4/5 Rose and Crown Walk, Saffron Walden, 01799 610991 LATE NIGHT APPTS THURSDAYS

IPC-Saffron Walden
Home
BOOK VET, PAY LATER
BOOK HOME VISIT
IPC-Saffron Walden
Home
BOOK VET, PAY LATER
BOOK HOME VISIT
More
  • Home
  • BOOK VET, PAY LATER
  • BOOK HOME VISIT
  • Sign In
  • Create Account
  • Bookings
  • My Account

  • Signed in as:

  • filler@godaddy.com

  • Bookings
  • My Account

  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • BOOK VET, PAY LATER
  • BOOK HOME VISIT

Account

  • Bookings
  • My Account

  • Sign out

  • Sign In
  • Bookings
  • My Account

Privacy Policy

 

Independent Pet Clinics


CLIENTS 


What information do we process about you? 

For what purposes? 

How is it lawful for us to do it? 

- Contact information and Forms: When you choose to fill in a form on the Website or on third party websites featuring our advertising, we will collect the information included in the form usually - name, address, phone number, email or equivalent. 

- Behavioural and tracking details: e.g. location data, behavioural patterns, personal preferences, IP-number, cookie identifiers, unique identifier of devices you use to access and use the Services and our Websites. For more information visit our Cookie Policy. 

1. Communicating about products, Services and projects, responding to inquiries or requests. 

2. Providing and marketing our Services and/or products to you. 

3. Confirming your identity and verifying your personal and contact details. 

4. Advertising, Analyzing and Personalization. We use information about you that we gather from cookies and similar technologies to measure engagement with the content on the Sites, to improve relevancy and navigation, to personalize your experience and to tailor content  and our Services to you. With your permission or where allowed by law, we use and share Visitor Personal Data with others so that we may advertise and market our products and Services to you, including through interest-based advertising where allowed by applicable law, including subject to any consent requirements. See our Cookie Policy. 

Unless indicated otherwise, the legal basis for the processing of personal data is: 

- compliance with applicable laws and pursue our legitimate interest (purpose 3) 

- legitimate interest and consent (purpose 1, 2, 4). 

Our legitimate interests are (unless stated otherwise): 

- Marketing and providing new products and Services that might interest you (purpose 1, 2, 4). 

- Protecting against fraud, to develop and improve how we deal with financial crime and meet our legal responsibilities - (purpose 3). 

Children’s personal information 

Our Services are not directed at children under the age of 18. If we learn that any information we collect has been provided by a child under the age of 18, we will promptly delete that information. 

Your rights and privacy choices 

a. Choices related to communication and marketing 

If you have received marketing from us, you may at any time object to the marketing. The easiest way to do so is to opt out by following the instructions in the marketing material that you have received or by contacting us at karen@IPC-Clare.co.uk. 

Please note that we may continue sending you communication that is required or necessary for the provision of our Services, including providing such notifications that include important information and other communication that you request from us. You may not opt out of receiving these communications. 

b. Your data protection related rights 

We are happy to assist you in exercising your rights under data protection law. You have the right to: 

  • Be informed – you have the right to be informed about how we process personal data about you. We do this in this Privacy Policy. Nevertheless, you may always contact us if you have any further questions. 
  • Access to your personal information that we process. 
  • Rectification – you can ask us to update, complete or correct any inaccurate personal information. This right always applies. 
  • Erasure – have your personal data deleted under certain circumstances, if your data is no longer necessary for the purposes for which it was collected, and we have no legal ground for processing the data. Just to let you know, we may not be able to agree to your request. As a regulated payment services provider, we must keep certain customer personal data even when you ask us to delete it. We may not be able to delete your entire file because these regulatory responsibilities take priority. We will always let you know if we can't delete your personal data. 
  • Data portability. This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is carried out by automated means. 
  • Restrict the processing of your information under certain conditions. 
  • Object to the processing of your personal information (if we are using it for our legitimate interests). If our legal basis for using your personal data is 'legitimate interests' and you disagree with us using it, you can object. However, if there is an overriding reason why we need to process your personal data, we will not accept your request. 
  • Withdraw your consent to us using your personal information (please note, if you take back your consent, this will not affect our use of your personal information before you notified us that you no longer consent).  
  • Carry out a human review of an automated decision we make about you. If we make an automated decision about you that significantly affects you, you can ask us to carry out a manual review of this decision. 

