Privacy Policy

Eri Ito takes your privacy seriously. I am dedicated to safeguarding your personal information while providing a personalized and valuable service. Please note that my site may contain links to third-party sites that are not covered by this Privacy Policy. We recommend reviewing the privacy policies of any third-party sites you visit.

Personal information is collected exclusively by and for Eri Ito. All data provided is treated as confidential and will not be shared with any other person or organization without your written consent. As part of the patient record, I am required to retain information for consultation, treatment, and subsequent follow-ups.

I collect personally identifiable information (your "Data") through:

• Enquiry and registration forms

• Purchase of services

• Providing your details either online or offline

Your personal data is collected and processed for three primary reasons, in accordance with GDPR:

1. Provision of Treatment: To provide you with the best possible care, I need to collect information about your health. Your request for treatment and my agreement to provide that care forms an (unwritten) contract.

2. Legitimate Interest: Collecting this information is essential for practicing acupuncture effectively and safely.

3. Appointment Management: I maintain your contact information to confirm your appointments.

After submitting the Patient Details Form, Data Protection, and Consent Forms online, your information is securely stored in Microsoft 365. This data is accessible only via password-protected devices. Clinical records are either scanned and stored as digital form on Microsoft 365 or retained as paper records in a secure cabinet at my home. Records are kept for 7 years after you cease to be a patient, after which they will be deleted. Text messages are stored on a password-protected phone. 

​Eri Ito has implemented measures to ensure that your data is protected against unauthorized access, alteration, unlawful destruction, or accidental loss. User data may be transferred to data processors who act on my instructions to provide required services.

Your information will never be shared with anyone without your written consent, unless legally required.

You have the right to access your personal data and request corrections to any inaccuracies. I am legally required to respond to such requests within 30 days. If you wish to update your information or change your marketing preferences, please contact me. A statutory fee may apply for providing copies of your data.

Concerns can also be raised with the Information Commissioner’s Office at https://ico.org.uk/concerns/.

By using Eri Ito's site and communicating electronically, you agree to process personal data. If you consent to your data being shared with third-party organizations, you also agree to potentially transfer your data outside the European Economic Area. 

I do not knowingly collect information on children under 14 years of age. If notified by a parent or guardian, I will delete such data.

This policy is effective as of December 2011. I may update this Privacy Policy to reflect changes in legislation, best practices, or website enhancements. Any changes will be posted here.