PRIVACY POLICY
Blackheath Physiotherapy & Pilates is fully committed to safeguarding your personal information by respecting and protecting your privacy. We understand that your personal information is entrusted to us and fully appreciate the importance of protecting this data and your confidentiality.
This policy explains when and why we collect personal information about you, how we use it, the conditions when we may disclose it to others and how we keep it secure. Please read this very carefully. By providing us with the following data or by using our services, digital platforms or website, you are consenting /accepting to the practices laid out in this policy. If you are under 16 years of age, your parent or legal guardian will be required to give consent on your behalf.
What type of information is collected from you and how we use it:
We may hold and use personal data about you when you visit our website, email us, contact us via social media or speak with us. Calls, online consultations and classes at Blackheath Physiotherapy & Pilates are not recorded.
The personal information we gather from you includes:
Booking data: Name, address, DOB, telephone number, email address. We use this information to secure your booking and to be able to contact you for any relevant class information. To see how this personal data is stored and used by cliniko please read their privacy policy athttps://www.cliniko.com/policies/privacy/ This data will not be used for marketing purposes other than letting you know about class or appointment cancellations, changes, class availability and launch dates for booking if you are currently attending.
Health Data: We obtain a signed health consent from all of our attending clients which asks for disclosure of all relevant medical information. This is a legal requirement from the Chartered Society of Physiotherapy and most importantly allows us to ensure that you are safe and given the correct guidance and exercises during class. Please note that you have the right to withdraw consent from class at any point with verbal or written notification.
Attendance: We document your attendance at classes with any relevant notes on medical changes, new conditions, problems with exercises or progressions at class. This is a legal Chartered Society of Physiotherapy standard.
Payment/banking data: If paying through Paypal, we never see your card information or Paypal account specific details . We can also make refunds securely without seeing this information. Please read Paypal's privacy policy at www.paypal.com/uk/webapps/mpp/ua/privacy-prev. If booking an online service cliniko is linked to the payment platform Stripe full details on their privacy policy can be found here: https://stripe.com/gb/privacy
Feedback Questionnaires: Forms may be issued at classes and post treatment on an opt in basis with the option of also being anonymous. This type of information is used most importantly to improve our services but may also be used to help promote the benefits of our classes.
Sharing of data: The sensitive and personal data that you disclose on your health consent form will be handed directly by you to your class instructor at class. It will only ever be shared with another class instructor who is covering your class with your consent. This consent may be withdrawn at any time (verbally or in writing). This is in accordance with UK laws and guidelines of professional bodies. We would only ever share this information with a GP, consultant or another physiotherapist out with the team if there were growing health concerns and always with your consent first. We do not share or sell your data to third parties and we promise to keep your details safe and secure as we possibly can.
Security of your personal data: All the personal data that we hold on you is protected and we ensure this by having the appropriate organisational and technical security measures in place. This prevents any unauthorised access or unlawful processing of your personal data and any data being lost, destroyed or damaged.
At your request, we may transfer personal information to you via email or you may choose to transfer information to us via email (through the general admin inbox or to your instructor directly). Email is not a guaranteed secure method of information transmission therefore if you do send or receive information via email you do so at your own risk.
IP addresses and cookies: When you visit our website Blackheath Physiotherapy & Pilates may collect information about your computer including, where available, your IP address, operating system and browser type, for system administration purposes. This is statistical data about users’ browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your Internet usage by using a cookie file that is stored on your computer. Cookies contain information that is transferred to your computer's hard drive. They help us improve the website and deliver a better and more personalised service.
You may refuse to accept cookies when you first visit our website, or by activating the setting on your browser that allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of the website. Our website uses the following cookies:
_utma, _utmb, _utmc, _utmz: These cookies are used by Google Analytics to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
Wix and Cliniko. Our website runs on theses website platforms. Wix uses cookies to track a user session, when they last visited or did something on the site. No personal information is stored in these cookies; only timestamps related to that browser session.
Third party cookies The code provided by Facebook to include additional functionality on our website may, by default, set cookies. For information about these third party cookies, go to www.facebook.com/about/privacy.
External web links: Our website may contain links to other websites and resources. Once you leave our website, you should note that we do not have any control over the external website. We are not liable for your protection and privacy on these external websites. You should exercise caution and look at the privacy policies applicable to the website in question.
For client consent forms for physiotherpay and pilates attendence we utilise Jot Form. Jot Forms privacy policies can be found here.
Your rights: You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we delete all your personal records that we hold relating to you. For legal reasons however, we need to store your health consent form and class attendance records for 8 years under the scope of Physiotherapy practice.
Subject to access: As a data subject, you have a legal right under EU Regulation and the General Data Protection Regulation to find out about our use of your personal data. To do this, you need to complete a subject to access request form which can be obtained by emailing blackheathphysiotherapy@gmail.com