Privacy Policy
DATA PROTECTION PRINCIPLE 1 – Purpose and Manner of Collection
Personal data will only be collected in furtherance of the provision of Trichology services to the parties to the Trichology. Data collected will only be that provided by the parties themselves. The provision of data to the Trichologist or the other party for the purposes of Trichology is voluntary. The Trichologist will only transfer data received as confirmed with the consent of the party who provides the information. If you have concerns about data retained / collected by the Trichologist then please send an email to andreaclark.trichologist@gmail.com.
DATA PROTECTION PRINCIPLE 2 – Accuracy and Duration of Retention
Any data collected will be retained until completion / termination of Trichology services. The Trichologist will delete data provided from electronic files and physical files for terminated / completed Trichology consultations on an annual basis in June of each calendar year. The Trichologist will retain copies of summaries / schedules / draft Trichology consultations / executed Trichology agreements to facilitate any future queries.
DATA PROTECTION PRINCIPLE 3 – Use of Data
The Trichologist will not use any data collected for any purpose unrelated to the original purpose of providing Trichology services to the parties of the Trichology consultation.
DATA PROTECTION PRINCIPLE 4 – Data Security
Data collected is held either in physical files within the office space of the Trichologist or electronic files which are held in the Trichologist’s individual cloud server, which is password protected and to which no other person has access.
DATA PROTECTION PRINCIPLE 5 – Openness and Transparency
This policy explains the personal data policy of the Trichologist, the practices and related policies. In the event of any queries contact andreaclark.trichologist@gmail.com.
DATA PROTECTION PRINCIPLE 6 Access and Correction
All data access and correction requests should be sent to andreaclark.trichologist@gmail.com. Any refusals for correction / access will be recorded. Any data access / correction requests will be responded to in writing within 40 days from the date of the request as provided for in the PDPO.