hello world!
Sign in

Privacy policy

New European data regulations and privacy

The CZ law changed on the 25th May 2018 and, if you are in theCZ or anywhere in Europe, you have probably received severalemails about the new EU General Data Protection Regulation(GDPR).

I am letting clients and students know about my new Privacy Policywhich explains how your data is safeguarded and your privacy respected.

Nothing is changing about the way your information is processed. I have just improved the way we describe my practices.

My interest is in working with clients, families and children, and that is where my passion remains. I may run courses and inform you of this from time to time, and I may remind you of my practice dates from time to time.

I also send out seasonal newsletters, now usually by email If you wish to read the new Privacy Policy, it is on my website; however, you do not need to do anything. I am also required to ask you to “sign” a consent form, which will be emailed to you for you to return as agreed. This document I would only keep in digital format (currently your notes and access information are held either in digital form or as paperwork in the
secured storage).

Data protection policy

Scope of the policy
This policy applies to the work of homeopath Dr Petr Simeon Gajdos (hereafter referred to as Dr PSG). The policy sets out the requirements that Dr PSG has to gather personal information for professional purposes. The policy details how personal information will be collected, stored and managed in line with data protection principles and the General Data Protection Regulation. The policy is reviewed on an ongoing basis to ensure that it is compliant. This policy should be read in tandem with Dr PSG’s Privacy Policy.
Why this policy exists
This data protection policy ensures that Dr PSG:

• complies with data protection law and supports good practice
• protects the rights of clients
• is open about how he stores and processes clients’ data
• protects himself from the risks of a data breach

Data protection principles
The General Data Protection Regulation identifies 8 data protection principles.

1. Lawful, fair and transparent data processing
Dr PSG requests personal information from clients and potential clients to consult with them and provide them with advice and guidance on homeopathic treatments. Clients should be asked to provide consent for their data to be held, and a record of this consent along with client information, will be securely held. Clients can, at any time, remove their consent by writing to Dr PSG by post or email, should they wish to do so.

2. Processed for Specified, Explicit and Legitimate Purposes
If requested, clients will be informed how their information will be used and Dr PSG will seek to ensure that clients’ information is not used inappropriately. Appropriate use of information provided by clients includes:

• Communicating with clients in order to make, change or cancel consultations
• Assessing the conditions and issues reported by clients and devising and
prescribing appropriate remedies and therapies.

Dr PSG will ensure that clients’ information is managed in such a way as not to infringe an individual’s rights which include:

• The right to be informed
• The right of access
• The right to rectification
• The right to restrict processing
• The right to data portability
• The right to object.

3. Adequate, Relevant and Limited Data Processing
Dr PSG’s clients will only be asked to provide information that is relevant to support consultations and prescription. It includes:

• Name
• Date of birth
• Gender
• Postal address
• Email address
• Telephone number
• Medical history and the client’s personal health story.
• Relevant close family information
• Information related directly to the homeopathic choosing of remedies

There may be occasional instances where a client’s information needs to be shared with a third party due to an accident or incident involving statutory authorities. Where it is in the best interests of the client or of Dr PSG, in these instances where Dr PSG has a substantiated concern, then consent does not have to be sought from the individual.

4. Accuracy of Data and Keeping Data up to Date
Dr PSG has a responsibility to ensure that clients’ information is kept up to date. Clients will be expected to let Dr PSG know if any of their personal information changes.

5. Accountability and Governance
Dr PSG is responsible for ensuring that his practise remains compliant with data protection requirements and can provide evidence that it has. For this purpose, those from whom data is required will be asked to provide written consent. The proof of this consent will then be securely held as evidence of compliance.

6. Secure Processing
Dr PSG has a responsibility to ensure that data is both securely held and processed. It includes:

• using strong passwords for information held within computer systems
• using password protection on laptops and PCs that contain or access personal
• using password protection or secure cloud systems
• providing adequate virus-protection and firewall software to secure computer-based

7. Subject Access Request
Dr PSG’s clients are entitled to request access to the information that is held by them. The request needs to be received in the form of a written request to Dr PSG. On receipt of the request, the request will be formally acknowledged and dealt with within 21 days unless there are exceptional circumstances as to why the application cannot be granted. Dr PSG will provide a written response detailing all information held on the individual and a record made of the request and the date of the answer.

8. Data Breach Notification
Where a data breach to occur, an action shall be taken to minimise the harm. Dr PSG will inform any clients where he believes their personal information has been compromised. Where necessary, the Information Commissioner’s Office will be notified.

If a client contacts Dr PSG to say that they feel that there has been a breach by Dr PSG, he will ask the client to provide an outline of their concerns. If the initial contact is by telephone, Dr PSG will ask the client to follow this up with an email or a letter detailing their concern. The concern will then be investigated thoroughly, and a response made to the patient. Breach matters will be subject to a full investigation and recorded and all those involved notified of the outcome.

Policy review date: Every three years

Privacy policy

I take the privacy rights of my clients very seriously. This privacy policy sets out how I deal with your ‘personal information’, that is, information that could identify, or is related to the
identity of, an individual.

What personal information do I collect?
In order to treat you, I will ask you to provide certain information. It includes:

• Name
• Gender
• Date of birth
• Home address
• Email address
• Telephone number
• Medical history
• Your story

To this, over time, I will add details of the conditions for which you have consulted me and the remedies and other therapies that I have prescribed or recommended.

How do I collect this personal information?
All the data collected is obtained directly from you. It is usually at the point of your initial consultation. The data is collected at the initial and subsequent meetings. I will also request that you provide consent for me to store and use your data. Your consent is required to ensure my compliance with data protection legislation. Subsequently, I will add to this initial information with details of the consultations you hold with me.

How do I use this personal information?
I use your personal information to analyse the conditions for which you have consulted me and to prescribe remedies and other therapies. I will communicate with you by email, other digital methods, by telephone and by post.

With whom do I share your personal information?
I do not share your personal information unless you ask me to.

How long do I keep your personal information?
I need to keep your data for as long as you continue to consult me. Since patients often return for more consultations after a period of absence, I will keep your information for nine years after your last meeting. In the case of children, the requirement is until nine years after their 18th Birthday, i.e. 27 years old. At that point, any digital information will be erased from my computer and back up systems.

How your information can be updated or corrected
To ensure that I have accurate and up-to-date information, you need to inform me of any changes you believe I should make to the personal information I hold. You can do this by contacting me by any of the methods previously described.

Under data protection legislation, you have the right to inspect the personal information I hold about you. You can request to do so by contacting me, and I will endeavour to respond within 21 working days.

How do I store your personal information?
My patient files are only in electronic format. I take steps to protect your personal information against loss or theft, as well as unauthorised access, disclosure, copying, use, or modification.

Your email address, if you have one, is held securely on the servers of my email providers. Changes to this policy

This policy may change from time to time. If I make any material changes, I will make you aware of them.
Contact If you have any queries about this policy, need it in an alternative format, or have any complaints about my privacy practices, please contact me:

Policy review date: Every three years.
I’m the FREEDOM-fighter,
Who honours the memory of those
Who died for YOU,
Sacred WORLD freedom!
In protected but INTERCONNECTED lives.
Dr Petr Simeon Gajdos
Subscribe to our newsletters
Created and managed by: Softmedia.cz | Designed by Kubátko | © Global Impact
usercross linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram