Privacy Policy

Coastal Clarity is committed to protecting your privacy and being transparent about how we collect and use your personal data. This Data & Privacy Policy complies with the UK Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR).

What is Personal Data under the GDPR?

Under the GDPR, personal data refers to any information that can directly or indirectly identify an individual (i.e., the data subject). This includes, but is not limited to, names, identification numbers, location data, and online identifiers. The regulation applies to both automated and manual systems where personal data is accessible according to specific criteria.

Who does GDPR Apply to?

The GDPR applies to organizations within the EU, as well as those outside the EU that offer goods or services to, or monitor the behaviour of, individuals within the EU and the UK.

Data Controller and Data Processor

Coastal Clarity is the data controller responsible for determining the purposes and means of processing your personal data. Coastal Clarity is run by Catriona and Alan Bryant, and can be contacted at [info@coastalclarity.co.uk].

We may work with third-party processors who process personal data on our behalf. These processors include providers of IT services, customer relationship management (CRM) systems, accounting systems, file-sharing and storage systems, and marketing/advertising services. Third-party service providers are bound by data processing agreements to ensure compliance with GDPR and the protection of your personal data.

Cookies

Our website may collect cookies, including HTTP cookies, to enhance your browsing experience. You can manage and update your cookie preferences through your browser settings. For more detailed information, refer to our Cookie Policy.

How We Use Your Personal Data

We collect and process your personal data for the following purposes and on the basis of the lawful grounds of processing:

• To respond to your inquiries and provide the services you request from us.
• To provide ear wax removal services based on your personal instruction or that of your authorized representatives (e.g., Power of Attorney).
• To remind you about your appointments or advise you regarding necessary follow-up services.
• To record and maintain clinical data related to your hearing health history, including techniques used during wax removal and video otoscopic images. These records are securely stored, and you may request a copy at any time.
• To communicate with you during the planning and delivery of our services.

We process your data under the lawful bases of consent, contract performance, legal obligation, and legitimate interest.

Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Once data is no longer needed, it will be securely deleted or anonymized.

Security of Personal Data

We have implemented strict security measures to protect your personal data from unauthorized access, alteration, or disclosure. These measures include secure storage systems for physical and electronic records. Non-essential documents are regularly shredded and recycled.

Payment and Financial Security

When you make credit card payments to Coastal Clarity, your details are securely processed and are not stored beyond the processing of the payment. If you provide us with sensitive financial details, such as credit references, they will be securely stored and handled in compliance with our data protection protocols.

Your Rights Under the GDPR

You have the following rights regarding your personal data:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request correction of inaccurate or outdated personal data.
• Right to Erasure: You may request deletion of your personal data where it is no longer necessary for us to retain it, subject to legal restrictions.
• Right to Withdraw Consent: You may withdraw your consent to data processing at any time, where processing is based on consent.
• Right to Data Portability: You may request that your personal data be provided to you in a structured, commonly used format, or that it be transferred to another controller.
• Right to Restrict Processing: You may request restriction of processing where the accuracy of data is contested or where processing is unlawful.
• Right to Object: You may object to the processing of your personal data under certain conditions.
• Right to Lodge a Complaint: If you are not satisfied with our handling of your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Contact Details

If you wish to exercise any of your rights, or if you have any questions or concerns regarding this policy or how your data is processed, please contact our Data Protection Officer, Catriona Bryant, at [info@coastalclarity.co.uk].