top of page

Last Updated: 10 August 2024

Privacy Policy

 

1. Introduction

 

Welcome to dochkahristova.com ("I," "my," or "me"). I, Dochka Hristova, am committed to protecting your privacy and ensuring that your personal data is handled in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. This Privacy Policy outlines how I, as the data controller, collect, use, disclose, and secure your data when you visit my website, use my services, or interact with me.

By using my website and services, you acknowledge that you have read and understood this Privacy Policy, and you consent to the practices described herein. If you do not agree with these practices, please refrain from using my website and services.

 

2. Information I Collect

 

I collect various types of information:

  • Personal Information: When you book appointments or interact with my services, I may collect personal information such as your name, contact details, date of birth, and health-related information. Health-related information is considered special category data under GDPR and is collected with your explicit consent.

  • Booking Information: I use Cliniko for appointment scheduling, record-keeping, and invoicing. Cliniko collects information to manage your appointments and store relevant medical records, including your date of birth. This data is processed in compliance with GDPR, and a Data Processing Agreement (DPA) is in place to ensure your data is protected. You can review Cliniko's privacy policy to understand how they handle and protect user data.

  • Payment Information: To process payments, I use Stripe. Stripe collects payment information such as credit card details, billing addresses, and transaction data. This data is processed in compliance with GDPR, and a DPA is in place to protect your data. You can review Stripe's privacy policy to understand how they handle and protect user data.

  • User Data: My website is hosted on the Wix platform. Wix may collect user data through standard website analytics, cookies, and similar tools as described in their privacy policy. This data is processed in compliance with GDPR, and a DPA is in place to ensure the protection of your data. You can review Wix's privacy policy to understand how they handle and protect user data.


3. How I Use Your Information

 

I use your data for the following purposes:

  • Providing therapeutic/healing services and appointment management, as required for the performance of our contract.

  • Record-keeping and maintaining your medical records, in compliance with medical and legal obligations, including your date of birth.

  • Processing payments and invoicing, ensuring secure and lawful financial transactions.

  • Sending relevant appointment information and reminders.​


4. Sharing of Your Information

 

I do not sell, trade, or rent your personal information to third parties. However, there may be instances where I share your data, specifically:

  • Referrals to Other Practitioners: If you request a referral to another practitioner or healthcare provider, I may share relevant information with them to ensure continuity of care. This sharing will be done with your explicit consent and is essential for your healthcare needs.

  • Legal and Regulatory Authorities: I may disclose your information when required by law or for compliance with legal obligations, in accordance with the GDPR and UK data protection laws.
     

5. Retention of Client Records

 

I retain client records for up to five years from the date of the last service or interaction. This retention period is in line with regulatory requirements and ensures that your records are available for future reference if needed.


6. Security

 

I take reasonable security measures to protect your data, including encryption and access controls. However, no online transmission or storage method is entirely secure, and I cannot guarantee the absolute security of your data.

 

7. Your Rights

 

Under the GDPR and Data Protection Act 2018, you have the following rights regarding your data:

  • The right to access your personal data.

  • The right to rectify any inaccurate or incomplete data.

  • The right to erasure (right to be forgotten).

  • The right to restrict processing.

  • The right to data portability.

  • The right to object to processing.

  • The right not to be subject to automated decision-making.

If you wish to exercise any of these rights or have any questions regarding your data, please contact me at dochkahristova[at]icloud.com.

 

8. Changes to this Privacy Policy

 

This Privacy Policy may be updated from time to time, and any changes will be posted on this page with the "Last Updated" date. Please review this policy periodically for updates.

 

9. Contact Me

 

If you have questions or concerns regarding this Privacy Policy or your data rights under GDPR and UK data protection laws, please reach out to me at dochkahristova[at]icloud.com.

​​

bottom of page