At Potton Vets we’re committed to protecting and respecting your privacy.
This Policy explains when and why we collect personal data (in this document the words ‘personal data’ and ‘data’ are used to describe information that is capable of identifying an individual) about people who visit our website and/or are clients of the practice. We will describe how we use that data, the conditions under which we may disclose it to others, how we keep it secure, and how you can access it and make changes if you choose to do so.
We may change this Policy from time to time. Please check this page occasionally to ensure you’re happy with any changes. By using our website / registering as a client, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to: firstname.lastname@example.org or by writing to Potton Vets, 9 Market square, Potton, Beds, SG192NP Alternatively, you can telephone 01767 260007.
We will cover:
- Who are we?
- How do we collect information from you and what type of information is it?
- How is your information used?
- Who has access to your information?
- Your choices
- How you can access and update your information including the right to be forgotten
- Retention of information
- Security precautions in place to protect the loss, misuse or alteration of your information
- 16 or Under
- Transferring your information outside of Europe
- Review of this policy
1. Who are we?
Potton Veterinary Limited trading as Potton Vets
Registered address – Ruthlyn House, 90 Lincoln Road, Peterborough, PE12SP
Trading Address – 9 Market square, Potton, Beds, SG192NP
We are a registered data controller with the ICO:
Data Controller Name: Potton Veterinary Limited
Registration Number: ZA076035
Date Registered: 18/09/2014
2. How do we collect information from you and what type of information is it?
We obtain information about you when you register with the practice, purchase products or services from the practice or use our website (for example, when you complete a contact form). The types of data we collect and process might include:
- Identity Data which may include your first name, maiden name, last name, marital status and title
- Contact Data may include your billing address, email address and telephone numbers
- Financial Data may include your payment card details which are used a single time and not stored. If you are a member of our Pet Health Club your bank account number, sort code and the name in which your account is held will be given directly to our healthcare plan providers, then destroyed. This data is then stored securely and is digitally encrypted
- Transaction Data may include details about payments between us and other details of purchases made by you
- Technical Data may include your internet protocol (IP) addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site
- Profile Data may include purchases, booked appointments, contact requests, your interests, preferences, feedback and survey responses. If you choose to connect with us via social media, eg Facebook or Twitter, we may collect your username, your name (including surname), email address, your gender and your location
- Usage Data may include information about how you use our website, products and services
- Sensitive Data We may need to process sensitive data about you in order to offer you the best service. An example of this might be a note about hearing loss or other accessibility information that might help us help you. We require your explicit consent for processing sensitive data, so when we collect and record this information we will ask you to confirm your consent to this processing
- Marketing and Communications Data may include your preferences in receiving marketing communications and reminder messages from us, and your communication preferences
- Aggregated Data may also be collected, such as the way you view our website, which pages are of interest etc. Some of this just lets us know how to make sure what we offer online is useful and suits our clients. This information does not reveal your identity and as such is not personal data. It only becomes personal data if we were ever to link this information with your personal data so that you can be identified from it, and then it is treated as personal data.
Where we are required to collect personal data by law or under the terms of the contract between us, and if you do not provide us with that data when requested, we may not be able to perform the contract (for example, see your pet in a consultation, carry out a procedure or dispense drugs to you). If you don’t provide us with the requested data, we may have to cancel our contract with you but if we do, we will notify you at the time.
We have CCTV in and around the practice for the purposes of prevention and detection of crime and employee training.
If you provide us with any personal data relating to any third party (eg information about your spouse or other family members) for particular purposes, by submitting such data to us, you warrant that you have obtained their consent to provide us with their personal data for those purposes.
Website recording and use of ‘cookies’
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit your settings. Turning cookies off may result in a loss of functionality when using our website.
Main Cookies used on our site
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site.
The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited
These are Google Maps third party cookies, which are unique identifiers to allow traffic analysis to Google Maps.
3. How is your information used?
Potton Vets may use your personal data to:
Carry out the practice’s obligations under contracts between you and us
Ask for your feedback on the services we provide
Notify you of changes to our services
Send you communications which you have requested and that may be of interest to you
Process a job application
Where we need to comply with legal or regulatory obligation
Generally, we do not rely on consent as a legal ground for processing your personal data. In order to meet our responsibilities under our contract with you, we will contact our clients when required to remind you when essential healthcare is due or if we think the health of your pet might benefit from information we send. Communication about these is essential to the long-term health of your pet and might include vaccination, parasite reminders and offers on services that might help your pet live a long, happy and active life.
We may use your information collected from our website, via cookies or direct input, to personalise communications to ensure they are relevant to you.
We review our retention periods for personal data regularly. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
The table below describes the way we intend to use your data, the legal grounds we will use to process it, and what our legitimate interests are:
Type of data
Lawful basis for processing
To register you as a new client
Performance of a contract with you
To process and deliver our commitment to you and your pet(s) including:
(e) Marketing and Communications
(a) Performance of a contract with you and your pet
(b) Necessary to meet our professional obligations
(c) Necessary for our legitimate interests to recover debts owed to us
To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey
(d) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests to keep our records updated and to study how clients use our products/services
To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
(a) Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise
(b) Necessary to comply with a legal obligation
To deliver relevant content and information to you – in addition to reminders – and measure and understand the effectiveness of our communication
(e) Marketing and Communications
Necessary for our legitimate interests to see how clients use our services, to develop them, to grow our business and to inform our marketing strategy
To use data analytics to improve our website, services, marketing, client relationships and experiences
Necessary for our legitimate interests to define types of clients for our services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy
To make suggestions and recommendations to you about goods or services that may be of interest to you
Necessary for our legitimate interests to maintain our obligations to you, your pet and the profession and develop our services in order to run a viable business.
