Privacy Policy
Privacy Policy:
Company Name: Family Physio
Office: 17 HP7 9BU
1. Introduction
1.1. This Privacy Notice applies to Family Physio (“we”, “us”, or “our”).
1.2. We take the privacy of your personal data seriously. This Privacy Notice describes how we collect, process and use your personal data in accordance with the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulation (“GDPR”).
2. Data Controller
2.1. For the purposes of the DPA and GDPR, we are the data controller. This means we are responsible for deciding how your personal data is processed and for ensuring it is done so in compliance with the data protection laws.
2.2. If you have any enquiries regarding the collection or processing of your data, please contact us via email: familyphysio@googlemail.com.
3. Your Consent
3.1. By using our website and/or submitting information to us, you consent to the collection, processing and use of your personal data as set out in this Privacy Notice.
3.2. We are registered with the Information Commissioner’s Office for data protection purposes – registration number ZB403337.
4. Information We Collect
4.1. We may collect the following data about you and your child:
• Personal details: Title, Name, Date of Birth
• Contact details: Home Address, Personal Email, Business Email, Sex, Home Telephone Number, Mobile Telephone Number, Work Telephone Number
• Medical information: Medical insurance details, Referral Source, Special Category Data (health/medical information)
• Healthcare provider details: GP / Consultant Details
4.2. We collect information about you in the following ways:
• Website contact us page
• Email correspondence
• Telephone
• Face to face consultation
• Social media (Facebook, Twitter, Instagram, LinkedIn)
5. How We Use Your Personal Data
5.1. We will only use your personal data for the purposes set out in this Privacy Notice and in accordance with the legal basis for processing. We will never disclose, share or sell your data without your consent, unless required to do so by law.
5.2. The legal basis for processing your personal data are:
• To provide you with our physiotherapy services (contractual necessity)
• To comply with our legal obligations (legal obligation)
• With your consent, for marketing purposes (consent)
5.3. We use your personal data for the following purposes:
• To book appointments and identify you
• To send appointment confirmations and reminders
• To maintain physiotherapy notes (legal obligation)
• To share your data with other healthcare professionals involved in your care (with your consent)
• To share your data with your referring company or insurer (with your consent)
6. Your Rights
6.1. You have a number of rights in relation to your personal data under data protection laws. These include:
• The right to access your personal data
• The right to rectification of inaccurate data
• The right to erasure of your data (right to be forgotten)
• The right to restrict processing of your data
• The right to data portability
6.2. You can make a request to exercise any of these rights by contacting us using the contact details set out in Section 2.2. This may incur a fee.
7. Sharing and Disclosing Your Personal Information
7.1. We will not share or disclose your personal information without your consent, except as set out in this Privacy Notice or where there is a legal requirement.
7.2. We may use third-party processors to provide certain services on our behalf. These processors will only process your data in accordance with our instructions and under strict obligations to comply with data protection laws.
8. Consequences of Not Providing Your Data
8.1. You are not obligated to provide your personal data to us. However, as this information is necessary for us to provide you with our services, we will not be able to offer our services without it.
9. Data Retention
9.1. We will only retain your personal data for as long as necessary for the purposes set out in this Privacy Notice.
9.2. We are required by law to keep your basic personal data for a minimum period of time after your treatment is complete. Data held both on paper & electronically will be kept until your child’s 25th birthday after which it will be destroyed safely.
9.3. We will securely delete your personal data when it is no longer required.
10. Security and Breaches
10.1. We have implemented appropriate security measures to protect your personal data from loss, unauthorised access, use, alteration or disclosure.
10.2. In the event of a personal data breach, we will notify you.