Privacy Policy
Information Protection Policy
Our team understands that your personal data is entrusted to us and appreciates the importance of protecting and respecting your privacy.
Respecting your privacy
To this end we comply fully with the data protection law in force in South Africa and all applicable clinical confidentiality guidelines including those published from time to time by APRSSA (Association of Plastic and Reconstructive Surgeons South Africa), the HPCSA (Health Professions Council of South Africa).
This Privacy Policy sets out the basis on which we collect and process personal data about you including our practices regarding the collection, use, storage and disclosure of personal data that we collect from you and/or hold about you, and your rights in relation to that data.
Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website, social media or other online or digital platform(s) you are accepting or consenting to the practices as described or referred to in this Privacy Policy.
When we refer to ‘we’, ‘us’ and ‘our’, we mean The Practice of Dr Chris Snijman.
What personal data may we collect from you?
When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual.
Accordingly, we may hold and use personal data about you as a customer, a patient or in any other capacity, for example, when you visit one of our websites, complete a form, access our services or speak to us. Depending on what services you receive from us this may include sensitive personal data such as information relating to your health.
Personal data we collect from you may include the following:
- Names, date of birth, gender
- information that you give us when you enquire or become a customer or patient of us or apply for a job with us including name, address, contact details (including email address and phone number)
- the name and contact details (including phone number) of your next of kin
- details of referrals, quotes and other contact and correspondence we may have had with you
- details of services and/or treatment you have received from us or which have been received from a third party and referred on to us
- information obtained from customer surveys, promotions and competitions that you have entered or taken part in
- recordings of calls we receive or make
- notes and reports about your health and any treatment and care you have received and/or need, including about clinic and hospital visits and medicines administered
- patient feedback and treatment outcome information, you provide
- information about complaints and incidents
- information you give us when you make a payment to us, such as financial or credit card information
- other information received from other sources, including from your use of websites and other digital platforms we operate (apps) or the other services we provide, information from business partners, advertising networks, analytics providers, or information provided by other companies who have obtained your permission to share information about you.
Where you have named someone as your next of kin and provided us with personal data about that individual, it is your responsibility to ensure that that individual is aware of and accepts the terms of this Privacy Policy.
Where you use any of our websites, we may automatically collect personal data about you including:
Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
The data that we request from you may include sensitive personal data. This includes information that relates to the mental or physical health or racial or ethnic origin (which may include children’s data). By providing us with sensitive personal data, you give us your explicit consent to process this sensitive personal data for the purposes set out in this Privacy Policy.
How do we collect personal data about you?
We may collect personal data about you if you:• visit one of our websites
- enquire about any of our services or treatments
- register to be a customer or patient with us or book to receive any of our services or treatments
- fill in a form or survey for us
- carry out a transaction on our website
- participate in a competition or promotion or other marketing activity
- make payments
- contact us, for example by email, telephone or social media
- participate in interactive features on any of our websites.
In the interests of training and continually improving our services, calls to us may be monitored or recorded.
What personal data we may receive from third parties and other sources?
We may collect personal data about you from third parties; We may be passed medical information usually in the form of a referral for the purposes of your treatment with Dr Chris Snijman or a third-party consultant; Consultants may need to share your personal data and medical records with Dr Chris Snijman;
Insurance providers may pass Dr Chris Snijman personal data of patients who have commenced a claim and require medical treatment with us. This will normally be in the form of a referral and may consist of basic details e.g full name, date of birth, address, contact number and email address and the type of procedure/treatment they require.
How do we use your personal data?
Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws, clinical records retention periods and clinical confidentiality guidelines.
Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with Nigerian laws and guidelines of professional bodies or for the purpose of clinical audits (unless you object).
Further details on how we use health related personal data are given below. We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it. Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.
We may use your personal data to:
- enable us to carry out our obligations to you arising from any contract entered into between you and us including relating to the provision of our services or treatments to you and related matter such as, billing, accounting and audit, credit or other payment card verification and anti-fraud screening
- provide you with information, products or services that you request from us
- provide you with information about products or services we offer that we feel may interest you. Unless you have consented to receive marketing communications by electronic means from us, by ticking the relevant box on the form on which we collect your data, we will only contact you by electronic means (e-mail or SMS) with information about products and services similar to those which you previously purchased or enquired about from us
- allow you to participate in interactive features of our services, when you choose to do so
- notify you about changes to our products or services
- respond to requests where we have a legal or regulatory obligation to do so
- check the accuracy of information about you and the quality of your treatment or care
- support your doctor, nurse or other healthcare professional
- assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise, so that these can be properly investigated
- to conduct and analyse market research
- to ensure that content from any of our websites is presented in the most effective manner for you and for your computer.
