Privacy & Cookie Policy

This privacy policy sets out how Merran Lusher uses and protects client information collected for the purposes of her health consultations and when using this website.

Merran Lusher is committed to ensuring that your privacy is protected. Should I ask you to provide certain information from which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement and with the requirements laid down by law in the Data Protection Act (DPA) 1998. The Privacy and Electronic Communications Regulations (PECR) 2003 and the new General Data Protection Regulation (GDPR) 2018.

Purpose of the Policy:

To comply with the law; to follow good practice; and to protect clients.

What I Collect:

Information I collect for the purposes of my business includes:

  • Contact information including name, date of birth, address, phone number and email addresses.

  • Medical information outlining health conditions and presenting symptoms, current medications and supplements, medical history, family history, diet and lifestyle habits and details of other health care providers or clinics that may be in your care.

  • Case taking files outlining notes pertaining to our scheduled consultations and BodyTalk sessions.

  • Clinical test results.

  • Referrals to or from GP’s and other healthcare practitioners.

  • When visitors leave comments on my website, Squarespace collects the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

How I Use the Information:

I require this information to help me understand your presenting health status and medical needs, so that I can facilitate in improving and resolving your health concerns. Thus, ultimately providing you with a better service by more effectively helping you to meet your treatment goals and wellness outcomes.

Approximately every month, I may send you an email about health and wellness updates, wellness articles, special offers, practice changes and other information which I think you may find interesting. You will receive this information via the email address you have provided and given me consent to use. You can unsubscribe at any time.

Security:

I am committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, I have put in place appropriate physical and electronic procedures to safeguard and secure the information I collect online. All information stored electronically is either automatically encrypted via FileVault, or safe guarded via two step authentication. All information is held on secure servers. In the case of paper documentation, information is held in secured cabinets only accessible by myself, the Data Controller.

As required by law, all client health records must be retained on file for seven years (from the last date of your appointment with me), whereby after this period, they will be deleted from my records.

Analytics:

On this website I use Google Analytics and Squarespace Analytics to track user behaviour. This information is collected anonymously. Google Analytics tracks information about the device used to visit my site, how users find this website, and information about what pages are viewed and for how long. Additionally, specific user behaviour on the site such as links being clicked can also be tracked. This information is used to help optimise my website and improve the user experience.

To opt out of Google Analytics, both on my site and others, you can install the Google Analytics op-out browser add on. More information can be found by reading Google’s Privacy Policy.

Squarespace Analytics has a built-in integration that connects my site to Google Analytics for visitor tracking and other reporting. It’s reporting platform gives me insight into how my site is performing. With Analytics, I can get a clear picture of my visitors and their behaviour through visual reports on statistics like page views, conversion and popular content. More information about Square Space’s Terms of Service and Privacy Policy can be found here. As a user, I have agreed to their terms of service and by extension, their DPA when I signed up to their services.

I also use Bing Webmaster tools which is a free service as part of Microsoft’s Bing search engine. It allows webmasters to add their websites to the Bing index crawler, see their site's performance in Bing (clicks, impressions) and a lot more. The service also offers tools for webmasters to troubleshoot the crawling and indexing of their website, submission of new URLs, sitemap creation, submission and ping tools, website statistics, consolidation of content submission, and new content and community resources. Here is a link to their Privacy Policy.

Cookies and Similar Technologies:

A cookie (or such similar technology) is small text file containing small amounts of information that may be stored on your computer or mobile device. Cookies can improve visitors’ browsing experience because they help websites remember preferences and understand how people use different features. Once you, the visitor agree to the use of cookies - the file is then added. The cookie then helps to analyse web traffic and enables the website to function efficiently. Cookies also allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. Similar technologies include tags - which I also use on my website.

Here is a link to some of the types of cookies that SquareSpace uses including functional and required cookies, analytics and performance cookies:

My website has been tested and is compliant with both GDPR and PECR, in line with EU regulations on online tracking. I use cookies to identify which pages are being used. This helps me analyse data about web page traffic and improve my website in order to tailor it to user needs. I only use this information for statistical analysis purposes and the data is then removed from the system.

If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment.

Overall, cookies help me provide you with a better website, by enabling me to monitor which pages you find useful and which you do not. A cookie in no way gives me access to your computer or any information about you, other than the data you choose to share.

You can choose to allow or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Links to Other Websites:

My website may contain links to other websites of interest. However once you have used these links to leave my site, you should note that I do not have any control over these websites. Therefore, I cannot be responsible for the protection and privacy of any information which you provide while visiting these sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement.

Connected websites:

Cliniko is a practice management system for clinics and allied health practitioners. It helps me to manage my practice scheduling, treatment records and online bookings. As a user of Cliniko, I have agreed to their Privacy Policy and Terms of Service to ensure that the agreements I have with them and GDPR requirements are met. I have also signed a Data Processing Addendum (DPA) with Cliniko as an additional agreement, which means that although Cliniko and its subprocessors aren't physically in the EU/EEA, I am still allowed to use Cliniko to manage my patient information. The DPA sets out an approved set of provisions which offers sufficient safeguards and protection for data that's processed outside of the EU/EEA.

Controlling your Personal Information:

I will not disclose or distribute your personal information to any third party unless I have your written permission or are required by law to do so. I may use your personal information to keep you up to date on my health and wellness news, special offers and practice updates.

If you believe that any information I am holding on you is incorrect or incomplete, please email me at merran@merranlusher.co.uk as soon as possible and I will promptly rectify any information found to be incorrect. I will ensure to respond quickly and effectively with requests to unsubscribe, amend or delete information.

Access requests to your personal records, must be valid and made in writing. A £10 administration fee will be charged to compensate for my time spent compiling the requested documentation.

Payment methods:

For clients who make payments to me via PayPal, here is a link to Paypal’s privacy policy. For other clients who make payments to me via iZettle (a PayPal service), here is a link to iZettle’s privacy policy.