also have the right for your data to be erased. In the situation of you withdrawing your consent for PMDD & Me to hold these records they will be destroyed in accordance with GDPR. To withdraw your consent contact PMDD & Me direct via the contact details set out above
- You have the right to view the data PMDD & Me holds. This request will be fulfilled within one month and no fee will be charged
- You have the right for inaccurate personal data to be updated.
Data security breaches
In the unlikely event of a data breech, PMDD & Me will report this to the Information Commissioner’s Office within 72 hours of becoming aware of the incident. We will also undertake reasonable steps to attempt to contact you to inform you of the breech.
To prevent data security breaches, data handling practices are reviewed annually. Alice Girling also undertakes Information Governance training on an annual basis.