General Data Protection Regulation (GDPR) Policy

I hold and process personal data that you provide to me in accordance with the DPA (Data Protection Agency) and GDPR (General Data Protection Regulation). ‘physioFpilates’ is committed to protecting your personal information and this privacy notice relates to my use of your personal information collected from you. By using my services or if you disclose personal information about yourself verbally or in writing you consent to this policy. Any enquiries regarding the data I hold or process should be directed to Felicity Cottenham at felicity@physiofpilates.co.uk

About me

I work as a Sole Trader under ‘physioFpilates’. I teach Physiotherapist led Pilates classes and offer 1:1 Physiotherapy and Pilates sessions.

Information I collect and what I do with it

I collect personal information from you to appropriately handle your enquiry and if appropriate to then provide the clinical services Physiotherapy and/or Physiotherapist led Pilates.

This personal information may include:

  • Name

  • Date of birth

  • Address

  • Email address

  • Contact number for you and next of kin

  • Occupation

  • Detail of your condition that you are seeking treatment for or conditions that may impact on your ability to exercise

  • Medical history

  • Details of any other professionals involved in your care

This information may be collected in a number of ways:

  • Over the telephone

  • By email

  • By Facebook or Instagram message

  • By text message

  • Through my website e.g. when you complete the ‘contact me’ page with an enquiry

  • On receipt of the registration form which you have completed prior to joining a Pilates class

  • During initial assessment or subsequent sessions either through you completing a medical history, written information or from verbal information given during the session

  • During initial assessment or subsequent sessions I will record physical (objective) findings, treatment offered and your response to treatment

Use of your information

The information that I collect and store relating to you is primarily used to enable me to provide my services to you and for my internal record keeping as per Healthcare Professions Council and Chartered Society of Physiotherapy Standards. In addition I may also use the information for the following purposes:

  • To let you know by email about upcoming classes or workshops

  • To notify you about any changes to my services or website

  • To email you a prescribed exercise program

How long do I keep personal information

I have a legal obligation to retain records for 8 years after the conclusion of treatment. If the record relates to a child or young person, the records must be kept until the patient’s 25th birthday or 8 years after death.

I may hold your records in a safe and secure way for an undefined period to ensure ongoing Physiotherapy care unless you make a request for your records to be destroyed in an appropriate manner after the 8 years has passed.

Disclosure of your information

I may disclose your information to regulatory bodies where I am required to do so by law.

When you have consented for me to do so I may provide your information to third parties, for example writing a discharge letter to your GP.

Where I store and transfer your data

The confidentiality and security of your information is of great importance to me. I am committed to ensuring your information is secure and take great care when handling your personal data. I have ensured that I have the appropriate security measures (both physical and electrical procedures) in place to prevent unauthorised access, accidental damage, destruction or loss.

Security

The transmission of data via email, the internet or postage is not completely secure. Although I will endeavour to protect your personal information I cannot guarantee the security of your data while you are emailing, using an online form or posting; any such transmission is at your own risk.

Where I have given you a password so that you can access certain parts of my website, you are responsible for keeping that password confidential.

Controlling your Information

If you believe that any information I hold on you is incorrect or incomplete, please write to or email felicity@physiofpilates.co.uk as soon as possible. I will promptly correct any information found to be incorrect.

The DPA and GDPR give you the right to access information about you held by me. If you wish to request confirmation of what personal information I hold relating to you please email felicity@physiofpilates.co.uk - there is no charge and I will provide this information within one month of your request.

Changes to this policy

I will review this policy from time to time and update it as needed to reflect any changes in my service or changes in the law.

Please review this policy regularly to be kept up to date in how I am protecting your personal data.

If you have any queries, comments or requests regarding this Privacy Policy please do not hesitate to contact me.