Privacy Policy

We are dedicated to respecting the privacy of everyone who visits our site or uses our services.

The following statement describes El Diario De Carlota Group Limited’s privacy practises.

Introduction and Definitions

Please read this notice carefully as we are committed to safeguarding and respecting your privacy. It outlines when and why we gather your personal information, how we use it, under what circumstances we may share it, and how we keep it safe.

Who exactly are we?

We are El Diario De Carlota Group Limited, a business incorporated in England and Wales under company number xx131xxxx, with our registered office located at 14 Palace Street, Victoria, London, SW1V 5BY.

What kind of personal data do we gather and how do we process them?

Personal data is any information that may be used to identify an individual.

When you engage with our companies, we may collect and process personal information. The usual locations where personal information is gathered include:

  • When you use our website, which includes submitting forms;
  • When you correspond with us regarding our services;
  • During the process of obtaining services, such as submitting information to our employees or reacting to staff requests during a scan;
  • If you answer to our request for participation in a survey.

Listed below are the categories of personal information that we may gather from you:

  • Name and contact information, including email, mailing address, and telephone number.
  • If the information pertains to your care and treatment, it is relevant to your occupation.
  • The services you have accessed are listed.
  • Notes and reports concerning your health and any treatments you have received.
  • Your input and treatment result data are requested.
  • Information pertaining to potential complaints and occurrences.
  • Call recordings, both incoming and outgoing.
  • Any additional personal information collected in the usual course of delivering our services, doing our company, or in conjunction with your inquiry or healthcare journey.

Special category data includes information on your health, race or ethnicity, genetic and biometric data, and sexual orientation. We will only handle this information if it is required for medical diagnosis, the provision of health care services, and/or research reasons, or if you give us permission to do so.

If you provide information on behalf of a third party, you affirm that the third party has engaged you to act on their behalf and given you permission to:

  • their consent for the processing of their personal information;
  • receive any data protection notices on his behalf.

The majority of the personal information we process comes directly from you. Occasionally, however, we obtain personal data and special category personal data from other parties, including:

  • your GP
  • A primary healthcare provider, such as a hospital, to whom you have been referred for further healthcare services.
  • an immediate familial member

Typically, you will have consented to the sharing of your personal information by third parties for the purpose of your treatment in these instances. We will utilise your personal information to enhance your healthcare experience. We may share your information with such individuals or other parties as we deem essential for the delivery of your healthcare. This may consist of:

  • Health and Safety Executive
  • your GP
  • any hospital where you have received or will receive care
  • Commissioning Groups for Clinical Services
  • Local governments
  • Healthcare suppliers typically
  • Involved data controllers and processors in your healthcare journey

We will only share your personal information with the aforementioned parties if it is required for the treatment of your condition.

Under data protection laws (including the Data Protection Act 2018 and the General Data Protection Regulation (GDPR), we may only handle your personal data if one of the following legal grounds applies, which will be evaluated on an individual basis:

  1. We have your permission. At any moment, you may withdraw your permission. This is possible by contacting us. (Please see “How can you contact us?” below for details)
  2. We are obligated by our contract with you to process your personal information
  3. We are required by law to process your personal information
  4. We must safeguard your critical interests
  5. We need it to carry out a public duty
  6. We have a valid reason to treat your personal information

In most cases, we will treat your personal information on the basis of our legitimate interests.

The goal of the justifiable interest is patient treatment. As the data controller of health data, processing is required to schedule patients for clinical appointments, undertake clinical practise, and report on clinical practise.

What we do with the data we possess.

We need to handle your information for one or more of the following reasons:

  • With regard to your therapy
  • compliance with legal, regulatory, and corporate governance responsibilities and best practises.
  • obtaining information as part of regulatory agency inspections, legal processes, or request
  • Various operational considerations, including recording services, training, and quality control
  • personnel administration and evaluations, monitoring employee behaviour, and disciplinary issues
  • enhancing our services through statistical analysis and exhaustive research
  • allowing us to typically satisfy your healthcare needs

Surveillance and recording of conversations

We may monitor and record contacts with you (such as phone calls and emails) for quality control, training, fraud prevention, and regulatory compliance.

