Privacy Policy

Urmston Physio Clinic – Privacy Policy

 

At Urmston Physio Clinic we are committed to maintaining the trust and confidence of our visitors and clients at the clinic and on our website. In particular, we want you to know that Urmston Physio Clinic is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. As the General Data Protection Regulation (GDPR) came into effect on the 25th May 2018, we wanted to let you know how we look after your data.

 

In this Privacy Policy, we have provided detailed information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

 

We take your privacy very seriously, therefore we urge you to read this policy very carefully because it contains important information about us and:

  • The personal information we collect about you, our users
  • What we do with your information, and
  • Who your information may be shared with

 

 

 

1 Who we are

 

Urmston Physio clinic (‘we’ or ‘us’) are a ‘data controller’ for the purposes of the General Data Protection Regulation, we are responsible for and control the processing of, your personal information.

 

 

 

2 Information we collect

 

We collect this information for healthcare provision.

 

 

2.1 Personal information you provide us

 

We collect the following personal information that you provide us:

·         Full name

·         Date of birth

·         Email address

·         Contact number

·         Address

 

Some examples of when we collect this information include:

·         When registering to book for an appointment

·         When registering to inquire about information

 

 

2.2 Personal information provided by third parties

 

The type of third parties include:

·         Insurance Companies (e.g. Bupa, Aviva, WPA,  AXA PPP)

·         Referral Agencies (e.g. HCML, IPRS, Nuffield Health)

·         Private Consultants

·         General Practitioners

·         Solicitors

 

This information may include:

·         Full name

·         Date of birth

·         Email address

·         Contact number

·         Address

·         Policy number

·         Reference number/Case ID

·         Relevant clinical information

 

All information shared to Urmston Physio Clinic from Third Parties and other sources are referrals or collaboration that have been pre-approved by a client who has agreed to share this information.

 

We will register this information for the following purposes:

·         To ensure the client has an account with us

·         To book the patient in with an appropriate practitioner

·         To collaborate directly with your medical and health provider

 

 

2.3 Personal information you provide about third parties

 

If you give us information about another person, you confirm that the other person has appointed you to act on their behalf and agreed that you:

·         Should consent on their behalf to the processing of their personal data;

·         Shall receive any data protection notices on their behalf; and

·         Shall consent on their behalf to the transfer of their personal data abroad.

 

 

2.4 Monitoring and recording communications

 

We may monitor communications such as emails and telephone calls for purposes including:

·         Quality assurance

·         Training

·         Fraud prevention

·         Compliance

 

 

2.5 Cookies and similar technologies

 

A cookie is a small text file, which is placed onto your computer or electronic device when you access our website (www.urmstonphysioclinic.com). Similar technologies include web beacons, action tags, local shared objects, (‘flash cookies’) and single pixel gifs. Such technologies can be used to track users’ actions and activities, and to store information about them.

 

For example, we may use cookies to monitor and/or collect the following information:

·         How many times a user visits the website

·         Which pages a user visits

·         Traffic data

·         Location data

 

You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.

 

For further information on our use of cookies, please see our website cookie policy.

 

For further information on cookies, a useful resource is www.allaboutcookies.org.

 

 

 

3 How we use the information we collect

 

We collect information about our users for the following purposes:

·         Provision of healthcare services.

·         Booking appointments.

  ·         Provision of other services (e.g. release of healthcare records to a service user or authorised third party).

 

 

 

4 Who your information may be shared with

 

We may share your information with:

  • Law enforcement agencies in connection with any investigation to help prevent unlawful activity
  • We do not share information with third parties other than when agreed by the client to a third party on the client’ behalf.
  • Third parties that have referred you to us.

 

 

 

5 How we store your information

 

Your information may be stored in paper or electronic format. When paper records are kept we ensure that they are stored securely. Some electronic data is stored outside of the European Economic Area (EEA); the jurisdiction outside of the EEA in which your information may be stored provides a high level of data privacy and security in line with the GDPR. We also use advanced data encryption methods to further secure your information.

 

While we will use all reasonable efforts to secure your personal data, in using our website you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us using the details below.

 

 

 

6 What rights do you have?

 

 

6.1 Right to request a copy of your information

 

You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or all of it, please:

·         Email, call, or write to our data protection officer (see details below)

·         Provide us with proof of your identity (a copy of your driving license or passport and a recent utility or credit card bill), and

·         Let us know the information you would like a copy of, including any account or reference numbers, if you have them.

 

 

6.2 Right to correct any mistakes in your information

 

You can require us to correct any mistakes in your information, which we hold free of charge. If you would like to do this, please:

·         Contact us using the contact details below.

·         Provide us with proof of your identity (e.g. driving license or passport).

·         Let us know the information that is incorrect and what it should be replaced with.

 

 

6.3 Right to delete your information

 

You may request for us to delete some of all of the information that we hold about you subject to the type of information. If you have received treatment from us in the past then we must legally retain your health records and some personally identifiable information such as full name, date of birth, address, and a contact number.

 

6.3.1 Retention Periods

 

Urmston Physio Clinic is a private physiotherapy business and does not retain personal data for longer than necessary.

 

The guidelines that Urmston Physio Clinic follow are in accordance with the GDPR that replaces the Data Protection Act 1998, where records form as legal record of treatment and therefore must be retained safely and securely. The legal requirement to retain records for a certain period relates to the legal period for bringing civil claims under Personal Injury Law or Contract law as defined by the Limitation Act 1980 and The Limitation (Norther Ireland) Order 1989.

 

An individual has three years to bring a personal injury claim (with some exceptions) and six years if they wish to bring the claim under contract law. Therefore, records must be retained at least until the limitation period has expired.

 

Urmston Physio Clinic aims to store health records securely for a maximum of seven years based on the above. Paediatric records may be stored for longer.

 

 

6.4 Right to ask us to stop contacting you with direct marketing

 

You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:

·         Email, call or write to us (using the contact details below).

·         Provide us with proof of your identity (e.g. driving license or passport).

·         Let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).

·         Unsubscribe directly on a campaign.

 

From time to time, we may also have other methods to unsubscribe from any direct marketing including for example, unsubscribe buttons or web links. If such are offered, please note that there may be some period after selecting to unsubscribe in which marketing may still be received while your request is being processed.

 

 

 

7 Contacting us

 

If you have any questions about the policy or the information we hold about you, please contact us by:

 

Email: admin@urmstonphysioclinic.com

 

(Data protection officer – Carl Healy) carl@urmstonphysioclinic.com

 

(you should contact the data protection officer directly if you would like to make a subject access request).

 

Post:

Urmston Physio Clinic

220 Higher Road

Urmston

MANCHESTER

M41 9BH

 

Telephone: 0161 748 4100