Who we are
Our website address is: https://melanierossiter.com.
What personal data we collect and why we collect it
To assist with sending you requested information, we use Mailchimp to collect and store your email address. Mailchimp outlines their use of your personal data and anonymized data here https://mailchimp.com/legal/privacy. You may opt out of the collection of your data by unsubscribing (we will remove your data) and contacting them using the instructions on their privacy page.
Facebook: Opt-out of Facebook remarketing here: https://www.facebook.com/help/568137493302217
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Google Analytics mainly uses first-party cookies to report on visitor interactions on this website. Users may disable cookies or delete any individual cookie(https://policies.google.com/technologies/cookies).
Who we share your data with
How we protect your data
Information Asset Register
- I hold personal information about my clients that they have given me.
- This includes name, address, contact details, and, where appropriate, age. I also hold health and wellbeing information about them which I collect from them at their first consultation.
- I hold information about each treatment that they receive from me.
- I don’t share this information with anyone.
- I use the information I have to inform my treatments and provide them with any appropriate advice within the realms of the treatment, my professional experience and qualifications.
- I keep all data for:
- claims occurring insurance: for which I am required to keep my records for 7 years after the last treatment – please see
- law regarding children’s records: for which I am required to keep my records until the child is 25, or if 17 when treated then until they are 26.
3.The lawful bases for me to process personal data and special categories of data.
I process the personal data under:
- Legitimate interest: I am required to retain the information about my clients in order to provide them with the best possible treatment options and advice.
- Special Category Data – Health Related: I process under special category data, therefore the additional condition under which I hold and use this information is for me to fulfil my role as a healthcare practitioner, bound under the AoR Confidentiality as defined in their Codes of Practice and Ethics.
What data breach procedures we have in place
A personal data breach means a breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
I understand that I only have to notify the ICO of a breach where it is likely to result in a risk to the rights and freedoms of individuals.
Where a breach is likely to result in a high risk to the rights and freedoms of individuals, I will notify those concerned directly and without undue delay.
In all cases I will maintain records of personal data breaches, whether or not they were notifiable to the ICO.
Industry regulatory disclosure requirements
Protection of Personal Data