Privacy Policy of PhysioNext

At PhysioNext , we understand the importance of your privacy and are committed to protecting the personal data we collect from our patients and website visitors. This Privacy Policy describes how we collect, use, share, store, and safeguard your personal and health information in compliance with the Data Protection Act 2018 , the UK General Data Protection Regulation (UK GDPR) , and any other applicable data protection laws in the United Kingdom.

By using our services, including accessing our website, booking appointments, and engaging in physiotherapy sessions, you consent to the collection and use of information as described in this Privacy Policy.

1. Introduction

At PhysioNext , we are committed to protecting the confidentiality and safety of your personal and medical information. We strive to comply with the requirements set forth in the UK GDPR  and the Data Protection Act 2018 . This policy provides explicit and open information regarding the management of your data, your rights related to that data, and how you may regulate your preferences.

2. Information We Collect

We collect the following types of personal information to provide you with the best possible care and service. We aim to collect only the data necessary for these purposes, and all data is processed in accordance with applicable data protection laws.

A. Personal Identification Information

This information helps us to identify you and communicate with you effectively. We may collect the following personal details:

  • Full name
  • Email address
  • Phone number (mobile and/or landline)
  • Postal address
  • Date of birth
  • Gender
  • Emergency contact information (if provided)

B. Health and Medical Information

As part of the physiotherapy services we provide, we collect sensitive health-related data (also referred to as special category data  under the UK GDPR ). This data is essential for providing personalized care, diagnosing conditions, and developing treatment plans. The medical data we collect may include:

  • Your medical history, including previous diagnoses, surgeries, allergies, and ongoing conditions
  • Details of injuries, illnesses, or physical impairments
  • Physiotherapy assessments, treatment plans, and notes from each session
  • Information regarding your progress, including pain levels and treatment response

This sensitive health information is processed with the highest level of security and in compliance with the specific provisions of the UK GDPR  regarding special category data.

C. Payment Details

To facilitate payments for our services, we may gather financial details, including:

  • Credit or debit card information (handled via secure external payment platforms)
  • Account information for banking transfers or direct payments
  • History of payment transactions (encompassing amounts, dates, and payment methods)

We collaborate with reliable and secure third-party payment processors to guarantee that your payment information is managed securely and in accordance with industry regulations.

D. Technical Information

When you visit our website, we automatically gather certain technical information via cookies, log files, and analytics tools. This information helps us understand how our website is used and how we can improve the user experience. This may include:

  • IP address (your device’s unique address on the internet)
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent on each page, and actions taken on the site
  • Referring website (the page from which you accessed our site)
  • Location data (if activated on your device)

Cookies and various tracking technologies are utilized for website analytics, enhancing our site’s functionality, and personalizing the user experience. You can control or turn off cookies via your browser settings, but please note that this could impact the performance and functionality of our site.

E. Communication Data

We collect and store any communication you send to us for the purpose of customer service, follow-up, and ensuring the continuity of your treatment. This may include:

  • Email correspondence
  • Telephone or video consultation records
  • Written or online feedback forms
  • Questions or requests for information sent through our website or other channels

F. Consent and Marketing Preferences

If you choose to receive marketing messages, we will gather:

  • Your consent choices (if you have accepted to receive promotional content such as newsletters, exclusive deals, or notifications)
  • Options for how we interact with you (e.g., via email, phone call, or text message)

You can revoke your consent for marketing communications whenever you wish by clicking the "unsubscribe" link in our emails or by reaching out to us directly.

G. Sensitive Personal Data (Health Information)

As a physiotherapy service, we handle private personal information concerning your physical and mental well-being. We only handle this information when required for fulfilling our contract with you (administering treatment) or with your clear consent. This information is handled with the highest level of confidentiality and stored safely in compliance with UK GDPR .

3. Reasons for Collecting Your Information

We collect your personal and health information for the following reasons:

  • To Deliver Physiotherapy Services : To evaluate your condition, formulate treatment strategies, and track your development.
  • To Contact You : To schedule appointments, respond to inquiries, offer updates on your treatment, and dispatch reminders.
  • To Handle Payments : To enable invoicing and payment for services provided.
  • For Legal and Regulatory Compliance : To meet legal requirements concerning healthcare and data protection regulations.
  • To Improve Our Services : Using feedback and analytics to enhance patient care, treatment results, and overall service provision.

4. Legal Basis for Handling Your Data

Under the UK GDPR , we process your personal and health data relying on the following legal bases:

  • Contractual necessity : Processing is essential for fulfilling a contract (e.g., to deliver physiotherapy services).
  • Consent : You have given clear permission for your data to be processed for particular reasons, including marketing communications or sharing information with other healthcare professionals.
  • Legal obligation : We may process your data to meet legal obligations (e.g., for health records or to adhere to regulatory standards).
  • Legitimate interests : We may process your data when it's required for legitimate purposes, like enhancing our services or safeguarding your well-being during treatment.

5. How Your Information Is Shared

We are committed to protecting your privacy and will never sell, lease, or exchange your personal data. However, under the following conditions, we may disclose your information:

  • With Service Providers : We may disclose your information to reliable third-party service providers (e.g., IT firms, billing agencies, and payment processors) who assist us in providing our services. These third parties are legally obligated to maintain the confidentiality and security of your data.
  • For Legal Obligations : We may share your information if mandated by law, such as in response to a court order or to fulfill legal requirements.
  • With Your Permission : If you have provided clear consent, we may disclose your personal or health information to third parties, such as another healthcare provider for referral reasons.

6. Data Protection

We apply suitable technical, organizational, and physical safeguards to guarantee the security of your personal and health information. These actions include:

  • Encryption : Sensitive information, such as health and payment details, is encrypted during transmission.
  • Access Controls : Only authorized personnel who require access to your data for treatment or operational purposes are permitted to view or handle your data.
  • Routine Audits : We conduct routine security audits to detect and resolve any vulnerabilities in our systems.
  • Data Minimization : We collect and retain only the minimum amount of personal information necessary to achieve the purposes outlined in this policy.

7. Your Rights

As an individual whose data is processed, you have the following rights under the UK GDPR  and the Data Protection Act 2018 :

  • Right to Access : You are entitled to ask for a copy of the personal data we hold about you.
  • Right to Rectification : You can ask us to correct any incorrect or incomplete data.
  • Right to Erasure : Under specific conditions, you can ask us to delete your personal information.
  • Right to Restrict Processing : You can request that we limit how we process your data in specific circumstances.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website. Cookies help us understand how users interact with our site and allow us to improve functionality.

  • Essential Cookies : These are required for the basic functioning of our website.
  • Analytics Cookies : These track how users interact with our website (e.g., via Google Analytics).

You can manage or disable cookies through your browser settings, but please note that this may affect your experience on the website. For more details, please refer to our Cookie Policy .

9. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make changes, we will post the updated Privacy Policy on our website and update the “effective date” at the top of the page. Please review this Privacy Policy periodically to stay informed about how we protect your personal information.