iConsult Software Limited (Ltd) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our clients and members and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Who Are We?
iConsult Software Ltd is a limited company registered in England under company number 0826400.
Registered address: 6 Chestnut Walk, Worthing BN13 3QL
VAT number: 252083819
Data Protection Officer: Peter Glock
Email address: Peter@iconsult.global
We are registered with the Information Commissioners Office.
What Does This Notice Cover?
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
What Personal Data Do We Collect?
We may collect some or all of the following personal data (this may vary according to your relationship with us).
In accordance with Data Protection Law, we hereby notify you that iConsult Software Ltd will collect and process personal information in order to carry out our service as your aesthetic medical practitioner. The patient registration form, medical questionnaire and consultation record requests personal information about you which identifies you individually (including your name, address, date of birth, email address, telephone numbers, certain financial information where necessary). It also collects sensitive personal information (including information about your medical history) which we consider to be reasonably necessary to enable the Clinic to provide services to you. You will also be invited to have a photograph(s) taken of the relevant part(s) of your face and/or body to assist your Healthcare Professional in the consultation and treatment.
The information you give and any photographs you permit to be taken will be processed and held electronically and stored online by the Clinic/your Healthcare Professional through the iConsult System. If you return to the same Clinic for further consultations using the iConsult database the information obtained and photographs taken during the course of such further consultation will be added to your records and stored in the same way as above.
The information and photographs are processed and stored on behalf of the Clinic/your Healthcare Professional by iConsult Software Ltd for the purpose of keeping records of your consultations with your aesthetic medical practitioner and treatments carried out.
Your information may also be used by the Clinic/your Healthcare Professional for the purpose of offering and providing benefits to you, for statistical profiling and for analysis of the development of the activities of the Clinic.
By proceeding with your consultation you consent to the collection processing and storage of personal information as outlined above.
Analytics. This website uses Google Analytics. This does not individually identify users or cross-reference your IP address with any other Google data. We use Google Analytics to help us understand and record our website traffic and usage.
Flash Cookies. Certain features of our website may use locally stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Sites. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices about How We Use and Disclose Your Information.
Web Beacons. Pages of our website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
1. For the purposes of understanding roles in regard to the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) – iConsult Software Ltd is defined as the Data Processor and the Client is the Data Controller.
3. The Client, as Data Controller, appoints iConsult Software Ltd as a Processor to process the Personal Data as described on the Client’s behalf.
4. iConsult Software Ltd will only process the Personal Data to provide the Services or otherwise to comply with applicable laws or regulatory requirement.
5. iConsult Software Ltd will ensure that any person with access to or processing the Personal Data is subject to a duty of confidence.
6. iConsult Software Ltd will take appropriate technical and organisational security measures to ensure the security of processing and protect the Personal Data from accidental or unlawful destruction, loss, alteration, unauthorised access or disclosure or unlawful processing.
7. The Client authorises iConsult Software Ltd to appoint subprocessors as they deem appropriate or necessary for the provision of the Services.
8. iConsult Software Ltd will assist the Client in providing subject access and allowing data subjects to exercise their rights under the GDPR.
9. iConsult Software Ltd will assist the Client in meeting its GDPR obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments.
10. iConsult Software Ltd will provide mechanisms for the Client to download all Personal Data at any time, to delete the record of a single Data Subject, and to delete all Personal Data at the end of the contract.
11. The Client may exercise their right of Audit under GDPR legislation through iConsult Software Ltd providing an audit report not older than 18 months prepared by an independent external auditor demonstrating iConsult Software Ltd technical and organisational measures are sufficient to meet the obligations of a Data Processor under GDPR.
12. iConsult Software Ltd will submit to Client audits and inspections, provided the Client pays an applicable audit fee in full, and in advance of the commencement of such audit.
13. iConsult Software Ltd will immediately inform the Client if it is asked to do something infringing the GDPR or other data protection law of the EU or a member state.
14. Nothing within this contract relieves iConsult Software Ltd of its own direct responsibilities and liabilities under the GDPR.
Accessing and Correcting Your Information
You can review and change your personal information by logging onto our website and visiting your account profile page.
You may also send us an e-mail at firstname.lastname@example.org to request access to, correct or delete any personal information that you have provided to us. In some cases, we cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Who we share your data with
In order to effectively store records online, it may be necessary for iConsult Software Ltd to transfer personal information to third party data storage providers on the basis that they are contractually obliged to keep all information secure and confidential. The information may be accessed at any time by your Clinic/Healthcare Professional. The information will not otherwise be disclosed by iConsult Software Ltd and its data storage providers except where required by law.
What rights you have over your data
The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You are entitled, subject to Data Protection Law, to request from the Clinic/your Healthcare Professional a copy of any information held about you. Please direct your request to your Clinic so that they may retrieve the relevant data from iConsult Software Ltd for you. For your care and protection, there are certain restrictions on the release of health information.
How we protect your data
All communications with our servers are encrypted with SSL/TLS (Transport Layer Security).
We follow the latest industry standards and guidelines for protecting our customer’s data against unauthorised access.
For improved security we also offer the ability to use two-factor authentication, This feature is also implemented by the banks requiring you to use a separate device, an application on your phone or SMS code verification when you log into your bank account. When activated even if someone steals your password they cannot access the software without the second authentication mechanism.
We implement two-factor authentication using:
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.
The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the WebSites like message boards. The information you share in public areas may be viewed by any user of the WebSites.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our WebSites or via our Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the WebSites, Software or via the Services.
iConsult Software Ltd use Marotori and Amazon Web Services Its as our hosting Partners.
All services provided by Marotori may be used for lawful purposes only. Transmission, storage or presentation of any information, data or material in violation of any British law is prohibited. This includes, but is not limited to: copyrighted material, material we judge to be threatening or obscene, or material protected by trade secret and other statute. The subscriber agrees to indemnify and hold Marotori risk-free from any claims resulting from the use of service which damages the subscriber or any other party. This agreement is specifically bound by British law and will be upheld in an English Court of law.
Prohibited are sites that promote any illegal activity or present content that may be damaging to Marotori’s servers, or any other server on the Internet. Links to such materials are also prohibited.
Examples of unacceptable content or links:
• Pirated software
• Hacking programs or archives
• Warez sites
• Child pornography
- Images, movies or sound with which you are not or do not hold copyright privileges to.
NOTICE: IF YOUR ACCOUNT IS FOUND TO BE IN BREACH OF THIS CONTRACT IN TERMS OF PROVIDING / STORING CONTENT WE DEEM TO BE ILLEGAL, DEPENDING ON THE SEVERITY, YOUR ACCOUNT WILL BE TERMINATED IMMEDIATELY AND THE PROPER AUTHORITIES NOTIFIED OF YOUR ACTIONS. FOR MINOR BREACHES, YOU WILL BE SENT AN EMAIL WITH WHICH YOU HAVE 24(TWENTY-FOUR)HOURS TO COMPLY OR YOUR ACCOUNT WILL BE TERMINATED.