BOOK NOW

Osteo and Physio privacy notice

 

This privacy notice tells you what to expect us to do with your personal information

Scope

This privacy notice (sometimes referred to as a privacy policy or privacy statement) concerns personal data, which is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject) that is not already in the public domain.

The UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR), seek to protect and enhance the rights of UK data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and its storage within the UK. 

Osteo and Physio Contact details

Telephone

0345 5577788

Email

info@osteoandphysio.co.uk

What information we collect, use, and why

For the purposes of providing our services we may require detailed medical information. We will only collect what is relevant and necessary for your treatment. When you visit our practices, we will make notes which may include details concerning your health, medication, treatment and other issues affecting your musculoskeletal conditions. This data is always held securely, is not shared with anyone not involved in your treatment, although for data storage purposes it may be handled by pre-vetted staff who have all signed an integrity and confidentiality agreement. To be able to process your personal data it is a condition of any treatment that you give your explicit consent to allow us to document and process your personal medical data. Contact details provided by you such as telephone numbers, email addresses, postal addresses may be used to remind you of future appointments, provide reports or other information concerning your treatment. 

We collect or use the following information to provide services and goods:

  • Names and contact details
  • Addresses
  • Date of birth
  • Purchase or account history
  • Health information (including dietary requirements, allergies and health conditions)
  • Website user information (including user journeys and cookie tracking)
  • Records of meetings and decisions
  • Information relating to compliments or complaints

We also collect or use the following information to provide services and goods:

  • Health information

We collect or use the following information for service updates or marketing purposes:

  • Names and contact details
  • Addresses
  • Marketing preferences
  • Location data
  • Website and app user journey information
  • Records of consent, where appropriate

We collect or use the following information to comply with legal requirements:

  • Name
  • Contact information
  • Financial transaction information
  • We also collect or use the following information to comply with legal requirements:
  • Health information

Lawful bases

We process your data in accordance with Article 6 of the UK GDPR under the lawful basis of;

(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

We recognise that some of your data falls under the ‘special category data’ and we process this data in accordance with Article 9 of the UK GDPR specifically’

(a) Explicit consent

(h) Health or social care (in accordance with Part 1 of Schedule 1 of the DPA 2018)

Our lawful bases for collecting or using personal information to provide services and goods are:

  • Consent
  • Legal obligation
  • Legitimate interest:

We store personal information and health record notes in order to provide you with health services including but not limited to Osteopathy, Physiotherapy and massage services.

Our lawful bases for collecting or using personal information for service updates or marketing purposes are:

  • Consent

Our lawful bases for collecting or using personal information for legal requirements are:

  • Consent
  • Legal obligation

Where we get personal information from

  • People directly
  • Health care providers
  • Insurance companies

How long we keep your information

Children and young people

England, Wales, and Northern Ireland

Retain until the patient’s 25th birthday or 26th if young person was 17 at conclusion of treatment, or 8 years after death.

Scotland

Until the patient’s 25th birthday, or 26th if an entry was made when the young person was 17; or 3 years after death of the patient if sooner.

All other records

England, Wales, and Northern Ireland

8 years after the conclusion of treatment or death.

Scotland

6 years after last entry, or 3 years after the patient’s death.

Who we share information with

Data processors

Cliniko: This data processor does the following activities for us: Cliniko is the clinic management system used by Osteo and Physio clinics and is used to store all personal patient data and medical records. Cliniko also sends out patient confirmation information and reminders on our behalf.

Others we share personal information with

If relevant to your ongoing treatment, your personal information and clinic notes may be securely shared with companies within the Osteo and Physio group, specifically;

  • Osteo and Physio Ottery ltd
  • Osteo and Physio Wellington ltd
  • Osteo and Physio Newton Abbot ltd
  • Osteo and Physio Honiton ltd
  • Osteo and Physio Cullompton ltd
  • Osteo and Physio Sidmouth ltd
  • Osteo and Physio Exmouth ltd
  • Osteo and Physio Tiverton ltd
  • Osteo and Physio Epsom ltd
  • Osteo and Physio Staines ltd

Your data protection rights

Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal data.

Your right to rectification – You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal data in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal data in certain circumstances.

Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.

Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent.

You don’t usually need to pay a fee to exercise your rights. If you make a request, we have one calendar month to respond to you.

To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.

Website users

Personal identification information

We may collect personal identification information from users in a variety of ways, including, but not limited to, when users visit our site, fill out a form, and in connection with other activities, services, features or resources we make available on our site. When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, phone number or other details to help you with your experience. Users may, however, visit our site anonymously. We will collect personal identification information from users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain site related activities.

We use this information to follow up with a user after correspondence.

We may also collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our site, such as the operating system and the internet service providers utilized and other similar information.

Web browser cookies

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. How we use collected information

The site may collect and use users personal information for the following purposes:

  • To improve customer service. Information you provide helps us respond to your customer service requests and support needs more efficiently.
  • To send periodic emails. We may use the email address to respond to user enquiries, questions, and/or other requests.

How we protect your information

To protect this information the site is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.

Sharing your personal information

We do not sell, trade, or rent users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.

We have implemented the following:

We, along with third-party vendors such as Google use cookies (such as the Google Analytics cookies) to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative opt-out page or by using the Google Analytics opt-out browser add-on.

Your acceptance of these terms

By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

How to complain

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address:           

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

Last updated

8 July 2024

Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative opt-out page or by using the Google Analytics opt-out browser add-on.

Our Clinics

Ottery
Cullompton
Tiverton
Sidmouth
Wellington

Epsom

Staines

Honiton

Newton Abbot

Contact Us

03455577788

info@osteoandphysio.co.uk

Book Online

The Osteo & Physio App

Services

Osteopathy
Massage
Physiotherapy
Shockwave Therapy
Sports Therapy
Pilates

About Us

Our Clinicians
Prices
Blog
Franchising

Privacy Policy