Stretch and Collect aims to be compliant with the General Data Protection Regulation (GDPR) as tailored by the Data Protection Act 2018.
Principles of Practice
1. Lawfulness, Fairness and Transparency
- We keep up to date with the law regarding data protection and review this policy annually to ensure best practice in relation to GDPR.
- We collect personal data for specific reasons and with consent. However, there are circumstances where we may be legally obliged to share data without the subject’s consent. These include protecting vital interests, conducting legal proceedings or obtaining legal advice.
2. Purpose Limitation
Data is collected for specific tasks as follows:
- To record contact details for the purpose of providing our service and keeping you informed about any changes to our service.
- To identify the animal being treated.
- To produce invoices for our services.
-Google Analytics will be used to monitor website.
3. Data Minimisation
- Data will only be collected if it is relevant to the purposes identified
- We will take all reasonable steps to ensure that personal data is accurate and updated if necessary.
- Data will be provided to us verbally, electronically via email, text message or other forms of messaging or on a veterinary referral/consent form.
5. Storage Limitation
- Data will be kept for 7 years as specified by our Insurance Company.
6. Integrity and Confidentiality
- We will take all appropriate security measures to safeguard to confidentiality of your personal details.
- Data is stored on a password protected computer, in a password protected file, on a secure system.
- Appropriate measures will be taken to dispose of any computer system, without compromising the security of your data.
- In the event of any breach of security, we will notify and seek advice from the Information Commissioner’s Office (ICO).