Data Protection Policy

Introduction

Copthorne Vets is committed to protecting the privacy and personal data of our clients in accordance with applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR).

This Data Protection Policy outlines how we collect, use, disclose, store, and protect client information. We strive to maintain the confidentiality and security of all personal data entrusted to us.

Scope

This policy applies to all personal data collected and processed by Copthorne Vets concerning our clients. It covers data collected through various channels, including in-person visits, phone calls, emails, our website, and any other interactions with our practice.

Collection and Use of Personal Data

Types of Personal Data Collected

We collect and process personal data that is necessary for providing veterinary services and ensuring the well-being of our clients’ animals. This may include, but is not limited to:

  • Client’s name, address, and contact information
  • Animal’s name, species, breed, age, and medical history
  • Medical records, diagnostic results, treatment plans, and prescriptions
  • Insurance information, if applicable
  • Payment details necessary for processing payments and invoicing.

Legal Basis for Processing

We will only collect, use, and process personal data when there is a lawful basis for doing so, such as:

  • The data processing is necessary for the performance of a contract with the client.
  • The data processing is necessary for compliance with a legal obligation.
  • The client has provided explicit consent for specific purposes.
  • The data processing is necessary for the protection of vital interests.
  • The data processing is necessary for our legitimate interests, provided that such interests are not overridden by the clients’ rights and interests.

Purpose of Data Processing

We collect and process personal data for the following purposes:

  • Providing Veterinary Services: To offer appropriate healthcare and treatment to pets, maintain accurate medical records, communicate test results, and provide ongoing care and advice.
  • Communication: To respond to enquiries, appointment scheduling, treatment reminders, and send relevant updates regarding pet healthcare.
  • Invoicing and Payment Processing: To facilitate the billing process, process payments, and handle insurance claims when applicable.
  • Legal and Regulatory Compliance: To fulfil legal obligations and comply with relevant laws, regulations, and professional guidelines.
  • Improving Services: To analyse and improve the quality of services offered by the Practice.

Data storage and security

Data Retention

We will retain personal data for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law. Once data is no longer needed, it will be securely deleted or anonymised to ensure the protection of privacy.

Data Security

We implement appropriate technical and organisational measures to safeguard personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:

  • Restricting access to personal data on a need-to-know basis.
  • Regularly updating security systems and software.
  • Encrypting sensitive data during transmission and storage.
  • Conducting regular risk assessments and security audits.

Disclosure of Personal Data

We may disclose personal data to third parties in the following circumstances:

  • When required by law or to comply with legal obligations, the Practice may share data with government authorities, regulatory bodies, or law enforcement agencies.
  • Third-party service providers engaged by the Practice to support veterinary operations, such as IT systems, data storage, payment processing, and communication tools.
  • In order to process insurance claims
  • Sharing medical records with specialists and professionals directly involved in providing treatment for clients’ pets either in-house or by referral to an external provider.
  • When necessary to gain further information to provide appropriate treatments ie laboratory services.
  • With explicit consent from the client.

We will ensure that any third party with whom we share personal data is also committed to maintaining appropriate levels of data protection.

Client Rights

Clients have certain rights regarding their personal data, including:

  • The right to access their personal data and obtain information about its processing.
  • The right to rectify any inaccurate or incomplete personal data.
  • The right to request erasure of personal data under certain circumstances.
  • The right to restrict or object to the processing of personal data in certain situations.
  • The right to data portability, allowing clients to receive their personal data in a structured, commonly used, and machine-readable format.
  • The right to withdraw consent at any time when processing is based on consent.

Changes to the Policy

This Data Protection Policy may be updated periodically to reflect changes in our practises or legal requirements. We encourage clients to review this policy regularly for any updates. Significant changes will be communicated to clients through appropriate channels.

Contact Information

If clients have any questions, concerns, or requests regarding their personal data or this Data Protection Policy, they can contact us at:

Copthorne Vets, 114 Copthorne Road, Shrewsbury, SY3 8NA

Phone: 01743 360614

Email: hello@copthorne-vets.co.uk

By providing their personal data to Copthorne Vets, clients acknowledge that they have read and understood this Data Protection Policy and consent to the collection, use, and processing of their personal data in accordance with this policy.

Corinne George, Practice Manager and Data Protection Officer

Reviewed June 2023