2. Personal Data We Collect

We collect the following personal data:

a) Information You Provide

Full name, address, phone number, and email

Date of birth and emergency contact details (if provided)

Health information, including medical history, symptoms, and treatments requested

Appointment details and treatment notes

Payment information (processed securely through third-party providers)

Any communication you send to us (emails, forms, feedback)

b) Information Collected Automatically

IP address, device type, operating system, browser type

Date, time, and duration of visits to our website

Pages visited and clicks

Location data, if you allow location services

c) Sensitive Personal Data

Health and medical information is considered special category data under GDPR. We process this data only when necessary for providing health services and with your explicit consent.

3. How We Use Your Data

Your data is used strictly for legitimate purposes, including:

Providing and managing our health services

Scheduling and managing appointments

Communicating with you about treatments, appointments, and inquiries

Billing, accounting, and insurance purposes

Ensuring compliance with legal and regulatory obligations

Improving our website and services

Marketing communications, but only with your explicit consent

Detecting and preventing fraud or abuse

We never sell or trade your personal data.

4. Legal Basis for Processing

We rely on the following GDPR legal bases:

Consent: Where you explicitly agree to data processing (e.g., newsletter, marketing, cookies)

Contractual necessity: To provide services you request (appointments, treatments, payments)

Legal obligation: To comply with Irish healthcare regulations and financial record-keeping laws

Legitimate interests: For clinic operations, website improvement, and fraud prevention

For sensitive health data, we rely on explicit consent or necessary processing for healthcare purposes.

5. Cookies and Tracking

We use cookies to enhance your website experience.

a) What Are Cookies?

Cookies are small files stored on your device that help us understand how you use our website.

b) Types of Cookies We Use

Essential Cookies: Required for basic website functionality (e.g., secure login, form submission)

Performance Cookies: Collect anonymous data on website performance and usage

Functional Cookies: Remember your preferences, such as language or region

Marketing Cookies: Track website visitors for advertising and analytics

c) Cookie Consent

When you visit our website, a cookie banner will appear, allowing you to:

Accept all cookies

Reject non-essential cookies

Customise your preferences

You may update or withdraw your cookie preferences at any time via the website settings.

6. How We Share Your Data

We only share personal data in limited circumstances:

Service providers: Trusted partners who help deliver services (appointment platforms, IT support, payment processors)

Healthcare providers: When required for your treatment, with your consent

Legal obligations: When required by law, court order, or regulatory authority

Business transfers: In the event of a merger, sale, or acquisition of the clinic

All third parties are required to comply with GDPR.

7. Data Retention

We retain personal data only as long as necessary:

Patient records: 8 years from last treatment (Irish health regulations)

Website user data: 2 years

Marketing data: Until consent is withdrawn

Financial records: 6 years (tax purposes)

After retention periods, data is securely deleted or anonymized.

8. Data Security

We implement strict technical and organisational measures to protect your data, including:

Secure servers with encryption

Password-protected access for staff

Regular system updates and security audits

Limited access to authorized personnel only

In the unlikely event of a data breach, we will notify affected individuals within 72 hours as required by GDPR.

9. Your Rights Under GDPR

You have the following rights:

Access: Request access to the personal data we hold about you

Rectification: Correct inaccurate or incomplete data

Erasure (“Right to be Forgotten”): Request deletion of your data

Restriction of processing: Limit how we process your data in certain circumstances

Data portability: Receive your data in a machine-readable format

Objection: Object to processing based on legitimate interests or marketing purposes

Withdraw consent: For processing based on consent (e.g., marketing, cookies)

To exercise your rights, contact us using the information below. We will respond within 1 month.

10. Children’s Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children. If we become aware of such data, it will be deleted immediately.

11. Data Protection Officer (DPO)

You can contact our Data Protection Officer at:

Email: [email protected] (please mark your message “Data Protection Request”)

Phone: 01 490 5287

Address: Terenure Chiropractic Clinic, 63 Brighton Green, Terenure, Dublin 6W, Co. Dublin, D06 XP02.

The DPO oversees GDPR compliance and handles all privacy-related inquiries.

12. Complaints

If you are dissatisfied with how your personal data is processed, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC):

Website: www.dataprotection.ie

Phone: +353 57 868 4800

13. Policy Updates

We may update this Privacy Policy occasionally. The “Last Updated” date will reflect the most recent revision. Users are encouraged to review the policy periodically.

14. Contact Us

For questions, concerns, or to exercise your rights, contact:

Email: [email protected]

Phone: 01 490 5287

Website: terenurechiropracticd6.com