At Physio 4 Wycombe, we treat as a priority and understand that we have a responsibility to protect and respect your privacy and look after your personal data.
This Privacy Notice explains what personal data we collect, how we use your personal data, reasons we may need to disclose your personal data to others and how we store your personal data securely.
Data Protection law will change on 25 May 2018
This Privacy Notice sets out your rights under the new laws.
Who are we?
Physio 4 Wycombe is a provider of Physiotherapy & Associated Wellbeing Services, based in High Wycombe, Buckinghamshire. Physio 4 Wycombe has a practice at The Clock House, Frogmoor, High Wycombe, Bucks HP13 5DL and Stokenchurch Medical Centre, Oxford Road, Stokenchurch, Bucks HP14 3SX. Fraser Jackson is the registered Data Protection Officer for Physio 4 Wycombe. Physio 4 Wycombe is the trading name of FNB Limited Registered in England No. 4343601
How the law protects you
Data protection laws state that we are only able to process personal data if we have valid reasons to do so. The basis for processing your personal data includes, but is not limited to, your consent, performance of a contract, to enable billing and remittance, and to contact you for patient care/treatment purposes.
How do we collect personal data from you?
At Physio 4 Wycombe we take your privacy seriously. We receive information about you from you when you use our website, complete forms on our website, if you contact us by phone, email, complete the initial assessment form and any subsequent treatment sessions. The information is likely to include your name, address, date of birth, phone numbers, email address, information related to your health and applicable medical conditions relevant to your treatment together with information regarding your ongoing treatment and progress.
Your personal data may be automatically collected when you use our services, including but not limited to, your IP address, device-specific information, server logs, and location information.
What type of data do we collect from you?
The personal data that we may collect from you includes your name, address, DOB, email address, phone numbers, payment information, IP addresses and medical and health related information. We may also keep details of your visits to our clinics including, but not limited to traffic data, location data and medical and health related information. We also retain records of your queries and correspondence, in the event you contact us.
How do we use your data?
We use information about you in the following ways:
- To provide you with products and services as required for your treatment;
- To communicate with you (for example to notify you of changes to your appointments and keep you informed/updated on your treatment and health/medical condition).
- To comply with our contractual obligations, we have with you;
- To help us identify you and any accounts you hold with us;
- To enable us to review, develop and improve the service we offer you;
- To provide patient care, including responding to your requests if you contact us with a query;
- To administer accounts, process payments and keep track of billing and payments;
- To detect fraud and to make sure what you have told us is correct;
- To carry out marketing and statistical analysis;
- To notify you about changes to our website and services;
- To provide you with information about products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes; and
- To inform you of service and price changes.
We will keep your personal data for the duration of the period you are a patient of Physio 4 Wycombe. We shall retain your data only for as long as necessary in accordance with applicable laws.
When you are discharged from treatment, we will keep your data for up to 8 years after your last appointment with us or up until the age of 25 years for patients under 18 years of age. After this date it will be securely destroyed.
We may not be able to delete your data before this time due to our legal obligations. We may also keep it for research or statistical purposes. We assure you that your personal data shall only be used for these purposes stated herein.
Who has access to your personal data?
Here is a list of all the ways that we may use your personal data and how we share the information with third parties. For clarity, we have grouped them into the specific products and services that we offer:
We process your data for administration, billing, support and the provision of physiotherapy treatment.
For the avoidance of doubt, we DO NOT and never shall sell your personal data to third parties for marketing or advertising purposes.
We work closely with a few third parties (private medical companies like BUPA, AXA PPP, etc.) and we may receive information from them about you. These third parties may collect information about you including, but not limited to, your IP address, device-specific information, server logs, device event information, location information, unique reference and authorisation numbers and medical and health related information. We use their features within our website, however, in some instances, they may be acting as data controller and they will have their own privacy policies, which we advise you to read.
We may pass your personal data to third parties for the provision of physiotherapy treatment on our behalf (for example request for further treatment). However, we will only ever share information about you that is necessary to provide the service and we have specific contracts in place, which ensure your personal data is secure and will not be used for any marketing purposes.
You can edit your personal details by emailing email@example.com. We maintain a procedure to help you confirm that your personal information remains correct and up-to-date or choose whether you wish to receive material from us at your first appointment when completing the as-sessment form.
In addition, you can object to processing of your personal information, ask us to re-strict processing your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us by emailing – firstname.lastname@example.org
In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our obligations to you. It may also mean that we shall be unable to provide physiotherapy and associated wellbeing services.
You have the right to object to our use of your personal data, or ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as your right to be forgotten. There are legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly.
Our Privacy Notice shall be made clear to you at the point of collection of your personal data.
You can view, edit or delete your personal data by emailing us your request at email@example.com
We DO NOT use your data for any other purposes other than those required and deemed necessary to provide a physiotherapy service and to help you get better.
We DO NOT sell or share your data with any other organisations without your specific consent or instruction.
Accessing and updating your data
You have the right to access the information we hold about you. Please email your requests to firstname.lastname@example.org so that we can obtain this information for you.
Cookies and other similar technologies may be used to collect anonymised data about your visit.
Links to other sites
Physio 4 Wycombe may provide links to third party sites. Since we do not control those websites, we encourage you to review the privacy policies of these third-party sites. Any information that is supplied on these sites will not be within our control and we cannot be responsible for the privacy policies and practices of these.
Where we store your personal data
When you fill out the forms on the Physio 4 Wycombe web site, we store the data you send us in a secure manner. We use this information to improve patient care and for marketing purposes. This data is NOT passed on to any third-party organisations and resides in a secure web-based database.
When you complete the initial assessment form this is copied onto your data base which is stored in a secure web-based database. The original form is shredded, and no paper copies retained.
Your name, date and times of appointment are kept in paper form in a diary. This is kept securely and stored in a locked facility.
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
Please e-mail any questions or comments you have about privacy to us email@example.com
Your right to make a complaint
You have the right to make a complaint about how we process your personal data to the Information Commissioner:
Information Commissioner’s Office
Tel: 0303 123 1113
Review of this Policy.
We keep this Policy under regular review. This Policy was last updated in June 2018.