Who are we

Physit Limited is a limited company registered in England and Wales whose registered office is 71-75 Shelton Street, London, WC2H 9JQ.

We operate as Data Controller for the information you provide to us as a patient or user of our website.

We act as Controllers in common with organisations listed below when we work in conjunction with them to treat you medically:

  • Your nominated Insurance Company
  • NHS
  • Your nominated health professional

If you have any questions about the protection of your data, please email us on: info@physit.co.uk

Taking your Data Protection seriously

We have reviewed and updated our policies, processes and procedures to comply with the UK Data Protection Act 2018 and UK GDPR together, (GDPR) and have updated this Privacy Notice accordingly.

Types of data processed and purposes for processing

Data collected as Data ControllerPurposeLawful basis
Your personal details, including your name, title, postal and billing addresses, email address and phone numberTo register you as a patientPerformance of contract
We are legally bound by the guidelines of the Chartered Society of Physiotherapy and collect the following data from you in order to provide physiotherapy services:
Your medical history and current details, treatment details and date of birth
To perform physiotherapy servicesLegal requirement
Payment detailsTo process payment for our servicesPerformance of contract
Photography – on some occasions and with your consent, we may take photographs or short videos to demonstrate the correct exercise techniquesTo assist you with your rehabilitationConsent
Email alerts (appointment confirmation, appointment reminder)To manage your appointmentsPerformance of contract
Personal data that you submit to us to register for newsletters
Information from emails that you open, and which links in those emails you click on
To receive our newslettersConsent
Your communication and marketing preferencesContact preferencesConsent
Information you provide when corresponding with us in relation to queriesTo respond to queriesConsent
Information you supply when you voluntarily complete customer surveys, provide feedbackTo help improve our products and servicesConsent
General User data (when browsing our website – via cookies)
Data collected as Data ControllerPurposeLawful basis
Technical information such as the type of device you use, network information, your operating system, the type of browser you use and approx geographic location.To monitor Platform usage, content effectivenessLegitimate business interest
Information about your online browsing behaviour on our WebsitesTo monitor Platform usage and protect our own systems and notifying you about changes to our servicesLegitimate business interest
To improve the Platform and products and services that we offer, including recognising when there is a higher demand for our services; tailoring our Platform to the needs of all users; recommending options that match any stated preferencesConsent
No automated decision making, including profiling, is used when processing your personal data.
Where you have been referred from other Health Professionals you will have consented to your information being sent to us in order to provide Physiotherapy services.
We do not receive or buy-in lists of personal data from other sources.

Recipients of your data

Your information is provided to GPs, Consultants, Insurance Companies, hospitals and other health professionals directly linked to your treatment with your consent.

During your medical treatment you will be asked to consent to the transmission of this information. In some instances you will be able to withdraw your consent and the implications of this will be made clear to you during the consultation (as this may not be in your best interests).

We do not pass on your information to any other parties.

Security of your data

We have taken appropriate steps to ensure that we and our Data Processors adapt Industry standard security systems and procedures to ensure the security of your data. 

Data Transfers

In some instances your email address is stored by our processors in locations other than the UK or EEA and in these instances, we have assured ourselves that these processors are aware of their responsibilities for the privacy and security of your data under GDPR and have committed to standards no less onerous than ours.

We do not transfer any other data outside the UK or EEA unless you have given us consent to do so. 

Your rights under GDPR

The GDPR provides the following rights for individuals: (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/)

The right to be informed

The right of access

The right to rectification

The right to erasure

The right to restrict processing

The right to data portability

The right to object

Rights in relation to automated decision making and profiling

If you would like to exercise any of your rights please email us info@physit.co.uk.

We will make every effort to respond to your queries promptly and to your satisfaction.