Effective date: 20th July 2019
The Physio & Sports Injury Clinic is committed to protecting and respecting the confidentiality, integrity and security of the personal information of all individuals whose data we hold. Therefore we want to make it clear what information we collect about you from you, when we collect it and why we collect it. Definitions: ‘We’, ‘Us’ and ‘Our’ = The Physio & Sports Injury Clinic.
Where do we collect personal information
We collect information about you from various sources:
when you fill in our website contact forms
When you phone us
when you email us
when you message us via Facebook or Instagram
when you fill in a new patient registration form in the clinic
Based upon the information you provide us with, we will communicate back to you in response to your enquiry, to provide the services you request and to manage your account with us fully.
You do not need to register with us to view this website. Registration forms are only required to be filled in when; you arrive at our clinic as a new patient, if you have changed your personal details or if we have changed our terms and conditions then we will ask you to complete a new registration form again.
3. How we use your personal information
We collect the above information about you:
to provide you with support which you have enquired about
to provide you with the service which you have requested
to create a digital client record online on cloud-based practice management software - WriteUpp (see section 4).
to inform you about other services we offer that may complement your treatment with us via email, post or phone call (see section 5).
for management and auditing of our business operations
to comply with all legal and regulatory obligations
to comply with any contractual agreements from referral sources. (E.g. Health Insurance or any 3rd party referral companies who may be funding your treatment on your behalf).
To request a copy of any of your data then please submit an ‘Access Request’ to us in writing to the address below (in section 10). As part of GDPR regulations, *please note* that your right to be forgotten will be overridden, as there are legal requirements to keep medical records for a mandatory period of 8 years from your most recent appointment, after which time they are permitted to be destroyed/deleted.
4. PRACTICE MANAGEMENT SOFTWARE data
We take your privacy seriously and will take all reasonable steps to ensure the protection of your data. Your data is stored on cloud-based software - WriteUpp. Access to this software is via password & HTTPS (Hypertext Transfer Protocol Secure) and SSL/TLS (Secure Sockets Layer/Transport Layer Security) authentication. All cloud data is stored on the secure hosting platform - Microsoft Azure along with 256-bit encryption, making it GDPR compliant.
We use this software to record all appointment dates/times, services provided, treatment notes, assessment forms and all finances. From here we are able to send out appointment confirmation & reminders by email & text message (if requested). All clinical assessment forms & notes created are locked as ‘Read only’ after 24hrs & cannot be modified again (inline with HCPC regulations). Data stored in this software may also be analysed for marketing purposes to help recall past patients (see section 5).
We may make contact with you in the future about clinic news, offers and information about other services that maybe of interest to you, using the information you originally provided to us. We may contact you via post, email &/or phone call. You have the right to stop us from contacting you for marketing purposes at any time by contacting us in writing to be removed from our marketing list (see section 10.) If you have enquired about our services by any means but you don’t end up attending any appointments, your details given may still be saved and added to our marketing database to receive direct marketing for a period of time thereafter. If you also ‘Like’, ‘Follow’ or ‘Direct Message’ us on our social medial channels (Facebook &/or Instagram), we may re-market our services to you as well through organic and/or paid advertising on these two channels too.
6. Website hosting
7. Website Cookies
8. Other Websites
E-gift cards are sold on this website via a 3rd party provider (SquareUp). The Physio & Sports Injury Clinic is not liable for the privacy practices & security of your data when you make a purchase through SquareUp. When making a E-gift card purchase you are agreeing to SquareUp’s privacy/security policies as well. Following an E-gift card purchase, The Physio & Sports Injury Clinic are given the following data from SquareUp to store until the gift card is redeemed: Purchases name, Recipient’s name, Email, Voucher code and Total amount paid. The Physio & Sports Injury Clinic do not receive any transactional data from E-gift card sales.
9. Policy changes
We reserve the right to make changes to our privacy terms at any time. Please feel free to check this page periodically for any changes we may make. Once a change has been made we will amend the “Effective date” at the top of this page.
10. Contact us
The Physio and Sports Injury Clinic, Le Sport Health and Fitness, Colwyn Avenue, Rhos on Sea, LL28 4RB.