Domus Physiotherapy Privacy Policy
Our contact details
Name: Lesley Hodgson
Address: domusphysiotherapy.co.uk
E-mail: lhodgson@domusphysiotherapy.co.uk
The type of personal information we collect
We currently collect and process the following information:
• Name, address, email and telephone numbers
• Emergency contact details
• Next of kin details
• Social history which may include occupation, care arrangements, type of accommodation, mobility equipment in situ, support from other private or charitable agencies
• Financial information such as credit card details used to pay for your treatment via our financial data processor.
• Website user statistics
We also collect special categories of personal data including:
• Records of any assessments, treatments or advice that you have received from us
• Details of your previous and current physical and mental heath
• Details of current medications
• Health records, images or referral information from third parties
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you:
• When entering into a contract with Domus physiotherapy for the provision of healthcare services
• Visiting our website or completing a “Contact Us” enquiry via our website
• Communicating with us by email, telephone, social media or video-conferencing
• During physiotherapy consultations or treatment appointments
• When completing client satisfaction questionnaires or treatment outcome measure questionnaires
We may also receive personal information indirectly, from the following sources in the following scenarios:
• From other healthcare organisations such as your GP, medical consultants, other private or NHS healthcare organisations in order to provide appropriate physiotherapy treatment
• From private or social care agencies where communication is necessary to provide safe continuity of care
• Your family
• Your insurance policy provider
• Your legal representatives in any medico-legal proceedings, should they arise
• Government agencies including the Ministry of Defence, the Home Office and HMRC
As required by UK General Data Protection Regulation (UK GDPR), we explain our purpose and legal basis for using your personal information below. In addition, when we collect special category personal information, such as details of your health, we have specified our additional legal justification to use it.
Purpose 1: To provide you with physiotherapy care
Legal bases for using your personal data:
• Consent
• Contract
Legal bases for using your special category personal data:
• Explicit consent
• Health care – the provision of health care or treatment
Purpose 2: To receive payment for your physiotherapy care
Legal bases for using your personal data:
• Consent
• Contract
Legal bases for using your special category personal data:
• Health care – the provision of health care or treatment
• Legal claims
Purpose 3: To contact you regarding your physiotherapy care including resolving any queries or complaints
Legal bases for using your personal data:
• Contract
• Legitimate interests
Legal bases for using your special category personal data:
• Health care – the provision of health care or treatment
• Legal claims
Purpose 4: To communicate with any individual that you ask us to communicate with and updating any healthcare providers or referrers
Legal bases for using your personal data:
• Consent
• Contract
Legal bases for using your special category personal data:
• Explicit consent
• Health care – the provision of health care or treatment
• Vital interests
Purpose 5: To comply with our legal and regulatory obligations and to defend or exercise our legal rights
Legal bases for using your personal data:
• Legal obligation
• Legitimate interests
Legal bases for using your special category personal data:
• Health care – the provision of health care or treatment
• Legal claims
Purpose 6: For internal clinical audit and post-treatment surveys
Legal bases for using your personal data:
• Consent
• Legitimate interests
Legal bases for using your special category personal data:
• Health care – the provision of health care or treatment
Purpose 7: To manage our business operations such as accounting and receiving professional advice such as financial or legal.
Legal bases for using your personal data:
• Contract
• Legitimate interests
Note that if you choose not consent to provide us with the personal data (including the special category personal data) outlined above, then we may not be able to provide you with physiotherapy services.
We may share this information with:
• Anyone that you ask us to communicate with on your behalf such as a carer or next of kin
• Other healthcare professionals involved in your treatment such as your GP
• Social care agencies
• Third parties involved in the administration of your care such as insurance companies
• NHS and Government bodies
• Our regulators such as the Health and Care Profession Council
• Our insurers, the Chartered Society of Physiotherapists
• The police and other third parties where necessary for the prevention or detection of crime
• National and other professional research / audit programmes
• Third parties acting on your behalf in any legal proceedings
• Our service providers such as laywers, tax advisors auditors
International data transfers
Our third party processors, such as IT providers or payment providers may store or collect personal information about you in countries outside of the UK or European Economic Area. We have taken steps to assure ourselves that third parties we deal with are compliant with UK GDPR regarding international data transfers.
How we store your personal information
Your information is securely stored on password protected electronic devices, e.g laptop computer, mobile phone and external hard drives.
We keep your personal and special category personal data for eight years in line with NHS guidance on health record retention. We will then dispose of your information by deleting it from all electronic devices.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at info@domusphysiotherapy.co.uk if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at info@domusphysiotherapy.co.uk.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Domus Physiotherapy