We are committed to protecting and maintaining the privacy of visitors to our website or when communicating electronically with us. This privacy policy provides information on how we use and protect your personal information. In visiting our website and providing your personal information, you are accepting to the collection, use, and transfer of your information in accordance with this policy.

​

We use your personal information to improve our service and to keep medical records for a minimum retention period to meet professional and legal requirements. This retention period will depend on factors such as age, and the minimum retention period for adults in England is eight years. Your personal information will be destroyed after this period unless required as a continuing client.

 

We comply with UK Data Protection legislation and our practice management system is compliant with both the Data Protection Act 2018 and General Data Protection Regulation (GDPR). All personal information will be held by Flex Physio Bath, as the data controller, and the Cliniko practice management system, as the data processor. 

​

Third party

We do not sell, rent, or share your personal information with any third parties not directly involved in the administration of appointments, completing medical records, or processing payments. With your express permission, we will communicate with other healthcare professionals such as GPs or hospital specialists, to facilitate appropriate patient care. 

​

Communications

We will use your contact details to communicate with you to assist with the administration of your appointments, which may include booking confirmations, changes and reminders. We may use your personal information to contact you with limited marketing or promotional materials.

​

Security

The transmission of information via the internet is not completely secure and any transmission is made at your own risk. Although we are committed to protecting your personal information, we cannot guarantee the security of personal information transmitted via our website or email. We do not store your payment information and use a third-party payment processing platform called Stripe (www.stripe.com). Stripe encrypts payment details before transmission to provide enhanced security for personal payment information. It is also recommended clients send any personal information via encrypted email to optimise security.

 

Access to your personal information

You are entitled to submit a ‘subject access request’ to request a copy of the personal information held about you in accordance with data protection legislation. These must be submitted to us in writing using the company email address. We will provide you with this information within 30 days, as per statutory guidance.

 

Contact

If you have any questions or comments regarding this privacy policy, please contact us via the email address listed at the bottom of this page.