You can exercise your rights by sending an email to Karen@IPC-Clare.co.uk   

For security reasons, we can’t deal with your request if we are not sure of your identity, so we may ask you for additional data to verify you, if this is proportionate to the request. If a third-party exercises one of these rights on your behalf, we may need to ask for proof that a third party has been validly authorized to act on your behalf.  

When you exercise one of these rights, we have one month to respond to you. We will usually not charge you a fee when you exercise your rights. However, we are allowed by law to charge a reasonable fee or refuse to act on your request if it is manifestly unfounded or excessive. 

If you are not satisfied with how we process your data, you have the right to lodge a complaint with us and/or with the relevant data protection authority. IPC will cooperate fully with any such investigation and endeavor to satisfy all queries as fully as possible. The relevant authority for each country can be found on the European Commission website: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. 

Please note that we only are directly responsible to you in cases where we are the controller of your personal information. Where we are acting as a data processor, you should contact the third party who is the data controller of your personal information. 

 

General Data Protection Regulation 

We have been carefully studying the General Data Protection Regulation (the “GDPR”) to understand the necessary actions we need to take to satisfy our obligations under the GDPR.  Here is a summary of what we’ve learned and the actions that we are taking when collecting data. 

GDPR Background 

The GDPR, the EU’s new privacy law that replaces the Data Protection Directive 95/46/EC, aims to bring order to a patchwork of privacy rules across the EU. If you would like to read the full GDPR, please find it here. 

The GDPR is legislation designed to harmonize data protection. It imposes new regulations for companies to protect consumers regarding data processing, access, and security. 

The GDPR was created around six core principles (Article 5) for personal data and the belief that personal data should be: 

  1. Lawfulness, Fairness and Transparency – Processed lawfully, fairly, and in a transparent manner in relation to individuals. 
  2. Purpose Limitation – Collected for specified, explicit, and legitimate purposes and not processed beyond those purposes. 
  3. Data Minimization – Adequate, relevant, and limited to what’s necessary in relation to the purposes for which they are processed; 
  4. Accuracy – Accurate and, where necessary, kept up to date. 
  5. Storage Limitation – Kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. 
  6. Integrity and Confidentiality – Processed in a manner that ensures appropriate security of the personal data. 

Independent Pet Clinics takes its legal and regulatory obligations seriously. Moreover, we take great care to ensure data privacy and security. The core of our business involves the collection of visitor data to help us to help your pets, which almost always includes personal data. We constantly work to ensure we collect, process, and share the data we deal with in a lawful, transparent manner. 

We collect data from visitors, and as such, we are considered the Controller. To that end, we wanted to share with our clients our practices and procedures related to data collection and GDPR compliance. There are two important features of our technology that allow us to satisfy key requirements of the GDPR: 

  • Remove visitor records– Through the account administration area, we can remove individual visit records so that they are no longer accessible. Those deleted visits then enter a Visit Log Trash, where we can then permanently incinerate them.  
  • Set a visitor data retention period– Included in our software is the ability to automatically remove visit records that are older than a certain date. This does not permanently delete the record from our database.  

Security: Our partners have implemented appropriate technical and organizational measures to satisfy the requirements of the GDPR, to ensure the level of security of personal data is appropriate to the level of risk, and to help ensure the protection of the rights of individuals. 

Some of the highlights of the security measures we’ve put in place include: 

  • All information is stored on a secure AWS Amazon server via the Heroku hosting environment. 
  • All traffic to the application from the iPad and browser is encrypted using AES_256_CBC, with SHA1 for message authentication and DHE_RSA as the key exchange mechanism. 
  • The Receptionist employs two layers of penetration testing and vulnerability assessment: Third-party security testing of the Heroku application is performed by independent and reputable security consulting firms and CodeClimate to perform code analysis and security assessments of our application prior to deploying to our production environment. 
  • Our hosting partner, Heroku, utilizes ISO 27001 and FISMA certified data centers managed by Amazon. 
  • The Receptionist contracts with a third party to perform Penetration Testing as an additional security measure. 

Dr Karen Edwards MRCVS 

Copyright © 2025 IPC-Saffron Walden - All Rights Reserved.

Powered by

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept

ALMOST UNLIMITED FREE CONSULTS

JOIN OUR PET HEALTH PLAN

Learn more