As a Data Controller we make every endeavour to comply fully with the Data Protection Act 1998, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and other relevant legislation including the EU General Data Protection Regulation (GDPR).
Our promise to you:
- To be clear about why we collect your personal information and what we will use it for.
- To make it easy for you to tell us how you would like us to keep in touch.
- To collect the information, we need to make sure we deliver the best service to you.
- To never sell or share your personal information, or let other organisations use if for marketing purposes.
- To take good care of your personal information, and make sure it is up to date, safe and secure at all times.
- To make sure that any suppliers or partners who carry out work on our behalf meet the same high standards that we adhere to when handling your personal information.
We collect personal information from our clients, and by “opting in” to share your personal information with us, you will be agreeing to our collection and use of your information as described in this policy. If you no longer want us to process your personal details you can ask us to stop at any time by contacting email@example.com
The Physio Clinic Bristol Ltd use the information you share with us to:
- Make sure you receive the product, service or information you have requested.
- Carry out reasonable administration of your details and keep internal records.
- To keep in touch with you in the way that you have requested
Should we need to make changes to this policy from time to time, we will always provide you with the latest information about what is happening to your personal information.
What information does The Physio Clinic collect?
- Date of birth
- Contact information such as address, email addresses and telephone numbers
- Demographic information such as post code, age and interests
- Details of services and products used or purchased
- Medical information including correspondence received about you
- Details of medical insurance (if applicable)
What we do with your information
We will make sure that you receive the service you have requested. This may include email, text or phone calls during an active episode of treatment to ensure you receive the best service possible. We will process any payments and send you information relating to that service. We will also do our best to keep your information up to date. This includes monitoring returned mail to let us know if you no longer live at the address we hold for you. Please do let us know if your details have changed or need updating.
Receiving marketing information from The Physio Clinic Bristol Ltd will always be your choice. You can change your mind at any time and we will keep your preferences up to date. We limit the number of marketing communications we send to make sure we are not sending you too much but we will try and send you sufficient information so that you do not miss relevant news.
We will only contact you for marketing purposes by telephone, text message (SMS) or email if you have told us we can. We will only contact you by email if you have told us you would like to hear from us this way.
Who will have access to my information?
We will never sell your personal information, or let other organisations use it for their own purposes.
We will only share your personal information where:
- We are legally required to, or as a result of a lawful request by a government or law enforcement authority.
- Any data used by a contractor will be used only to the extent required by them to perform the services that The Physio Clinic Bristol ltd requests. Any use for other purposes is strictly prohibited.
- Any data that is processed by third parties must be processed within the terms of this Policy and in accordance with the Data Protection Act 1998 and GDPR.
- Our Patient Data is stored within TM3 (Blue Zinc) an on line, hosted system including TM3 Connect patient portal. This is secure and encrypted and governed by their data protection policy https://www.tm3practicemanagement.com/information/policy/
- Stripe Card payment services used for online payments have their own Priacy and Data polices which users will be required to agree to. No payment details are strored by The Physio Clinic Bristol Ltd
- Limited data (name & email) may be shared with Physiotec Exercise Prescription as part of your treatment programme.
- Limited data including medical information relating to your claim will be used to process insurance claims through any Private medical insurance company if you claim under a policy.
- With your consent your data may be shared with your doctor, occupational health department or insurer.
How do we keep your information safe?
The security of your personal information is paramount to us here at The Physio Clinic Bristol Ltd. Our networks are regularly monitored to ensure they remain secure and all computers used by The Physio Clinic Bristol Ltd are password protected and protected by anti-virus software and malware . We also regularly review our measures to ensure they are as far as reasonably possible up to date and in line with latest developments, particularly when we are handling payment information.
Data that is transmitted via the internet or in email, cannot be 100% secure. If transmitting medical information via email attachment, a secure email service (Egress Switch) is used for any attached documents.
We will take every reasonable precaution to keep your information safe but it cannot be guaranteed, so please be aware that any information you do transmit to us is at your own risk. Once we have received your information we will use our best efforts to ensure its safety within our network.
We will only hold paper records of your personal information for eight years unless we are required to hold it longer for legal or taxation reasons. If we dispose of your information it will always be done securely.
Change of Business Ownership and Control
The Physio Clinic Bristol Ltd may from time to time, expand or reduce its business. This may involve the sale of certain divisions or the transfer of control of certain divisions to other parties. Data provided by you will, where relevant, be transferred under the terms of this Policy, be permitted to use the Data for the purposes for which it was supplied by you.
Controlling Access to your Data
You have the right to a copy of the information we hold about you. This is called a subject access request. If you would like to make a subject access request you can do so by contacting us at:
We will provide you with it as soon as possible. You have the right to have incorrect information corrected and the right to object to further processing of your personal information for direct marketing.
You also have the right to request that your data be deleted from our records at any time. If you would like to make such a request, you can do so by contacting us at firstname.lastname@example.org
If you need help or have any questions about this policy and your rights regarding the processing of your personal information please contact:
For broader advice and guidance please contact the data protection regulator: The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF