Your privacy is important to us. It is the policy of Club de Mar Medical to respect your privacy regarding any information we may collect from you across our website, on paperwork or in the electronic patient registration systems to be found in the practice; these are required to store your records or as part of your visit for example for a medical.

1. Contact details

In line with general practice contact details are kept in order to be able to reach patients in the future. If you do not want your contact details retained in a secure and safe way, we cannot accept you as a patient within the practice. We only ask for personal information when we truly need to in order to provide a service to you and to maintain your records. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we are collecting it and how it will be used. We only retain collected information for as long as is mandated.

2. Data stored

What data we store, we will protect within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.

3. Sharing your data

We do not share any personally identifying information publicly or with third-parties, except with any governing bodies, for example the MCA by whom we are regulated, only upon request. Wherever pertinent, additional consent will be obtained from the patient.

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites and cannot accept responsibility or liability for their respective privacy policies.

You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some/any of your desired services. Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information.

4. Security

Our website uses specialist security software – Shield Security. This helps to ensure data breaches do not occur and our website and data are protected against hacking attempts and intrusion. Shield Security protects site visitors and works to block potential hacks while monitoring web traffic and filesystem changes.

4.1 Cookies

  • The Shield Security plugin never stores any sensitive, personally identifiable information in any cookie at any time.
  • In the case that the Shield Security plugin needs to redirect a visitor or any request, it may use a cookie to prevent repeated/infinite redirect loops.
  • For registered/logged-in users, the Shield Security plugin uses a cookie to track user sessions and control display of certain in-plugin admin notices.
  • The Shield Security plugin does not normally use Cookies for unregistered site visitors. It may however use a cookie to register the closure of the Shield Security security badge to prevent repeated display.

4.2 Data Storage: User Sessions

For logged-in users, the Shield Security plugin stores information on the username, the IP address and the time of last login and last activity. This information is purged upon logout or data cleanup.

4.3 Data Storage: Audit Trail

The Shield Security plugin has an Audit Trail feature that will log the following information:

  • Audit Trail message that may include email addresses
  • Logged-in username (where applicable)
  • Originating IP address of the request

For logged-in users this represents information that may be used to locate (by IP address) and identify individuals and their activity on the site. This information is stored for security purposes by the site administrator. This data will be retained and then automatically purged from the database after a 14 days.

 

If you have any questions about how we handle user data and personal information, feel free to contact us via email or call us: (+34) 971 703 391

This policy is effective as of 1 July 2019