Privacy Policy
Last updated: 13/09/2024
​
​
Introduction
Welcome to OnTrack Physiotherapy, Sale. (ontrackphysio.co.uk). Your privacy is important to us, and we are committed to safeguarding and preserving the privacy of our visitors and patients. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website or use our services. This policy complies with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
By using our website and services, you consent to the data practices described in this policy.
1. Information We Collect
​
We may collect and process the following personal data:
1.1 Personal Information
Name, address, email address, telephone number.
Date of birth, gender, and occupation.
Medical history and other relevant health information may be gathered at appointments and stored on our secure software ‘rehab guru’ (where applicable).
​
1.2 Website Usage Information
IP address, browser type, access times, and referring website addresses.
Information on your interaction with our website, such as pages visited and links clicked.
​
1.3 Cookies
Our website uses cookies to enhance user experience, track user activity, and gather demographic information.
​
2. How We Use Your Information
We use your personal data for the following purposes:
2.1 Providing Services
To process and manage your appointments and communicate with you about your treatment.
To maintain accurate medical records which can affect your treatment plans.
​
2.2 Improving Our Services
To monitor and improve our website and services.
To analyse trends and usage patterns to better serve our patients.
​
2.3 Marketing Communications
We may use your contact details to send you newsletters, promotions, and updates on our services. You can opt out at any time by following the unsubscribe instructions included in the emails or contacting us directly.
​
2.4 Legal and Regulatory Purposes
To comply with legal obligations, court orders, or regulatory requirements.
To protect the safety, security, and legal rights of the website, its users, and others.
​
3. Sharing Your Information
We will not share, sell, or distribute your personal information without your consent.
3.1 Third-Party Service Providers
We may share your data with trusted third parties who assist us in providing our services, such as:
IT and hosting providers.
Payment processors (for billing purposes).
All third-party service providers are required to maintain the confidentiality of your data and comply with applicable data protection laws.
3.2 Medical Professionals
With your consent, we may share your medical information with other healthcare professionals involved in your treatment, only if you have consented to this via our initial client form.
​
3.3 Legal Requirements
We may disclose your personal data if required by law or to protect our legal rights (such as to comply with a court order).
4. Data Security
We take reasonable measures to protect your personal data from unauthorized access, loss, alteration, or disclosure. These include secure data storage systems, encryption, and restricted access to sensitive data.
However, no method of data transmission over the internet is completely secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
5. Your Rights
Under the UK GDPR, you have the following rights:
5.1 Access and Rectification
You have the right to request access to the personal data we hold about you and to request corrections if it is inaccurate or incomplete.
​
5.2 Erasure (Right to be Forgotten)
You may request the deletion of your personal data under certain circumstances (e.g., when it is no longer necessary for the purposes for which it was collected).
​
5.3 Data Portability
You have the right to receive your personal data in a commonly used format and to request that it be transferred to another data controller.
​
5.4 Withdraw Consent
If you have given consent to the processing of your personal data, you can withdraw this consent at any time.
​
5.5 Object to Processing
You have the right to object to the processing of your personal data for direct marketing or other legitimate interests.
If you would like to exercise any of these rights, please contact us at marcus@ontrackphysio.co.uk
6. Data Retention
We will retain your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy or as required by law (e.g., for medical records retention). Once this period expires, we will securely delete or anonymize your data.
7. Children's Privacy
We may hold data for patients under the age of 16. Consent is required from parent/guardian and our privacy policies are outlined above. Parents and Guardians or the child themselves can request to remove this data at any time.
8. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, technical, or regulatory reasons. We will notify you of any significant changes by posting the new policy on this page and updating the date at the top.
9. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us.