Privacy Notice 


Caitriona Ryan Dermatology is committed to protecting the privacy and security of your personal information. This Privacy Notice describes how we collect, process and disclose your personally identifiable information ("Your Information") when you use our services, including our website, whether you are a patient, primary healthcare provider, or simply a visitor, and any personal information received from third parties acting on your behalf.


We have created this Privacy Statement in order to demonstrate our practice commitment to privacy. The following discloses our information gathering and dissemination practices. In order to fully understand your rights, we encourage you to read this Privacy Statement and to consult the Terms and Conditions of Use (the “Terms”). Each time you use our services you will be bound by the then current Privacy Statement and you should review this each time you use the software to satisfy yourself that you are happy with it. This Privacy Statement sets out the basis on which any personal data we collect from you or that you provide to us will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Prof Caitriona Ryan is registered as a data controller (EU 2016/679). All personal data in possession of Caitriona Ryan Dermatology is processed in accordance with the obligations of the Data Protection Acts 1988 and 2003 (the “Data Protection Acts”) and the European Union General Data Protection Regulation (GDPR) which will supersede the Data Protection Acts on May 25th 2018. The software we are using to store your information (the “Software”) is operated and powered by KM Medical Software Limited. They are an Irish company registered under company number 396182 with a registered address at Suite 9, South Terrace Medical Centre, Infirmary Road, Cork. They are registered as  a data processor with Data Protection Commissioner (Registration No.10822/A). If you have any queries about how we use your information or have a complaint, please email

Acceptance of this Privacy Statement

By using our services, you signify acceptance of this Privacy Statement on your own behalf. Where you are using  our services on behalf of a third party, you agree that you have brought the terms of this Privacy Statement to the attention of that third party. If you do not agree with or you are not comfortable with any aspect of the Privacy Statement or you have not obtained the appropriate consent, you should discontinue use of our service. We reserve the right to modify this Privacy Statement at any time. Your continued use of any of our services following notification or posting of such changes will constitute your acceptance of those changes. 

Information we may collect from you

We may collect and process the following data:

  • Information that you provide to us to generate your personalised medical record. This includes information provided at the time of registering as a patient, entry of sensitive personal data such as medical screening data including screening information, laboratory and questionnaire results.

  • If you contact us for any reason, we may keep a record of that correspondence.

  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.


Where we store personal data

The data that we collect will be stored in our services provider's (KM Medical Software Limited) data centres within the European Economic Area (EEA). By submitting personal data, you agree to the transfer, storing or processing of this data within the EEA. We will take all reasonable steps necessary to ensure that data is treated securely and in accordance with this Privacy Statement.  All information you provide to us is stored on our services provider's (KM Medical Software Limited) secure servers in the encrypted format. Any payment transactions will be encrypted using secure technology. 


Uses made of your information

We use information held about you:

  • To provide you a better medical service and to have adequate medical information for continued optimal and safe care

  • To provide you with personalised medical reports or services that you request from us or which we feel may interest you

  • To carry out our obligations arising from any contracts entered into between you and us

  • If applicable, to provide data to your primary healthcare provider (GP), other medical consultants or other service providers in order to improve your health

If you do not want us to use your data in this way you should discontinue your use of our services. You should notify your primary healthcare provider(GP), or another service provider as appropriate. However, if you have any questions or concerns in relation to this Privacy Statement or storage of your data, you may also contact us at

Disclosure of your information

We may disclose your personal information to your primary healthcare provider, other medical consultants or other service providers We make no warranty or representation as to how your primary health care provider(GP) or service provider continue to use your data collected through the website or Software. Please note that these parties will have their own data protection procedures and policies and we do not accept any responsibility or liability for these procedures and policies.


We take your online security very seriously and our Software has security measures in place to protect the loss, misuse and alteration of the information under our control. We use 256bit encrypted transfer(SSL) in the software and website.  We endeavour to use appropriate technical and organisational measures in order to secure the confidentiality of your personal data, to prevent unauthorised or unlawful processing of such personal data, and to protect against accidental or unlawful destruction, accidental loss, alteration or unauthorised disclosure or access and to otherwise protect the security of such personal data. We use the highest level of security and encryption methods available for processing your data and payments online. This means your payment details are as secure as they possibly can be when you make a purchase from us. All data transmitted to and from the iMedDoc platform is secured via the SSL protocol (using only high-grade 256-bit encryption ciphers). Credit card information is never stored by us.

We also strictly adhere to best practices of data protection.


Your rights

You have the right to ask us not to process your personal data. You can exercise this right by discontinuing your use of our services and by contacting your primary healthcare provider (GP) or service provider as appropriate. You may also contact us by emailing


Access to information

You have the right to request a copy of the information held about you by contacting us. You may be charged a fee for this which will not exceed €5.99. You also have the right to change any inaccuracies in the detail held about you, the right to object to the use of this data and the right to block any specific use of this data, by means of a request in writing to us.


Data retention and disposal

When personal information is no longer required, it will be destroyed, deleted or de-identified securely after an acceptable period of time. In view of the need to monitor skin lesions and skin pathology longitudinally over time, medical records will be retained for 20 years from the last date of contact with the service provider or eight years after the service user‟s death (whichever is the earlier) and then destroyed under confidential conditions.


Queries, concerns or complaints

Questions, comments and requests regarding this Privacy Statement are welcomed and should be addressed to us in at Caitriona Ryan Dermatology, 62 Merrion Road, Ballsbridge, Dublin 4, or

Your complaint should be in writing and you should provide sufficient details together with any supporting material regarding your complaint. On receipt of your complaint, we will take steps to investigate the issue and will notify you of the outcome. We will endeavour to respond to your complaint within a reasonable period. If you are not satisfied with our response, you can contact us to discuss your concerns further or make a complaint to the Office of the Data Protection Commissioner (see

Privacy Notice Effective 23 May 2018