📞 +44 7367 094333 | 📱 +44 7723 489555 | ⏰ Mon–Sat: 8am–8pm
Physiomedicine (trading name of Physiotherapy London Ltd) is the Data Controller responsible for your personal data collected through this website and our clinical services.
Physiomedicine (Physiotherapy London Ltd)
Email: info@physiomedicine.co.uk
Phone: 020 4641 4372
ICO Registration: [Insert ICO Registration Number]
We are registered with the Information Commissioner's Office (ICO) under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our ICO registration number is [Insert Number].
We collect personal data in the following categories:
| Category | Examples | How Collected |
|---|---|---|
| Identity Data | Full name, date of birth, gender | Booking forms, clinic intake |
| Contact Data | Email, phone number, postal address | Booking, enquiry forms |
| Health Data (Special Category) | Medical history, symptoms, treatment notes, referral letters | Clinical consultation, intake forms |
| Financial Data | Payment records, insurance policy numbers | Point of sale, booking system |
| Technical Data | IP address, browser type, cookies, pages visited | Automatically when you visit our site |
| Communications Data | Emails, SMS messages, phone call records | When you contact us |
We process your personal data for the following purposes:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Providing physiotherapy and clinical treatment | Identity, Health, Contact | Contract performance; Explicit consent (Art.9(2)(a)); Healthcare treatment (Art.9(2)(h)) |
| Managing appointments and bookings | Identity, Contact, Financial | Contract performance |
| Processing insurance claims | Identity, Health, Financial | Explicit consent; Legal obligation |
| Sending appointment reminders | Identity, Contact | Contract performance; Legitimate interests |
| Referring you to other healthcare professionals | Identity, Health | Explicit consent |
| Sending marketing communications | Identity, Contact | Consent (you can withdraw at any time) |
| Improving our website and services | Technical, Usage | Legitimate interests |
| Complying with legal/regulatory obligations | All categories as required | Legal obligation |
We retain personal data only for as long as necessary. Our standard retention periods are:
After the retention period expires, your data is securely deleted or anonymised.
We may share your personal data with trusted third parties in limited circumstances:
We never sell your personal data to third parties. We never share your data for commercial marketing purposes without your explicit consent.
Where we transfer your personal data outside the UK, we ensure adequate protection is in place through one of the following mechanisms:
Our primary clinical management system (TM3) stores data within the UK/EEA. Where any third-party services operate outside these regions, we will notify you and obtain your consent where required.
You have the following rights regarding your personal data:
You also have the right to lodge a complaint with the ICO at ico.org.uk or by calling 0303 123 1113.
We take the security of your personal data seriously and have implemented appropriate technical and organisational measures including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where appropriate, notify you directly.
Our website uses cookies to enhance your experience and analyse usage. For full details of the cookies we use, the data they collect, and how to manage your preferences, please see our Cookie Policy.
We treat children's health data with heightened care. Where we provide services to children under 16, we require parental or guardian consent. We retain children's clinical records until their 25th birthday (or 26th if aged 17 at the end of treatment), in line with NHS/HCPC guidelines.
We review and update this Privacy Policy periodically. The date at the top of this page reflects the most recent revision. We will notify you of significant changes by email or a prominent notice on our website.
This policy was last reviewed in accordance with the UK GDPR (as retained by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019) and the Data Protection Act 2018.