Who is responsible for your data
We control the ways your personal data is collected and the purposes for which your personal data is used by us as the “data controller” for the purposes of the UK Data Protection Act 1998 and General Data Protection Regulations 2018.
Personal data we collect and hold about you
We need to collect some personal data from you when you request our services.
Categories of data we collect
We may collect and process the following categories of information about you:
Your full name, date of birth and your contact details (email address, telephone number and postal address)
When you request an appointment booking on our website When you call us
Details of your audiogram and responses to your initial consultation questionnaire and ear wax removal questionnaire
When you attend an appointment or consultation with a member of the team
Information about your transaction, including your payment card details and relevant forms of Identification
When you purchase or use our products or services
The communications you exchange with us (for example, your emails, letters, calls or your messages on our online chat service)
When you contact us or we contact you
Your posts and messages on social media directed to Earwax.co.uk
When you interact with us on social media
How and why we use your personal data
We may use your personal data for the following purposes.
– To manage the products and services you hold with us and to comply with law.
– To provide our products and services to you – We will use your information to perform our services in relation to your hearing, for example to book in follow up appointments. This list isn’t exhaustive.
– To communicate with you and manage our relationship with you relating to the product and/or services you have with us – We may need to contact you by phone, email, post and/or SMS for administrative or operational reasons regarding the products and services you hold with us.
– To arrange, alter, cancel or postpone an appointment –We will use the information you provide after you have sent us a request, filled in a web-form through our website or contacted us on social media to provide you with the response to your request.
– To improve our services, fulfil our administrative purposes and protect our business interests – The business purposes for which we will use your information include accounting, billing and audit, credit or other payment card verification, fraud screening, safety, security and legal purposes, statistical and marketing analysis, systems testing, maintenance and development.
– To improve our quality levels, help with staff training and to provide evidence in the event of complaint or dispute – We may record telephone conversations or other communications between you and us. We will use these recordings or transcripts of them to check your instructions to us, analyse, assess and improve our services to customers, for training and quality purposes and for the purposes of investigating any complaint you may make, or as evidence in any dispute or anticipated disputes between you and us.
– To inform you about news and offers relating to your hearing and the products and services we provide – Our contact with you will usually be in the form of a letter, newsletter or phone call, and may include: invites to our events, company news, new products and services, special offers and cost saving promotions. We will also provide you with any useful news relating to developments in hearing aids and technology. This is not an exhaustive list, and is subject to change. Of course, you can change the way you receive information from us at any time by emailing email@example.com.
Please note that we do not share your contact details and/or personal data with any other companies for marketing purposes. If you do not want to receive communications from us, you can simply tell us by clicking the relevant box before submitting your details or by emailing us at firstname.lastname@example.org with the subject title ‘unsubscribe’, at any time. You can also unsubscribe from any email we send you by clicking the unsubscribe link at the bottom of any marketing related email you receive from us.
You can also call us on 0800 4220157.
How long we will hold your personal data
– To comply with HMRC legal obligations – this legal requirement requires us to keep records [including invoices and contracts] for 6 years from the end of the last company financial year they relate to.
– Existing patients, to provide the products and services you hold with us – typically hearing aids are replaced or serviced every 5 years. Therefore, we will hold your personal data on our secure systems for this period. We will contact you prior to the end of this period to arrange a review appointment, under legitimate interests.
– When you attend an appointment with us, we will follow up your enquiry by letter, email and occasionally by phone and hold your details on our secure systems for a period of 5 years.
– Deceased patients – we will securely shred and remove from our systems any data relating to a deceased individual within 12 months of being notified of the death.
Requesting access to your personal data
You have a right to request access to the personal data that we hold about you. We will provide this information to you within one month of the initial request, free of charge. Any additional copies may be chargeable. If you would like to request a copy of your personal data, please email us at email@example.com
The request must be made in writing and contain:
– Your name
– Your postal address
– A telephone number where you can be reached
– A copy of your passport or driving licence
– Signed authority from the individual whose data is required if you are requesting on their behalf.
If you have questions in relation to your personal data, please contact us at: firstname.lastname@example.org
Security of your personal data
We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, loss or damage.
The information that you provide to us will be held in our secure servers, which are located in the Cloud. Your personal data may be accessed by and processed outside the European Economic Area (the European Economic Area being the European Union and Iceland, Liechtenstein and Norway, also referred to as the “EEA”) by staff operating outside the EEA who are employed by us. Where your personal data is accessed outside of the EEA, we require that appropriate safeguards are in place.
Cookies or other tracking technologies
In order to improve our services, to provide you with more relevant content and to analyse how visitors use our website, we may use technologies, such as cookies, pixels or tracking software. Please be aware that in most cases we will not be able to identify you from the information we collect using these technologies.
For example, we use software to monitor customer traffic patterns and website usage to help us develop the design and layout of the website in order to enhance the experience of the visitors to our website. This software does not enable us to collect any personal data. In addition, in order to understand how our customers interact with the emails and the content that we send, we use pixels that allow us to know if the emails we send are opened or if the content of our emails is displayed in text or html form.
Sharing your personal data
We may share some of your personal data with, or obtain your personal data from, the following categories of third parties:
– Suppliers providing services to us in order to help us run our business and improve our services. This could be a hearing aid manufacturer that we partner with or a data processing unit to cleanse our data.
– Purchased data – from time to time we purchase data from data centres in order to market our products and services. We do not share our customer data.
– Credit and debit card companies. We may share some of your personal data, which includes information about your method of payment, to the credit or debit Card Company that issued the card you used to pay for your products or services. In order to ensure the security of your transactions and prevent or detect fraudulent transactions, we may also share your information with fraud screening partners.
– Fraud prevention agencies. To prevent crime and trace those responsible.
– Your personal data may be disclosed to a third party who acquires us, or substantially all of our assets or if we sell or buy any business or assets.
– We are under a duty to disclose or share your personal data in order to comply with any legal obligation; or to protect the rights, property, or safety of Earwax.co.uk, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.