Facebook-f

Privacy Policy

Saint Clinic Group – Le Petit Saint

1. Introduction

At Le Petit Saint, we are committed to protecting your privacy and ensuring that your personal data is handled securely and lawfully. This Privacy Policy aims to explain Saint Clinic Group of companies use your personal data when we are providing a service to you or when you are visiting our website.

This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 and Electronic Communications Regulation 2003.

Saint Clinic Group is the data controller and responsible for your personal data.

2. Information We Collect

We may collect and process the following types of personal data:

  1. Identity Data: First and Last Name, date of birth, and gender.
  2. Contact Data: Address, email, and phone number.
  3. Medical Data: Health information relevant to treatments provided.
  4. Financial Data: Payment details for services rendered (bank account, payment card details).
  5. Technical Data: IP address, browser type, and interaction with our website.
  6. Profile Data: Includes username, purchases or orders made by you, interests, preferences, feedback
  7. Marketing and Communications Data: your preferences in receiving marketing from us
  8. Treatment Data: includes information you wish (or have) received, may include health data

3. How We Collect Your Data

We collect personal data through:

  1. Online appointment bookings and registration forms
  2. In-person consultations and treatments
  3. Communications via email, phone, or website
  4. CCTV recordings for security purposes

Data is also collected by the Clinic Minds online portal and patient management system. Please view the Clinic Minds privacy policy herehttps://www.clinicminds.com/privacy-policy

Generally, we do not rely on consent as a legal basis for processing data other than in some circumstances in relation to sending direct marketing communications to you via text or email. You have the right to withdraw consent to marketing at any time by contacting us.

4. Purpose of Data Collection

We process your personal data for the following reasons:

  1. To register you as a new customer
  2. To provide and manage treatments
  3. To process payments and invoices
  4. To communicate appointment reminders and updates
  5. To comply with legal and regulatory obligations
  6. To request or seek customer satisfaction feedback
  7. To deliver relevant website content and advertisements
  8. To ensure the safety and security of our staff and clients

5. Data Sharing and Disclosure

We do not sell, disclose or rent your personal data. However, we may share your data with:

  1. Healthcare professionals for treatment purposes
  2. Payment processors for transaction management
  3. Legal or regulatory authorities if required by law

6. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy. Medical records are stored in accordance to Clinic Minds policy (https://www.clinicminds.com/privacy-policy)

7. Data Security

We implement appropriate security measures to prevent unauthorised access, disclosure, or loss of your data, including , restricted access, and secure storage.

8. Your Rights

Under UK GDPR, you have the right to:

  1. Access, update, or delete your personal data
  2. Withdraw consent for data processing (where applicable)
  3. Object to data processing for certain purposes
  4. Request data portability
  5. Opt out of marketing messages

 

9. Cookies and Website Tracking

Our website may use cookies to improve user experience. With the help of cookies, we can present you with customised content and adverts that will be of more interest to you. We also use cookies to remember your passwords for you so you don’t have to re-enter them each time you visit the site. You have the option of setting your browser to reject cookies. However, if certain cookies that track your details are rejected then we won’t be able to pre-fill any data on the site or direct you to the correct stage on your next visit.

10. Policy Updates

We may update this Privacy Policy periodically. Any changes will be posted on our website with the revised effective date.

11. International Transfers

We do not transfer your personal data outside the European Economic Area (EEA)

 

12. CCTV Policy

  1. Purpose

We believe that CCTV and other surveillance systems have a legitimate role to play to help maintain a safe and secure environment for all our staff and visitors. However, we recognise that this may raise concerns about the effect on data subjects and their privacy. This policy is intended to address such concerns.

As monitoring may intrude on your privacy, monitoring will be carried out only in accordance with the UK GDPR and the Data Protection Act 2018 (DPA).

We aim to ensure an appropriate degree of staff privacy at work and where CCTV monitoring takes place, we’ll make sure you know the extent of any CCTV monitoring and the reasons why.

This policy outlines the use of Closed-Circuit Television (CCTV) at Le Petit Saint in compliance with UK data protection laws.

  • The purpose of CCTV monitoring is to:
  • Ensure the safety and security of patients, staff, and visitors to act as deterrent against crime.
  • Deter and detect crime, misconduct, and malpractice.
  • Protect clinic property and assets.
  • Assist in investigations and support law enforcement and legal proceedings for detection and prosecution where necessary.
  • resolution of disputes which arise in the course of disciplinary or grievance proceedings;

How will we introduce CCTV monitoring equipment?

Before we introduce any new surveillance system or additional cameras to an existing system, we’ll carefully consider if it’s appropriate by carrying out a data protection impact assessment (DPIA).

A DPIA is intended to help us decide whether new surveillance cameras are necessary and proportionate in the circumstances including whether they should be used at all or whether any limitations should be placed on their use. Any DPIA will consider the nature of the problem that we want to address at that time and whether the surveillance system or camera is likely to be an effective solution, or whether a better solution exists. In particular, we’ll consider the effect CCTV surveillance will have on data subjects and therefore whether its use is a proportionate response to the problem identified.

  1. Scope
    • This policy applies to all individuals using or working within Le Petit Saint including staff, patients, visitors, and contractors.
    • CCTV cameras may be installed at entrances, waiting areas, corridors, and external premises. CCTV is not used in consultation rooms, treatment areas, restrooms, or any other areas where individuals have a reasonable expectation of privacy.

 

  1. Legal Basis for Processing
    • The use of CCTV is justified under Article 6(1)(f) of UK GDPR – the legitimate interests of the clinic to ensure security and prevent crime.
    • The processing of CCTV footage will comply with the principles of data protection:
  • Lawfulness, fairness, and transparency.
  • Purpose limitation.
  • Data minimisation.
  • Storage limitation.
  • Integrity and confidentiality.

  1. CCTV Signage

4.1 Clear and visible signs indicating the presence of CCTV are displayed at all monitored locations.

4.2 Signage includes details of:

  • The purpose of CCTV monitoring.
  • Contact information for further enquiries.

  1. Data Retention and Storage

5.1 CCTV recordings will be retained for a maximum of 30 days unless required for an ongoing investigation, legal proceeding, or regulatory compliance.

5.2 After the retention period, recordings will be securely deleted to prevent unauthorised access.

At the end of their useful life, we’ll permanently and securely erase all images stored in whatever format. We’ll dispose of any physical matter such as tapes or discs as confidential waste. We’ll dispose of any still photographs and hard copy prints as confidential waste.

  1. Access and Disclosure

6.1 Footage is stored securely and access is restricted to authorised personnel only.

6.2 CCTV footage may be disclosed to:

  • Law enforcement agencies for crime detection and prevention.
  • Regulatory bodies as required by law.
  • Legal representatives in relation to legal proceedings.

6.3 Requests for access by data subjects under UK GDPR should be directed to the Data Protection Officer (DPO) and will be handled in accordance with the right of access provisions.

  1. Complaints and Queries

7.1 Complaints regarding CCTV use should be directed to the Data Protection Officer at DrRaul@saintclinicgroup.com

7.2 Individuals have the right to lodge complaints with the Information Commissioner’s Office (ICO) if they believe their data protection rights have been violated.

  1. Policy Review

8.1 This policy will be reviewed annually or as required by changes in legislation.

13. Contact Information

If you have any questions or wish to exercise your rights, please contact:

Dr Raul Cetto
Data Protection Officer

Le Petit Saint Ltd
DrRaul@saintclinicgroup.com

Telephone: 02030266244

Le Petit Saint
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.