How are your personal details saved and utilised?

Your personal information is stored securely at locations that fully adhere to our data security standards. This offers adequate organisational and technological security measures to prevent unauthorised access or illegal processing of your personal data, as well as the loss, destruction, or alteration of such data. We endeavour continuously to ensure that our data security system provides a powerful defence against data security breaches, including through audits. We hold ISO9001 Quality Management System and ISO27001 Information Security Management Standard accreditation.

Data protection regulation restricts the transmission of personal data to countries outside the European Economic Area (EEA), save in the following circumstances:

  • The European Commission or the United Kingdom has determined that the nation in issue provides a sufficient degree of protection for personal data; or
  • One of the methods specified by the law has been implemented, such as when one of the “relevant safeguards” indicated in data protection law has been implemented or when a particular exemption applies.

How long do we save your personal information?

We will only retain your personal information for as long as is required to reply to and handle your inquiry.

According to our Data Retention Policy, which is accessible upon request, we will only retain your personal information for as long as is required. (Please see “How do you contact us?” below for details.)
Please note that if you have given us permission to handle your personal data, you have the right to withdraw this permission at any time.

Who may access your personal information?

We may share your personal information with other companies in our group. Your personal information gathered through our websites will not be disclosed to other parties, unless required by law.

Employing Cookies

When you visit our website, a cookie is installed on your computer (or other electronic device). Cookies are used on this website.

Google Analytics utilises cookies to collect information about website visitors, including your IP address. We may then use this data to better comprehend how users utilise our website and to enhance it.

If you would like to learn more about cookies or how to disable them in your browser, please visit www.allaboutcookies.org. However, you should be aware that doing so may prevent you from using certain features of the website.

Which rights do you possess?

You have rights under data protection legislation, including:

  • You have the right to request copies of your personal information from us. The term for this is “Subject Access Request.” Please send an email to [email protected] with your request.
  • Right to rectification: You have the right to request that we fix or update information that you believe is erroneous or incomplete.
  • Under certain conditions, you have the right to request that we delete your personal information.
  • In some situations, you have the right to request that we restrict our use of your personal data.
  • Right to object to processing: in certain conditions, you have the right to object to the processing of your personal data.
  • Under some conditions, you have the right to request that we transmit the personal information you provided to us to another organisation or to you.
  • Right not to be subject to exclusively automated decisions: you have the right, especially in relation to profiling, not to be subject to processes that include no human interaction.

There are no fees associated with exercising your rights. If you send a proposal, we will react within one month.

We will need to confirm your identify using your driver’s licence, passport, and a utility bill or other document indicating your name and address. To contact us in order to exercise any of these rights, please see “How do you contact us?” below.

Submitting a complaint

If you have a complaint about how we have handled or processed your personal information, please email us at [email protected].

You have the right to approach the Information Commissioner’s Office in Wilmslow if we are unable to address your concerns to your satisfaction.

ICO website: https://www.ico.org.uk

How to exercise your privacy rights and how to contact us

If you desire to exercise any of your data protection rights, please click this link to a secure gateway and fill out the following form.

If you have any concerns regarding this privacy notice or the personal information we have about you, or if you would want to exercise any of your rights, please contact us at:

Data Protection Officer Beechwood Hall, Kingsmead Road, High Wycombe, Buckinghamshire HP11 1JL United Kingdom Telephone: 21323123333 Email: [email protected]

Modifications to the Privacy Notice

This Privacy Notice may be updated from time to time. You should periodically review this notice to ensure that you are aware of the most recent version that applies each time you visit this website.

The most recent revision to this Privacy Notice was made in June 2021.