Who are we
Physit Limited is a limited company registered in England and Wales whose registered office is 71-75 Shelton Street, London, WC2H 9JQ.
We operate as Data Controller for the information you provide to us as a patient or user of our website.
We act as Controllers in common with organisations listed below when we work in conjunction with them to treat you medically:
- Your nominated Insurance Company
- NHS
- Your nominated health professional
If you have any questions about the protection of your data, please email us on: info@physit.co.uk
Taking your Data Protection seriously
We have reviewed and updated our policies, processes and procedures to comply with the UK Data Protection Act 2018 and UK GDPR together, (GDPR) and have updated this Privacy Notice accordingly.
Types of data processed and purposes for processing
Data collected as Data Controller | Purpose | Lawful basis |
---|---|---|
Your personal details, including your name, title, postal and billing addresses, email address and phone number | To register you as a patient | Performance of contract |
We are legally bound by the guidelines of the Chartered Society of Physiotherapy and collect the following data from you in order to provide physiotherapy services: Your medical history and current details, treatment details and date of birth | To perform physiotherapy services | Legal requirement |
Payment details | To process payment for our services | Performance of contract |
Photography – on some occasions and with your consent, we may take photographs or short videos to demonstrate the correct exercise techniques | To assist you with your rehabilitation | Consent |
Email alerts (appointment confirmation, appointment reminder) | To manage your appointments | Performance of contract |
Personal data that you submit to us to register for newsletters Information from emails that you open, and which links in those emails you click on | To receive our newsletters | Consent |
Your communication and marketing preferences | Contact preferences | Consent |
Information you provide when corresponding with us in relation to queries | To respond to queries | Consent |
Information you supply when you voluntarily complete customer surveys, provide feedback | To help improve our products and services | Consent |
General User data (when browsing our website – via cookies) |
---|
Data collected as Data Controller | Purpose | Lawful basis |
---|---|---|
Technical information such as the type of device you use, network information, your operating system, the type of browser you use and approx geographic location. | To monitor Platform usage, content effectiveness | Legitimate business interest |
Information about your online browsing behaviour on our Websites | To monitor Platform usage and protect our own systems and notifying you about changes to our services | Legitimate business interest |
To improve the Platform and products and services that we offer, including recognising when there is a higher demand for our services; tailoring our Platform to the needs of all users; recommending options that match any stated preferences | Consent |
General |
---|
No automated decision making, including profiling, is used when processing your personal data. |
Where you have been referred from other Health Professionals you will have consented to your information being sent to us in order to provide Physiotherapy services. |
We do not receive or buy-in lists of personal data from other sources. |
Recipients of your data
Your information is provided to GPs, Consultants, Insurance Companies, hospitals and other health professionals directly linked to your treatment with your consent.
During your medical treatment you will be asked to consent to the transmission of this information. In some instances you will be able to withdraw your consent and the implications of this will be made clear to you during the consultation (as this may not be in your best interests).
We do not pass on your information to any other parties.
Security of your data
We have taken appropriate steps to ensure that we and our Data Processors adapt Industry standard security systems and procedures to ensure the security of your data.
Data Transfers
In some instances your email address is stored by our processors in locations other than the UK or EEA and in these instances, we have assured ourselves that these processors are aware of their responsibilities for the privacy and security of your data under GDPR and have committed to standards no less onerous than ours.
We do not transfer any other data outside the UK or EEA unless you have given us consent to do so.
Your rights under GDPR
The GDPR provides the following rights for individuals: (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/)
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling
If you would like to exercise any of your rights please email us info@physit.co.uk.
We will make every effort to respond to your queries promptly and to your satisfaction.