4. Who has access to your information?
We will never sell your personal data to anyone.
Neither will we share your information with other companies for marketing purposes without your prior consent.
We may pass your information to carefully selected partners (eg service providers or sub-contractors) for the purposes completing tasks and/or providing services to you on our behalf (eg to process Direct Debit payments for our Pet Health Club, send reminders or to process insurance claims).
However, when we use third-party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure. Third-parties are subject to strict confidentiality obligations and may only use your personal data to perform the necessary functions and not for other purposes.
We may also disclose personal data as permitted or required by law. For example, if asked by the police or HMRC, we may share your personal data for the purposes of prevention or detection of crime. Information is not shared with them outside of this purpose.
In some instances, it may be necessary to transfer your personal data overseas. Any transfers will be made in full compliance with UK data protection laws.
In the event that our business is transferred, sold or integrated with another business, your details may be disclosed to our advisers or any prospective purchaser’s advisers and may be passed on to the new owners of the business.
5. Your choices
Responsible pet ownership includes a wide range of care, some of which will be administered by you; some by our vets and nurses.
• contacting you from time to time to remind you, for example, when vaccinations are due or when you should use parasite protection. Communication about these is essential to the long-term health of your pet. For that reason, we do not ask for your consent to send these messages as legitimate interest is our legal basis for doing so. However, if you have a preference as to how you would prefer to receive reminders (eg by SMS, email or post) please let us know by 01767 260007 or by emailing email@example.com and we will update our records.
• letting you know about products and services (provided by us) which we believe can help your pet to live a long, happy and active life – for example, advice on diet and nutrition, exercise or preventative healthcare. Again, we believe this advice and guidance to form the foundation of responsible pet ownership. However, each message we send will include instructions on how you can choose to opt-out of receiving future similar messages, if you prefer. Alternatively, you can contact us at any time and we will update our records.
In the course of providing care for your pet, we may sometimes be required to share your details with third-parties – eg your insurance company, or external laboratories for processing blood, urine or faecal samples. We only share the information that is necessary at the time, and those third parties do not have permission to use your data for anything else.
If another vet takes over the care of your pet for any reason (referral, emergency care or change of vet) we will forward your and your pet’s information to ensure continuity of care.
Other than is required to provide care to your pet, or as may be required by law, we will never share your data with anyone else.
We may occasionally hear of products and services, provided by others and not by us here at the practice, which may be of interest to you. We will only tell you about these products and services if you have given us your consent. You can update your preferences at any point.
6. How you can access and update your information
Maintaining accurate records is an important part of providing the best service to you and the best care for your pet(s). Periodically – for example when you bring your pet for an appointment – we will ask if any of your details have changed. You also have the right to request a copy of the information we hold,so that you can ensure its accuracy. You can do this by the following methods:
- Email: firstname.lastname@example.org
- Telephone: 01767 260007
- Write to us at: 9 Market Square, Potton, Bedfordshire, SG19 2NP
You also have the right to be forgotten and can request for erasure verbally or in writing and we have processes in place to ensure that we respond to a request for erasure without undue delay and within one month of receipt. We are also aware that there are circumstances when we can extend the time limit to respond to a request, and that the right is not absolute and only applies in certain circumstances.
You can find out more requesting information on the data collected about you here: https://ico.org.uk/for-the-public/personal-information/
7. Retention of information
Your personal data will be retained for as long as it is necessary to fulfil the purpose for which it is collected or for business or legal purposes, or in accordance with applicable laws.
Should you choose to withdraw consent for marketing contact, please note that your personal data may still be retained on our database to the extent permitted by law.
8. Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it is treated securely. All information transmitted via our website (such as payment card details or bank account information) is encrypted using industry-standard 256 Bit SSL. You can confirm this by looking for a padlock symbol in the address bar of any modern browser, such as Microsoft Internet Explorer, Apple Safari, Google Chrome or Mozilla Firefox.
Please note: emails are never guaranteed to be 100% secure. For this reason, we ask that you never send us any sensitive information (eg bank account details, payment card number etc) by email. Instead, please either call the practice and provide this information over the telephone or visit the practice in person.
If you send non-sensitive information (eg your email address, contact details etc) by email, you do so at your own risk. We’ll do everything we can to ensure its security.
On occasion it is also necessary for us to hold certain personal information about you on mobile electronic devices used by practitioners in the field. This information will sometimes include your name, email address, appointment address, and any related medical records. This is required in order for us to fulfil our contractual obligations with you. Devices are electronically secured and can only accessed by our staff.
Links to other websites
You may see links from our website to other, third-party websites. We have no control over those sites, or how they may process or handle your personal data. We recommend that you check the privacy policies on those websites too.
9. 16 or Under
We are keen to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
10. Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EEA. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
11. Review of this Policy
We review this Policy regularly. It was last updated in May 2018.