PRIVACY POLICY

We are currently updating our Privacy Policy to ensure we comply with the new General Data Protection Regulations (GDPR) which came into effect on 25th May 2018.
This privacy policy sets out how PhysioDirect (Sherwood) Ltd (PhysioDirect) uses and protects any information that you give PhysioDirect

PhysioDirect Sherwood Ltd. (“PhysioDirect”) operates PhysioDirect.com and may operate other websites. It is PhysioDirect’s policy to respect your privacy regarding any information we may collect while operating our websites.

PhysioDirect.com website also acts as a portal to other services. Although these are run or hosted by third parties we endeavour to ensure they are all GDPR compliant and no personal data is shared with these third parties, the case of the online booking system, this is a web extension of the Patient management software known as TM2, used by PhysioDirect throughout organisation but it is managed and hosted by the developers, BlueZinc. The servers that hold the patient data are hosted in the UK near Manchester. All servers and cloud storage used by PhysioDirect that potentially hold any patient data are located somewhere in the United Kingdom and are GDPR compliant.
PhysioDirect is committed to ensuring that all your personal data is protected and endeavour to ensure any third-party links or organisations work in the same way, we are not responsible – in any way – for the respective content of such sites. Please read the Privacy Policy of that site.

 

What data PhysioDirect may collect, either via the website, telephone email or face-to-face

The data collected will be all or part of the following:
• Full Name
• Full Address
• Post Code
• Date of Birth
• Contact numbers inc home, work or mobile
• Email address
• Employer (this is only collected if there is a contract in place with your workplace)
• Past medical history (any previous issues or past treatments to current problem)
• Current medical condition (what the problem is now)
• If pregnant (this is needed to assess the type of treatment)
• Current Activity (are they going to be running a marathon or on a football academy training scheme etc)

 

What will the data be used for?

The data collected will be used for initial booking, Initial assessment, any or ongoing Physiotherapy and any financial requirements such as invoicing and billing.
Any survey data collected, survey form link being sent out after treatment if you have opted in, will be used to assess the quality of PhysioDirect services and clinic facilities. You can opt out anytime or just not fill-in the form.
Any marketing data, if you have opted in, will be used to inform you of any new treatments or services available from PhysioDirect or other parties. None of your personal data will be shared with the third-parties. Third-party services information, if we feel would be of interest to you, contact would come directly from PhysioDirect. You can opt out anytime.
No data will be used for any other purposes other than those agreed or outlined in this Privacy policy

 

How long do we keep your data?

All patient medical records are kept for a minimum of 8 years, in the case of minors, until the age of 21. This is in line with the BMA and HCPC recommendations
All financial records are kept for a minimum of 7 years as required by HMRC

 

Is data shared with any third-parties?

No data is shared with any third-parties unless a request is made by an agency acting on behalf of the patient, such as a solicitor, insurance company, etc. or law enforcement agencies

 

How can I check the data you hold is current and correct?

You can make a data request any time and we will endeavour to meet your request within the 40 days allowed. We can provide an electronic version free of charge but any paper copies or other delivery methods other than email may incur an administration charge.

 

Cookies

In the GDPR, we see cookies mentioned in Recital 30, which states:

“NATURAL PERSONS MAY BE ASSOCIATED WITH ONLINE IDENTIFIERS…SUCH AS INTERNET PROTOCOL ADDRESSES, COOKIE IDENTIFIERS OR OTHER IDENTIFIERS…. THIS MAY LEAVE TRACES WHICH, IN PARTICULAR WHEN COMBINED WITH UNIQUE IDENTIFIERS AND OTHER INFORMATION RECEIVED BY THE SERVERS, MAY BE USED TO CREATE PROFILES OF THE NATURAL PERSONS AND IDENTIFY THEM.”

The idea is relatively simple: cookies can be used to uniquely identify a person, therefore we treat them as personal data. It will affect those identifiers used for analytics, advertising, but also those used for functional services like chats and surveys.
When you visit the website, www.physiodirect.com, you will be greeted with a cookie consent pop-up with more information than usual. Here you can choose to opt-in any particular areas and remain out of others. This can be changed at any time during your visit. It is important to note that remaining opted out of all the cookies will result in a limited experience.
PhysioDirect does not store these cookies and they are only used during your visit.

 

Privacy Policy Changes

Although most changes are likely to be minor, PhysioDirect may change its Privacy Policy from time to time, and in PhysioDirect’s sole discretion. PhysioDirect encourages visitors to frequently check this page for any changes to its Privacy Policy. If you have a PhysioDirect.com account, you might also receive an alert informing you of these changes. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

 

Contacting us regarding your data

Request deletion of user data
Export User Data
Rectification Request

Should you require any further information regarding what personal data we hold on you, perhaps you need to update your personal or change GDPR details you agreed to. Please feel free to email us at: data@physiodirect.com