The security of your personal data
We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. We conduct assessments to ensure the ongoing security of our information systems.
Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable laws.
Your personal information may be stored at our practice in various forms:
As paper records
As electronic records
As visuals, videos & photos
Dr Chris Snijman stores all personal information securely, whether in electronic format, in protected information systems, which are encrypted with secure passwords, or in hard copy in secured cabinets.
Dr Chris Snijman uses a secure network and server. We use firewalls, malware protection, encryption, user identification and password controls. By submitting your personal data, and in providing any personal data to us, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy. Any payment transactions will be processed securely by third party payment processors.
The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.
At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.
Disclosure of your personal data
In the usual course of our business we may disclose your personal data (to the extent necessary) to certain third-party organisations that we use to support the delivery of our services.
This may include the following:
- medical insurance companies
- organisations providing IT systems support and hosting in relation to the IT systems on which your information is stored,
third party debt collectors for the purposes of debt collection, - delivery companies for the purposes of transportation,
- third party service providers for the purposes of storage of information and confidential destruction.
Where a third-party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under South African laws.
Health information collected during provision of treatment or procedure
Sensitive personal data (including information relating to your health) will only be disclosed to third parties in accordance with this Privacy Policy.
That includes third parties involved with your treatment or care, or in accordance with South African laws and guidelines of appropriate professional bodies. Where applicable, it may be disclosed to any person or organisation who may be responsible for meeting your treatment expenses or their agents. It may also be provided to external service providers and regulatory bodies (unless you object) for the purpose of clinical audit to ensure the highest standards of care and record keeping are maintained.
Medical professionals working with us: We share clinical information about you with our medical professionals as we think necessary for your treatment.
Medical professionals working with us might be our employees, or they might be independent consultants in private practice. In the case of independent consultants, the consultant is the data controller of your personal data, either alone or jointly with us and will be required to maintain their own records in accordance with Privacy laws and applicable APRSSA (Association of Plastic and Reconstructive Surgeons South Africa), the HPCSA (Health Professions Council of South Africa) guidelines and retention periods. Where that is the case, we may refer you to that consultant to exercise your rights over your data. Our contracts with consultants require them to cooperate with those requests. In all circumstances, those individual consultants will only process your personal data for the purposes set out in this Privacy Policy or as otherwise notified to you.
External practitioners: If we refer you externally for treatment, we will share with the person or organisation that we refer you to, the clinical and administrative information we consider necessary for that referral. It will always be clear when we do this.
Your Personal Doctor: If the practitioners treating you believe it to be clinically advisable, we may also share information about your treatment with your Personal Doctor. You can ask us not to do this, in which case we will respect that request if we are legally permitted to do so, but you should be aware that it can be potentially very dangerous and/or detrimental to your health to deny your Personal Doctor full information about your medical history, and we strongly advise against it.
From time to time we may also make information available on the basis of necessity for the provision of healthcare, but subject always to patient confidentiality.
In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).
We will use your personal data in order to monitor the outcome of your treatment by us and any treatment associated with your care.
Accessing and updating your information
The law gives you certain rights in respect of the personal data that we hold about you. Below is a short overview of the most commonly-used rights. It is not an exhaustive statement of the law.
- With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data that we hold about you
- You have the right to have the personal data we hold about you corrected if it is factually inaccurate. It is important to understand that this right does not extend to matters of opinion, such as medical diagnoses. If any of your personal data has changed, especially contact information such as: email address, postal address and phone number please get in touch with so we can ensure your personal data is kept up to date
- If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us The Privacy Officer at morningside@chrissnijman.co.za to write to us for the attention of the Privacy officer at the address below. In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to such a request.
Complaints should be sent to:
The Privacy Officer
morningside@chrissnijman.co.za
Privacy and our website Cookies are used for the purpose of security as well as for analytical purposes. We use analytics remarketing with Google analytics and Google adwords for general online marketing. As a result you may see promotions for Dr Chris Snijman on the internet. Google and Dr Chris Snijman use first party cookies (Google Analytics) and third party cookies (including Double click) together to inform, optimise and serve ads based on someone’s past visit to our website.