Privacy Policy

Churchdown Osteopaths provides osteopathic treatment for patients with all types of health conditions indicated for osteopathic care. The practice also offers massage therapy and reflexology. We are committed to safeguarding the privacy of our customers and website visitors; this policy sets out how we will treat your personal information.

Introduction

This policy refers to personal data, which is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject) that is not already in the public domain.

The General Data Protection Regulation (GDPR) which is EU wide and far more extensive than its predecessor the Data Protection Act, along with the Privacy and Electronic Communications Regulations (PECR), seek to protect and enhance the rights of EU data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU and its storage within the EEA.  It should be noted that GDPR does not apply to information already in the public domain.

Data Collection and Processing

  1. To deliver safe, tailored and effective treatment, it is essential for us to collect and process personal health and contact information. This collection is a fundamental aspect of our contractual obligation to you, the patient. You can, of course, refuse to provide the information, but if you were to do so we would not be able to provide treatment.

  2. You will be asked to sign a consent form to allow us to collect and store your personal data.

  3. Contact details provided by you such as telephone numbers, email addresses, postal addresses may be used to remind you of future appointments and provide reports or other information concerning your treatment. This again constitutes ‘Legitimate Interest’.

  4. Churchdown Osteopaths uses the information collected from you to make telephone contact and to email you marketing information which we believe may be of legitimate interest to you.  In making initial contact with the practice you consent to Churchdown Osteopaths maintaining a marketing dialogue with you until you either opt out (which you can do at any time) or we decide to desist in promoting our services. 

  5. Some basic personal data may be collected about you from the marketing forms and surveys you complete, from records of our correspondence and phone calls and details of your visits to our website, including but not limited to, personally identifying information like Internet Protocol (IP) addresses. We may from time to time use such information to collect statistics about the behavior of visitors to our website.

  6. Churchdown Osteopaths may occasionally act on behalf of its patients, in the capacity of a data processor to promote other practitioners based at our premises, who may not be employed by us. 

  7. The Churchdown Osteopaths  website uses cookies, which is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to: keep track of you whilst you navigate the website. We will use the persistent cookies to: enable our website to recognise you when you visit. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date. Churchdown Osteopaths website visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using Osteopaths’ website.

  8. We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google’s privacy policy is available at: http://www.google.com/privacypolicy.html.

Legal basis for processing any personal data

To meet our contractual obligations obtained from explicit Patient Consent and legitimate interest to respond to enquiries concerning the services provided.

Legitimate interests pursued by Churchdown Osteopaths

To promote treatments for patients with all types of health problems indicated for osteopathic care.

Consent

Through agreeing to this privacy notice you are consenting to Churchdown Osteopaths processing your personal data for the purposes outlined. You can withdraw consent at any time by using the postal, email address or telephone number provided at the end of this Privacy Notice.

Data Retention Policy

Our legal obligation requires us to retain your medical records for a minimum of 8 years following your latest appointment, or until you reach the age of 25, whichever period is longer. This retention period enables us to provide you with ongoing care as needed. Post this period, you have the right to request the deletion of your records, otherwise, we may retain your records indefinitely.

Data Storage, Security Measures & Disclosure

Churchdown Osteopaths will keep your personal information safe and secure. We will not disclose your Personal Information unless compelled to, in order to meet legal obligations, regulations or valid governmental requests. Every member of staff (both employed and self employed) who works at Churchdown Osteopaths has a legal obligation to keep information about you confidential and have signed integrity and confidentiality agreements. 

Your medical records are stored in paper format in the back office, which is always locked out of working hours as well as the whole building being securely locked. Electronic contact details stored on our practice and patient management software programmes (Cliniko, Cliniq Apps and Rehab My Patient) are stored on their servers and safeguarded with password protection, ensuring data security.

Data Sharing and Third Parties

Churchdown Osteopaths only collects the information needed so that it can provide you with marketing and consulting services, we do not sell or broker your data. 

As part of our obligations as primary healthcare practitioners there may be circumstances related to your treatment, on-going care or medical diagnosis that will require the sharing of your medical records with other healthcare practitioners e.g GPs, consultants, surgeons and/or medical insurance companies. Where this is required we will always inform you first unless we are under a legal obligation to comply.

We will not disclose any information about you to any third party without your written permission or in case of a child’s information, the parental consent, unless there are exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on and/or in accordance with the Caldicott principles.

Your rights

You have the right to see what personal data of yours we hold, and how it is processed. We are committed to responding promptly to such requests. At any point whilst Churchdown Osteopaths are in possession of, or processing your personal data, you have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.

  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.

  • Right to be forgotten – Provided the legal minimum period has elapsed, you can also ask us to erase your records.

  • Right of portability – you have the right to have a copy of the data we hold about you transferred to another organisation.

  • Right to object – you have the right to object to certain types of processing such as direct marketing.

  • Right to restriction of processing – where certain conditions apply you have a right to restrict the processing.

  • Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.

In the event that Churchdown Osteopaths refuse your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge. 

You can also request the following information:

  • Contact details of the data protection officer, where applicable.

  • The purpose of the processing as well as the legal basis for processing.

  • If the processing is based on the legitimate interests of Churchdown Osteopaths or a third party such as one of its clients, information about those interests.

  • The categories of personal data collected, stored and processed.

  • Recipient(s) or categories of recipients that the data is/will be disclosed to.

  • How long the data will be stored.

  • Details of your rights to correct, erase, restrict or object to such processing.

  • Information about your right to withdraw consent at any time.

  • How to lodge a complaint with the supervisory authority (Data Protection Regulator).

  • The source of personal data if it wasn’t collected directly from you.

  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

To access your personal data, identification will be required

Churchdown Osteopaths will accept the following forms of identification (ID) when information on your personal data is requested: a copy of your driving licence, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If Churchdown Osteopaths are dissatisfied with the quality, further information may be sought before personal data can be released. All requests should be made to hello@churchdownosteopaths.co.uk or writing to us at the address further below.

Change of details

It is important that you tell Churchdown Osteopaths if any of your details such as your name, address, telephone number or email address have changed or if any of your details such as your date of birth are incorrect.

Updates to the Privacy Policy

The latest version of our privacy policy will be available at any time on our website, should you require a paper copy, please ask us. Significant updates to our privacy policy will also be communicated via email.

Objections/ Complaints

We want you to be absolutely confident that we are treating your personal data responsibly, and that we do everything we can to make sure that only the people who can access that data have a genuine need to do so. 

Should you have any concerns on how your personal data is being processed by Churchdown Osteopaths, please contact the Practice Manager, Jo Edwards in the first instance. If you do not get a response within 30 days, or you are still not happy following a review by the practice owner, Neil Hayden, you can complain to the Information Commissioner’s Office via their website www.ico.gov.uk.

Contact details:

Churchdown Osteopaths:  Jo Edwards, Practice Manager, 102 Chosen Drive, Churchdown, Gloucester GL3 2QU. Telephone: 01452 714511 or email: hello@churchdownosteopaths.com

Information Commissioners Office : Wycliffe House, Water Lane, Wilmslow, SK9 5AF Telephone +44 (0) 303 123 1113. www.ico.gov.uk