Nicola Brown of Integrative Physiotherapy is responsible for collecting, processing, storing and safe-keeping personal and other information as part of providing a service and carrying out our regular business activities. We manage personal information in accordance with the Data Protection Act 2018 and we are registered as a Data Controller with the Information Commissioner’s Office Registration Number ZA690850.
Any questions regarding our processing of personal data should be directed to us via firstname.lastname@example.org
Our Privacy Statement governs any kind of processing where we are acting as a data controller or co-controller (including collection, use, transfer, storage and deletion) of personally identifiable information (any information that may be used to identify a physical person, and any other information associated therewith) about natural persons. This statement applies to our processing of data collected through any means, actively as well as passively, from persons located anywhere in the world.
We are guided by the following principles when processing data:
- We will only collect data for specific and specified purposes; we will make it clear at the point when we request your information, what we are collecting it for and how we are going to use it;
- We will not collect data beyond what is necessary to accomplish those purposes; we will minimise the amount of information we collect from you to what we need to deliver the services required;
- We will collect and use your personal information only if we have sensible business reasons for doing so, such as providing you with physiotherapy and/or health coaching services, or sending out our monthly newsletter (which you would have opted in for).
- We will not use your data for purposes other than those for which it was collected, accepted as stated within our policy, or with your prior consent;
- We will seek to verify and/or update your data periodically and we will accept requests from you for amendment of the data held;
- We will apply high technical standards to make our processing of data secure;
- Except otherwise stated, we will not store data in identifiable form longer than is necessary to accomplish its purpose or as required by law.
The information we may collect about you could include, but is not limited to:
- Personal details
- Family details
- Lifestyle and social circumstances
- Financial details (not held by Integrative Physiotherapy)
- Physical or mental health details
- Racial or ethnic origin
When we obtain special category data from you, we will always get your consent first.
We keep an inventory of personal data we hold on our patients and this is available on request.
We will collect information from you when:
- You sign up to our newsletter or mailing list
- You download an opt-in
- You start receiving treatment from us (in person or virtually)
- You join a course or programme
- You contact us for information via our website or social media channels, by phone or email
- You post on our social media channels, website or blog
We may use the information collected to:
- Allow you to process a booking for an appointment or programme
- Send you our newsletters or provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes
- Ensure that content from our site is presented to you in the most effective manner for you and your computer
- Allow you to participate in the service you have chosen to do so
- Notify you about changes to our service
Information on the company mobile phone (for calls and texts), is password protected and stored under your initials (including a number if needed), so they are unidentifiable.
Identifiable information created on the company laptop is password protected, then emailed, printed off, or stored in Cliniko records, and then deleted.
If you use our contact form, sign up for the newsletter, or book an introductory call, then your email address, name and phone number, will be stored on the WordPress-managed website.
Mailpoet (newsletter plug-in for WorkPress), send out emails and newsletters through the webpage, and Webmail host the company email account. Email addresses and names will be stored by them both.
On-line payments and therefore name, address and card details are held by Stripe (payment services provider).
Once you start receiving treatment through Integrative Physiotherapy (individually or in groups), clinical notes (including special category data), diary appointments, demographic and contact information are stored within Cliniko (practise management software).
Rehab My Patient (exercise software) stores name and email address when a personalised exercise programme is devised through them to be able to be sent out to you.
If payment to Integrative Physiotherapy is through AXA, Vitality Health or Aviva, then Healthcode (a medical bill clearing company), is mandated to be used to process all invoices. Name, date of birth, insurance company, diagnosis code, and dates of appointments are held by them.
Firstbeat (heart rate varaiability company), if used, is provided with your name and email address to be able to set you up on the system. All other data is held in the app, which only you and Nicola Brown have access to.
WordPress, Mailpoet, Webmail, Stripe, Cliniko, Rehab My Patient, Healthcode and Firstbeat have their own privacy policies and will protect your data. You can find out more here:
We will never sell your personal information with third parties.
LEGAL BASIS FOR PROCESSING YOUR DATA
The General Data Protection Regulation (GDPR) provides that processing of your data shall only be lawful if and to the extent that at least one of the following applies:
- You have consented
- For the performance of a contract
- For compliance with a legal obligation which we must perform
- To protect vital interests of your or another person
- It is in the public interest
- It is in the legitimate interests pursued by us or a third party
We collect data for the purposes set out above. Data is managed to ensure that it is either erased from our system when it is no longer required for the purpose for which it was collected, retained for legal reasons or minimised and retained.
Any health data collected from you has special protection and is limited to that permissible by law. In all instances where special category data is collected, we will obtain your express consent.
LINKS FROM OUR SITE
We will make it as easy as we can for you to opt out of unwanted processing, providing it does not restrict our ability to provide you with the primary service you have requested.
Please note if you wish to unsubscribe from any marketing emails that you have signed up for, you can do so by emailing email@example.com or clicking onto the unsubscribe link on the marketing email that was sent to you. It may take 24 hours for this to become effective.
WEBSITE ANALYTICS & TARGETED MARKETING
We use website analytics to provide the best user experience and service to you and to evaluate and improve our site. We do not utilise third party data analytics but collect statistics on:
- Bounce rate (percentage of single-page sessions in which users view only a single-page then exit)
- Page views
- Time on page
- Page load time
- Exits (number of times users exit the website through the specific post or page)
CHANGES TO OUR POLICY & FUTURE PROCESSING
We do not intend to process your personal information except for the reasons stated within this privacy notice. If this changes, this privacy notice will be amended and placed on our website at www.integrative-physiotherapy.co.uk/privacy-statement/
We continually review our privacy practices and may change our policy and privacy statement from time to time. When we do this an amended privacy statement will be placed on our website at www.integrative-physiotherapy.co.uk/privacy-statement/
This privacy notice was published in January 2022 and last updated on 21/02/2023.
If you are concerned about how we are collecting, using and/or sharing your personal information, you can contact our Data Protection Officer, Nicola Brown on firstname.lastname@example.org