Privacy and Data Policy
1. Introduction
Audibility LTD (“we,” “us,” or “our”) is committed to protecting and respecting your privacy. This Privacy and Data Policy explains how we collect, use, store, and protect your personal data when you use our website, book appointments, and access our hearing care services.
2. Who We Are
Our website address is: https://audibility.co.uk and our physical address is: 38 Brandon Parade East, Motherwell, ML1 1LY.
3. Data Collection
We may collect the following types of personal data:
- Personal Identification Information: Name, address, email, phone number, and other contact details.
- Health Information: Details about your hearing health, medical history, and other relevant health data necessary for providing our services.
- Appointment Information: Details of your appointments, including times, dates, and any notes taken during your consultation.
- Website Interaction Data: Information about your interactions with our website, including comments, IP addresses, and browser user agent strings, which help with spam detection.
4. Comments
When visitors leave comments on our site, we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help with spam detection. An anonymized string created from your email address (a hash) may be provided to the Gravatar service to check if you are using it. The Gravatar service Privacy Policy is available here. After approval of your comment, your profile picture (if any) will be visible to the public in the context of your comment.
5. Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
6. Cookies
We use cookies to enhance your experience on our site:
- Comments Cookies: If you leave a comment on our site, you may opt-in to saving your name, email address, and website in cookies. These are for your convenience, so you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
- Login Cookies: If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up cookies to save your login information and screen display choices. Login cookies last for two days, and screen options cookies last for one year. If you select “Remember Me,” your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
- Editing/Publishing Cookies: If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day.
7. Embedded Content from Other Websites
Articles on our site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction if you have an account and are logged in to that website.
8. Use of Your Data
We use your personal and health data to:
- Provide and manage our hearing care services.
- Book and manage appointments.
- Communicate with you regarding your care and appointments.
- Maintain accurate health records in accordance with legal and professional requirements.
9. Data Retention
We retain your personal and health data for as long as necessary to provide our services and as required by applicable laws and regulations. Specifically:
- Adult Health Records: Retained for a minimum of 8 years after the last entry in the record.
- Children’s Health Records: Retained until the child’s 25th birthday, or 26th if they were 17 at the conclusion of treatment.
- Deceased Patients: Records retained for 8 years after death.
Whilst you have the right to request the deletion of your data under UK GDPR, certain health records may be exempt from deletion due to our legal obligations or the need to retain them for the establishment, exercise, or defense of legal claims. In such cases, we will retain your data only for as long as is necessary and securely store it according to data protection standards.
For website data, if you leave a comment, the comment and its metadata are retained indefinitely. This allows us to recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website, we store the personal information provided in their user profile, which they can view, edit, or delete (except for the username).
10. Data Security
We take the security of your personal and health data seriously and have implemented appropriate technical and organizational measures to protect it from unauthorized access, loss, or misuse.
11. Data Subject Rights
You have the right to:
- Access your personal data and request a copy of the information we hold about you.
- Correct any inaccuracies in your personal data.
- Request the deletion of your data, subject to our need to retain certain information as described in Section 9.
- Object to the processing of your data in certain circumstances.
To exercise any of these rights, please contact us using the details provided below.
12. Appointment Booking and Health Data Consent
When you book an appointment with us, if you haven’t previously signed a health data consent form, this will automatically be sent to you via email for signature. If you arrive at our clinic without a pre-booked appointment or haven’t been able to sign the form electronically, we will ask you to sign this before any consultation or treatment begins.
13. Who We Share Your Data With
If you request a password reset, your IP address will be included in the reset email. Visitor comments may also be checked through an automated spam detection service.
14. Data Control Officer
Our Data Control Officer is responsible for overseeing data protection strategy and implementation to ensure compliance with data protection laws. If you have any questions or concerns regarding your data, you can contact Tracy Marchant directly at tracy@audibility.co.uk.
15. Updates to This Policy
We may update this Privacy and Data Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes through our website.
16. Contact Us
If you have any questions about this Privacy and Data Policy, or if you would like to exercise any of your rights, please contact us at:
Audibility LTD, 38 Brandon Parade East, Motherwell, ML1 1LY. info@audibility.co.uk