Privacy Notice

 

PRIVACY NOTICE At Kins Skin Clinic (“Kins”), we are committed to protecting and respecting your data protection and privacy rights and the security of your personal data.

Kins has a registered office at 26 Cluain Mara, Farm Lane, Kinsale, Co. Cork, and is the data controller that is responsible for any personal data collected when anyone uses this website.

This notice is provided to you in line with our obligations under Data Protection Laws 1 .

This privacy notice describes how we collect and use personal data about you in accordance with Data Protection Laws.

It is important that you read this notice so that you are aware of how and why we are using your information.

1. How is your personal information collected?

We collect personal data from you when: •

  • You contact us using the website; •

  • You use or view our website; and •

  • You make a booking with us.

2. The kind of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include anonymous data i.e. data from which you cannot be identified.

When you contact Kins, we may collect, store, and use the following categories of personal data about you: •

  • Personal contact details such as name, titles, addresses, telephone numbers and email addresses; •

  • Medical details including photographs, medical history, treatments obtained, etc.

3. How we use your personal information

We will only use your personal data when there is a lawful basis for doing so.

We may use your personal data for the following purposes: •

  • Communicate with you. •

  • Provide you with information or services that you request from us. •

  • In any other way we may describe when you provide the information. •

  • For any other lawful purpose with your consent. •

  • We may also process your data to monitor and improve the quality of our service and to meet certain legal and regulatory obligation. •

  • In our Newsletter and for the purposes of the circulation of our newsletter.

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal data.

1 This comprises all applicable data protection and privacy legislation in force including the General Data Protection Regulation ((EU) 2016/679); the Data Protection Acts 1988 to 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 and any amended or replacement legislation, and all other applicable law, regulations and codes of conduct relating to the processing of personal data and privacy including guidance and codes of practice as they may be updated from time to time.

4. Collection and use of technical information

Technical details in connection with visits to this website are logged by our internet service provider for our statistical purposes. No information is collected that could be used by us to personally identify website visitors.

5. Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so unless this is otherwise required or permitted by law (in which case we may process your personal data without your knowledge or consent).

6. Automated decision-making

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention.

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

7. Marketing

We may contact you by email/telephone and social media about our services and other events which might be of interest to you. You have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, please send us an email to info@kins.ie

8. Data sharing

We will share your personal data with third parties where required by law, where it is necessary to perform our contract with you or where we have another legitimate interest in doing so. The third party providers we currently work with are Fresha and AMedSU.

We will share your data with trusted third-party service providers.

We require third parties to respect the security of your data and to treat it in accordance with the law.

All our third-party service providers are required to take appropriate security measures to protect your personal data. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

9. Transferring information outside the EU

We do not envisage that any of your personal data will be transferred outside of the European Economic Area (EEA). However, we may transfer the personal data we collect about you outside the European Economic Area (EEA) where a trusted service provider is based outside of the EEA. We will always take steps to ensure that any transfer of your information outside of the EEA is carefully managed to protect your privacy rights.

10. Data retention policy

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

11. Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to: •

  • Request access to your personal information. •

  • Request correction of the personal information that we hold about you. •

  • Request erasure of your personal information. •

  • Object to processing of your personal information. •

  • Request the restriction of processing of your personal information. •

  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact info@kins.ie

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

12. Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact info@kins.ie. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

13. Data Protection Officer

We have appointed a Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact info@kins.ie.

You have the right to make a complaint at any time to the Data Protection Commission, the Irish supervisory authority for data protection issues. The Data Protection Commission can be contacted at Data Protection Commission, 21 Fitzwilliam Square South Dublin 2 D02 RD28 Ireland or by using one of their webforms at www.dataprotection.ie.

14. Changes to this privacy notice

We reserve the right to update this privacy notice at any time. We may also notify you in other ways from time to time about the processing of your personal information. If you have any questions about this privacy notice, please contact our Data Protection Officer at info@kins.ie.