Intentional Physiotherapy would like to reiterate that your personal data is valued and processed in line with the new General Data Protection Regulations updated May 25, 2018.
This policy will explain transparently what type of data Intentional Physiotherapy collects from you, what we use it for and how we use it, how we protect it, the legal grounds we have for processing and storing your accurate data and finally the right you have to know what data we have on you.
What Personal or sensitive data does Intentional Physiotherapy collect intially:
-Contact details (email, phone number or Postal Address)
-Date of birth
Then from your initial assessment on wards we are likely to collect more sensitive data that is related to the health problem you have come to see Intentional Physiotherapy for:
-History of present condition you have come to seek treatment for
-Social history relevant to present condition
-Other relevant information to enable Intentional Physiotherapy to give you the professional care and treatment you deserve.
What Legal grounds do we have to collect this personal and sensitive data?
The first is that as a registered Healthcare Professional the legal grounds Intentional Physiotherapy has for processing your personal and especially your sensitive data is that it is necessary for medical purposes and to provide the best care and treatment.
The second ground will be that by making a choice to utilise the services here at Intentional Physiotherapy you will be asked to give explicit consent to give your personal and sensitive information.
How is my personal and sensitive data processed or utilised?
Intentional Physiotherapy only utilises your personal and sensitive data for medical purposes to provide the best care and treatment. Your contact details will be utilised to remind you of the time and date of your appointments /courses or workshops. If there is need to liaise with other Healthcare Professionals concerning your care then your written permission will be requested to do so, unless legally required to protect your vital interest. We do not use your personal data to market to you unless we obtain explicit consent from you to do so. There is an option to sign up on the website to receive the newsletter and information about events – you will have to choose to personally sign yourself up to this.
How is my personal and sensitive data stored?
GDPR compliant Wufoo electronic forms are initially utilised for gathering your pre-screening health questions. Hand written records of each and every assessment, treatment, course or workshop session attended will be stored in a securely locked facility which only the Data controller has access to. Personal contact data via email is stored on a password protected computer only accessible by the Data Controller. Intentional Physiotherapy has lawful grounds to store each client’s records for 6 yrs after the date of your final treatment session. This is to legally fulfill the guidelines of Intentional Physiotherapy’s professional bodies’ regulations (Health and Care Professions Council) as processing may be necessary for the establishment, exercise or defense of legal claims.
Third party service provider processors:
The website Intentionalphysiotherapy.com is powered and hosted by WordPress and has a SSL certificate. WordPress utilizes cookies to track the pages that visitors to our website look at for statistical purposes only. If you would like to use the automated booking system Acuity Scheduling or the payments processors PayPal or Stripe (for card payments) via our website/Facebook when booking an appointment or onto an event or workshop etc. then these payments processors and service providers have their own privacy policies which you need to read and ensure you are happy before utilising them. You are welcome to pay by card (izettle pay by card system) at your appointment if you prefer or book manually by emailing Intentional Physiotherapy directly. Acuity, Paypal and Stripe will email Intentional Physiotherapy with any proof of payment and this email will include the treatment /event you have paid for together with your name, address, email, card details and telephone number. Any email correspondence is through Intentional Physiotherapy’s business google email with an extra confidentiality lock applied and stored on my business laptop – for business use only.
Requesting to see your personal / sensitive data:
The only personal or sensitive data recorded, as laid out above, is information you will have given willingly to Intentional Physiotherapy at our face-to-face assessment and treatment sessions/courses/workshops or via the contacts page on our website. If you wanted to request to see this information again at any time please put a request to do so in writing to Intentional Physiotherapy via email: firstname.lastname@example.org and I will respond with a date of when this information will be given to you (normally within 30 days).
We aim to process and store accurate data:
Should any of you data change please contact us at : email@example.com to inform us of any changes so we can maintain accurate records.
Changes and Updates to this Policy
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Service, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.
How to Contact Us
Please contact us with any questions or comments about this Policy, your Personal Data, our use and disclosure practices, or your consent choices by email at firstname.lastname@example.org.