Alpine Physiotherapy is committed to preserving the privacy of all visitors to our website www.alpinephysio.co.uk. The following policy is provided to inform you on how we use and protect the information that you provide us through this website and any other interaction with us.
By visiting, requesting information or a call back request, you consent to the collection, use and transfer of your information under the terms of this policy.
We use your personal information only for providing and improving our systems. By using the website, or our services, you agree to the collection and use of information in accordance with this policy.
All personal information provided by you will be held by Catherine Potter Physiotherapy Ltd t/a Alpine Physiotherapy of 75 Grove Road, Harpenden, Herts, AL5 1EN.
Our UK data protection registration number is: A9051908. Full details of our notified purposes can be viewed at the website of the Information Commissioner’s Office www.ico.org.uk
How We Collect Personal Information From You
We will collect personal and special category information from you, or other third parties. We collect the information from the following sources:
- Your parent or guardian if you are under 16 years of age.
- A family member, or someone else acting on your behalf.
- Your interpreter, acting on your behalf.
- From yourself, either in face to face consultations, or via electronic communications such as email, via the telephone, or via postal communications.
- When you have given explicit consent to subscribe to educational or marketing email correspondence.
- Manually, when you fill in referral, assessment and other forms.
- Via postal communications, via electronic communications, or records completed by clinicians involved in your care, and their administrators.
- When given directly by social services, carers, relatives and friends – over the phone or in person.
- From providers of medical imaging and diagnostic testing involved in your care.
- From your private medical insurance provider.
- In emergency situations by the social services, police or ambulance service staff.
Information We May Collect From You
When you visit, request information or book appointments on www.alpinephysio.co.uk or when booking appointments or making enquiries over the phone you may be asked to provide certain information about yourself, including your name, contact details and if making a telephone payment your debit/credit card details.
The internet is not completely secure. We cannot guarantee the security of your personal data transmitted through our website or by email. Any transmission is at your own risk. Some of the information you provide to us may be considered sensitive personal data as defined by the Data Protection Act (“DPA”) 1998. e.g. This includes ethnic or racial origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life or criminal records, for instance.
Alpine Physiotherapy also considers information relating to bank accounts, national insurance numbers, and other unique documents such as passport numbers as sensitive. It is recommended to send such information using a secure system such as encrypted email. All personal data that you provide to us will only be processed following your explicit consent and always in line with the DPA 1998 and any other applicable data protection legislation.
What do you do with my personal information?
At Alpine Physiotherapy (“Alpine Physiotherapy”, “We”, “Us”, or “Our”), we respect your privacy and take protecting it seriously. It describes the choices available to you regarding our use of your information and how you can access and update it. The use of the information collected through our service shall be limited to the purpose of providing the service for which you have engaged us.
Contact information, clinical notes, medical letters and accounting details will be securely stored onsite and also held digitally, primarily using our software application provider, Cliniko. [www.cliniko.com] As we are mainly processing your personal data for provision of health care services (physiotherapy), we have a legal obligation to process this data.
There are also industry standard guidelines (the UK NHS) that we follow, in accordance with our regulatory body guidelines. Normally we will process or store your personal information for eight  years from the time you last had treatment, but this can increase if there are specific circumstances. If you have any queries about how long we are processing your data for, please contact us.
We will also store information to ensure we can deal with any legal claims that arise from you using our services, and the data will be stored for as long as is required and advised by our legal counsel.
Letters sent to your GP or consultant are held electronically and password and virus protected. You may be referred to us by an insurance company by e-mail. Your personal details will be on this e-mail and will be password and virus protected. Copies of your physiotherapy records may be sent to solicitors only with written consent from you. These will be sent by recorded delivery or by password and virus protected e-mail.
The purpose of processing is to identify the patient, to enable safe treatment, to communicate with appropriate professionals and to enable timely and efficient access to appointments/treatment. Your information (with your consent) may be passed to third parties in the form of a referral letter or a report to a GP, consultant or insurance company.
Information required for patients under 16 will be obtained from the parent or guardian accompanying the child at their appointment.
We will use and analyse the information we collect from our clients and potential clients so that we can administer, support, improve and develop our business.
In particular, we may use the information to contact you for your views on our services and to notify you occasionally about important changes or developments to the website or our services. Further, where you have consented, we might also use your information to let you know by email, SMS or post about other products and services which we offer which may be of interest to you. If you change your mind about being contacted in the future, please let us know by emailing firstname.lastname@example.org
Indirect information collection
Like many site operators, we collect information that your browser sends whenever you visit our Site ("Log Data").
This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information, unless you decline or subsequently opt out.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive and allows us and other service providers to recognize you and make your next visit easier and our service more useful to you. Like many sites, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website.
Right of Access and updating Personal Information
In line with the General Data Protection Regulation (GDPR), you are entitled to request and obtain personal information that we, as data controller, hold about you. Upon request we will check our records and confirm whether we hold any data and inform you of the result. If the result is positive, you have the right to be informed of what categories of data we hold, processing purpose, planned recipients, what protections have been put in place and duration of storage of any personal data. Information can be provided to the data subject in writing, electronically or verbally as per Art. 12(1) sentences 2 and 3 of the GDPR, depending on the circumstances.
If your personal information changes, or if you no longer desire our service, you may correct, update, delete or deactivate it by contacting us. We will respond to your request within 30 days.
We will retain your information for as long as you need us to provide you services and then for the required retention period. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
The security of your personal information is important to us. When you enter sensitive information, we follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
We will retain your personal data for as long as is necessary for the required service to be provided to you. All retained personal data is subject to the controls of our internal data protection policy which is required to be adhered to by all who work for Alpine Physiotherapy and will be securely disposed of when it is considered to be of no further use.