Privacy Policy

Last Updated: 8th May 2018

This privacy notice tells you about the information we collect from you when you use our website. In collecting this information, we are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data.

We are CBR Clinics Limited. Our address is 147 Station Road, North Chingford, London, E4 6AG. You can contact us by post at the above address, by email at enquiries@cbrclinics.com or by telephone on 0207 921 0538.

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.

When you use our website to browse our services and view the information we make available, a number of cookies are used by by Google Analytics and Adwords to allow us to collect useful information about visitors and to help to make your user experience better.

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. We use cookies to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

For more information about Google's use of cookies, please see their cookie policy.

Your IP is anonymous to our website.

CBR Clinics Ltd uses remarketing services to advertise on third party websites to you after you visited our service.

Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings age (http://www.google.com/settings/ads)

Google also recommends installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout ) for your web browser.

Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page (http://www.google.com/intl/en/policies/privacy)

Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting their page (https://www.facebook.com/help/164968693837950)

To opt-out from Facebook’s interest-based ads follow the instructions from Facebook on https://www.facebook.com/about/ads/#568137493302217

Facebook adheres the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the European Interactive Digital Advertising Alliance (http://www.youronlinechoices.eu), or opt-out using your mobile device settings.

For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy (https://www.facebook.com/privacy/explanation)

When you submit an enquiry via the “Contact Us” page on our website, we ask you for your name and email address and the details of your message.

We use this information to respond to your query, including providing you with any requested information about our services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to entering into a contract for our services with you, if you decide to do so.

Your enquiry is stored and processed as an email which is hosted by Google G-Suite within the European Economic Area (EEA).

We do not use the information you provide to make any automated decisions that might affect you.

We keep enquiry emails for two years, after which they are deleted.

When you book an appointment at one of our clinics online, we ask you for your name, date of birth, contact telephone number and email address.

We will use your information to confirm your booking. We will also send you a confirmation via email and we may use your telephone number to contact you regarding your appointment.

We require this information in order to make your booking, deliver the service you have booked and fulfil our contract with you.

Your information is stored on our website, which is based within the European Union, and within our Client Management software Cliniko, which is based in Australia. We use Cliniko to take online bookings and keep clients records, such as personal data and medical records. Cliniko is compliant with the GDPR and you can read more on it’s privacy policy.

Your data will also be shared with our Customer Relationship Management software CliniqApps, also based in Australia. CliniqApps sends reminder emails and SMS, important communications about our clinic that might affect you, and recall emails. GDPR compliant and you can read more on it’s privacy policy.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your booking information for six years after you attend your appointment, unless you book further services, in which case we retain your details until six years after you cease to be a client.

All calls directed to our bookings helpline are directed to the Professional Call Minders (PCM), which is an outsourced receptionist service based in Gloucestershire.

The PCM register you as a client on our client management system Cliniko by using your name, email address and telephone number. They require this information in order to confirm your booking. Any details given during your call will be stored on their message bank for a period of twelve months after your last interaction with the PCM, after which it will be deleted.

The PCM might also take payment over the phone if you are a new client. They do not, however, store any payment details, neither do they have access to your medical records or treatment notes.

The PCM are GDPR compliant and you can read more on their privacy policy.

When you attend to one of our clinics, you will need to register with the main desk reception and give your name. That is due to fire regulations in all office buildings in the UK. If you haven’t filled out an online new client form prior to attending your appointment, you will be asked to complete one as your arrive at our clinic. The paper form will then be scanned by your designated therapist and attached to your profile in our system. The paper form will be shredded.

Your information is stored on our Client Management software Cliniko, which is based in Australia. We use Cliniko to take online bookings and keep clients records, such as personal data and medical records. Cliniko is compliant with the GDPR and you can read more on it’s privacy policy.

Your data will also be shared with our Customer Relationship Management software CliniqApps, also based in Australia. CliniqApps sends reminder emails and SMS, important communications about our clinic that might affect you, and recall emails. GDPR compliant and you can read more on it’s privacy policy.

We do not use the information you provide to make any automated decisions that might affect you.

We keep your booking information for six years after you attend your appointment, unless you book further services, in which case we retain your details until six years after you cease to be a client.

By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate. As we are processing your personal data to fulfil a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider. If you do transfer to a different provider your data will be erased from our system. Otherwise you can only request to erase your data after the same six years period. You have the right to ask us to stop using your information for a period of time if you believe we are not doing so lawfully. Finally, in some circumstances you can ask us not to reach decisions affecting you using automated processing or profiling. To submit a request regarding your personal data by email, post or telephone, please use the contact information provided above in the "Who Are We" section of this policy. If CBR Clinics Ltd is involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide notice to you before this happens and becomes subject to a different privacy policy. In the event of such a transfer of information, your rights under the GDPR are not affected.

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the information, including Personal Information, to United Kingdom and process it there. Your data is also transferred to Australia to the third parties mentioned above, all of which are compliant with the GDPR. In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of England and Wales shall have exclusive jurisdiction over the matter.

If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint. However, you can also contact the Information Commissioner’s Office via their website at www.ico.org.uk/concernsor write to them at: Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF