top of page

PRIVACY POLICY

This Privacy Policy applies to Physio Fitness Rehab and describes how personal data is collected, processed and stored. By providing your personal data to Physio Fitness Rehab or by using services, website or other online or digital platform(s) you are accepting or consenting to the practices as described or referred to in this Privacy Policy. Physio Fitness Rehab is required to process personal data relating to, patients and suppliers as part of its business operations – and takes all reasonable steps to do so in accordance with this policy. This policy adheres to GDPR.

​

How personal data is collected

Information may be collected in person, by letter, by email, by phone, by our website or upon completing a new patient registration form. When you disclose personal information verbally, in writing or electronically, you consent to our use of the information for services.

​

Why your personal data is processed
The personal data that is collected, processed and stored is required in order to provide services, and as such is required to comply with legal HCPC (Health Care Professional Council) and CSP (Chartered Society of Physiotherapy) regulations for the documentation of medical records. Our reasons for the collecting, processing and storing personal data are:

​

·       To provide and fulfil Services between yourself and Physio Fitness Rehab

·       To refer you onto a GP or Consultant, where you have given your consent

·       To notify you about changes to this Service and provide customer support

·       To gather analysis or valuable information so that we can improve this Service

·       To monitor the usage of this Service

·       To detect, prevent and address technical issues

·       To provide you with news, special offers and general information about services Physio Fitness Rehab offers that           are similar to those that you have already purchased or enquired about, unless you have opted not to receive               such information.

​

What data is collected

Personal information may include name, date of birth, address, contact numbers, email address, enquiry source, insurance details, emergency contact and medical information. Where you have named someone as your next of kin and provided us with their personal data, it is your responsibility to ensure that that individual is aware of and accepts the terms of this Privacy Policy. Personal data is collected from our website if provided by yourself, for example, when completing the online enquiry form and/or e-newsletter sign-up form. Google Analytics is used to analyse and monitor our website, including but not limited to traffic data, location data and communication data. This information is used to create reports about our website; this data will not identify you personally.

​

Who has access to the data

Only those who need to have access to your data to fulfil either a required administrative function or to provide a service to you. The personal data that they have access to is limited to that which they need to fulfil their roles. This may include administration staff. We only share information with third parties at your request or where required by law.

​

Where is your data stored

We store all data on IT systems, backed up securely off-site with appropriate technical and organisational security measures in place. All computers and IT systems are protected by password and anti-virus software. Your medical notes will be stored in a cloud-based Software Management System. All steps will be taken as is reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.

The transmission of information via the internet and email is not completely secure and we cannot guarantee the security of data whilst you are transmitting it via our website or by email, and such transmission is at your own risk.

How long is your data stored for

The standard retention period for medical records is 8 years, as per the CSP guidelines, however we will hold your personal data for as long as is necessary for the purposes set out in this Privacy Policy.

Accessing and updating your personal data

You have the right to stop receiving marketing communication and you have the right to have the personal data we hold about you corrected if it is factually inaccurate. If any of your personal data has changed, especially contact information such as: email address, postal address and phone number please get in touch via rachelevansphysio@gmail.com

This privacy policy is subject to change. Please check regularly for updates to this policy to be informed of how your personal data is protected.

​

Your rights

You have the following rights in relation to your Data: 

  1. Right to access - the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is "manifestly unfounded or excessive." Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why. 

  2. Right to correct - the right to have your Data rectified if it is inaccurate or incomplete. 

  3. Right to erase - the right to request that we delete or remove your Data from our systems. 

  4. Right to restrict our use of your Data - the right to "block" us from using your Data or limit the way in which we can use it. 

  5. Right to data portability - the right to request that we move, copy or transfer your Data. 

  6. Right to object - the right to object to our use of your Data including where we use it for our legitimate interests. 

To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: rachelevansphysio@gmail.com

bottom of page