Privacy Policy

Privacy Policy for TheraPhysio Physiotherapy Clinic

Last Updated: 05/07/2025

1. Introduction

1.1. TheraPhysio ("we", "us", "our") is committed to protecting your privacy and handling your personal data in accordance with the UK’s Data Protection Act 2018 and the General Data Protection Regulation (GDPR).

1.2. This Privacy Policy outlines how we collect, use, store, and protect your personal data when you visit our physiotherapy clinic, book an appointment, or interact with us in any other way.

1.3. By booking an appointment with us or using our services, you agree to the terms of this Privacy Policy.

2. Data We Collect

We collect personal data that is necessary for providing physiotherapy services to you. The types of personal data we collect include:

• Personal Identification Information: Name, address, email address, phone number, date of birth, gender.
  
  

• Health Information: Medical history, current health condition, treatment plans, medications, allergies, injuries, and any other health-related details you provide to us.
  
  

• Payment Information: Credit card details, payment history, billing information.
  
  

• Communication Details: Records of our communications, including emails and phone calls.
  
  

• Gym Usage Information: If applicable, information about your use of the Gym's facilities in relation to physiotherapy treatments.
  
  

3. How We Use Your Data

We use the personal data we collect for the following purposes:

• Providing Physiotherapy Services: To assess, treat, and manage your care, including medical history, diagnosis, and treatment plans.
  
  

• Booking and Appointment Management: To schedule, confirm, and manage your appointments and provide reminders.
  
  

• Payment and Billing: To process payments, send invoices, and handle billing queries.
  
  

• Communication: To respond to your inquiries, provide customer support, and send relevant updates (e.g., appointment reminders, newsletters, etc.).
  
  

• Legal and Compliance: To comply with regulatory requirements and legal obligations, such as maintaining accurate medical records.
  
  

4. How We Store and Protect Your Data

4.1. Data Storage: Your personal data is securely stored in Cliniko which is a well-established practice management software. We take all reasonable steps to ensure the safety and security of your information.

4.2. Security Measures: We implement industry-standard security measures to protect your personal data, including encryption, secure passwords, firewalls, and access controls.

4.3. Data Retention: We will retain your personal and medical data for as long as required by law or as necessary to provide the services you have requested. For medical records, this will be in accordance with the healthcare regulations applicable in the UK.

4.4. Third-Party Access: Your data may be shared with third-party providers (e.g., payment processors, insurance providers, other healthcare professionals) only where necessary to provide our services or as required by law. We ensure that any third-party providers we work with are GDPR-compliant.

5. Your Rights Under GDPR

You have several rights in relation to the personal data we hold about you. These include:

• Right to Access: You can request a copy of the personal data we hold about you.
  
  

• Right to Rectification: You can request that we correct any inaccurate or incomplete data we hold about you.
  
  

• Right to Erasure: You can request that we delete your personal data, subject to certain legal exceptions.
  
  

• Right to Restriction of Processing: You can ask us to restrict the processing of your personal data under certain circumstances.
  
  

• Right to Data Portability: You can request that we provide your data in a structured, commonly used format, and transmit it to another service provider.
  
  

• Right to Object: You can object to the processing of your personal data for direct marketing purposes or based on legitimate interests.
  
  

To exercise any of these rights, please contact us using the details in Section 9 below.

6. Sharing Your Data

6.1. With Your Consent: We may share your personal data with other medical professionals, including doctors, physiotherapists, or specialists, to ensure that you receive the best care.

6.2. For Payment and Insurance: If your physiotherapy treatment is covered by insurance or requires payment processing, we may share necessary information with your insurance provider or payment processors to process claims or payments.

6.3. Legal Requirements: We may share your personal data if required to do so by law, regulation, or to protect the rights, property, or safety of TheraPhysio, our customers, or others.

6.4. Gym: If you use Gym facilities in connection with your treatment, relevant data may be shared with Gym staff to coordinate your care and ensure your safety.

7. Cookies and Tracking Technologies

7.1. Our website may use cookies or similar technologies to improve your experience, such as remembering your preferences or tracking your visits. You can control cookie settings through your browser or device settings.

7.2. For more information, please refer to our Cookie Policy (if applicable).

8. International Data Transfers

8.1. We do not generally transfer your personal data outside of the UK or the European Economic Area (EEA). If we do need to transfer your data outside of these regions, we will ensure that appropriate safeguards are in place, such as using standard contractual clauses.

9. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

TheraPhysio
Unit 49, Portmanmoor Road Industrial Estate, Portmanmoor Rd, Cardiff CF24 5HB – at Naked Ground Health Club
07852469594
malexiou@theraphysio.co.uk
www.theraphysio.co.uk

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website, and the revised policy will be effective from the date of publication.

End of Privacy Policy