Last Update – May 2018
This policy covers how Neurocare Physiotherapy Ltd collect, process and use personal data under the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulations (“GDPR”).
For the purpose of the DPA and GDPR we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to Ian Watson, Company Secretary at Neurocare Physiotherapy Ltd, 5 Main Street, Warton, Carnforth, Lancashire. LA5 9NR
By using our website (www.neurocarephysio.co.uk) and our services you consent to this policy. We are registered with the Information Commissioner’s Office for this purpose.
How We Collect Your Information
We collect and store your personal data which you provide when you when you make an enquiry by telephone or website, or in the process of a course of treatment with us.
During your treatment with us, we collect details about you, such as your address and contact details, appointment dates/times, notes/reports about your treatments, relevant information from other health professionals and details about relatives or third parties associated with your treatment.
We may also collect statistical data such as enquiry source details and outcome statistics which help us improve our service. Any statistical reports from this data is anonymous and does not identify you.
We do not collect or use sensitive personal data, such as race, religion, or political affiliations.
We will collect and store your personal data only if it is directly provided to us by you (and therefore has been provided by you with your consent). We may also receive and store information about you from third parties during your course of treatment (e.g. your doctor, case manager, insurer etc) where you have given them permission to provide this information to us.
We also use analytical and statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data (this data does not identify you personally).
Your payment information (e.g. credit card details) provided when you make a payment on our website or by telephone is not stored by us. That information is processed securely and privately by the third party payment processors that we use. We may share your personal data with our payment processors but only for the purpose of completing the relevant payment transaction. Such payment processors are banned from using your personal data, except to provide these necessary payment services to us, and they are required to maintain the confidentiality of your personal data and payment information.
What we do with your information
The information that we collect and store relating to you is primarily used to enable us to provide our services to you, and to meet our contractual commitments to you. In addition, and where you have given us prior consent, to receive our newsletters and marketing information.
Who we share your Information with
We may need to share your information, subject to strict agreements on how it will be used, with other third parties related to your treatment such as your doctor, consultant, insurance company etc. You will be informed who your data will be shared with and in some cases asked for explicit consent for this happen when this is required.
We may disclose your information to regulatory bodies to enable us to comply with the law.
We do NOT provide your data to any third parties for marketing purposes.
If you have given us consent to use your data for a particular purpose you can revoke or vary that consent at any time. If you do not want us to use your data or want to vary the consent that you have provided you can write to us or email us at email@example.com at any time.
We may also use external companies to process personal information, such as for invoicing, accounting and data storage purposes. We have ensured that these companies meet our strict policies regarding data storage.
Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us.
The transmission of information via the post, internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to us, any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential. You should choose a password it is not easy for someone to guess.
Third Party Website Links
You might find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
The DPA and GDPR give you the right to access information held about you by us. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at the address above, or by email to firstname.lastname@example.org. There is no charge for requesting information about personal data that we hold about you. We will provide this information within one month of your request.
You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we cease using your data or that we delete all personal data records that we hold relating to you (except for any data we are legally required to retain e.g. medical records). You can exercise these rights at any time by writing to us at the address detailed above, or by email to email@example.com
Changes to this policy
We may update these policies so please regularly review these policies to be informed of how we are protecting your personal data.