info@newboldphysio.co.uk
07654 123456

GDPR & Privacy Policy

Last updated: 22nd August 2025

Newbold Physiotherapy Clinic is committed to protecting your privacy and ensuring your personal information is handled safely and securely in line with UK GDPR regulations.

Data Controller

The Data Controller is Tony Deakin, who can be contacted via:

What Information We Collect

We may collect and process the following types of personal data:

  • Name, address, telephone number, and email address

  • Date of birth and gender

  • Medical history and treatment records relevant to your care

  • Payment details where applicable

How We Use Your Information

Your information is used to:

  • Book and manage appointments

  • Provide physiotherapy and related treatments

  • Communicate with you regarding your care and clinic updates

  • Maintain accurate medical and financial records as required by law

Lawful Basis for Processing

We process your personal data under the following legal bases:

  • Consent: Where you have agreed to us using your data for specific purposes

  • Contract: To provide the services you have requested

  • Legal obligation: To comply with healthcare and financial regulations

  • Legitimate interests: To ensure the efficient operation of our clinic

Data Sharing and Security

We will never sell your personal information. Your data is shared only where necessary, for example:

  • With healthcare professionals involved in your care

  • With service providers to process payments or manage bookings

  • Where required by law or regulatory authorities

All data is stored securely using encrypted systems and access controls to protect confidentiality.

How Long We Keep Your Data

We keep your personal data only for as long as necessary:

  • Medical records are typically retained for a minimum of 8 years (in line with healthcare guidance)

  • Financial records are retained for 6 years to comply with HMRC regulations

Your Rights

Under UK GDPR, you have the right to:

  • Access a copy of your personal data

  • Request correction or deletion of your data

  • Restrict or object to the processing of your data

  • Withdraw consent where processing is based on consent

  • Data portability (where applicable)

To exercise any of these rights, please contact Tony Deakin using the details above.

Cookies and Website Data

Our website may use cookies to improve your browsing experience. Cookies are small files placed on your device to help us understand website traffic and usage. You can manage cookie preferences through your browser settings.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or clinic practices. Any updates will be published on this page.

 

This policy was last updated in 22nd August 2025