Who we are
For the purposes of this Notice, personal data means any information that can be used to identify an individual whether directly or indirectly.
Please read through the content of this Privacy Notice carefully and ensure that you understand it. If you do not understand the content of this Privacy Notice or do not accept or agree with it then you must stop using the website at www.martinhigginsphysiotherapy.co.uk immediately.
By accessing the website at www.martinhigginsphysiotherapy.co.uk and providing us with your personal data you are warranting that you are over 13 years of age.
What personal data do we process, why do we process it, and how do we collect it
We may process personal data that you provide to us by subscribing to our newsletter or email list, requesting information through our contact form, or by any other communication via email, text or through our website or other online platforms and social media channels.
When we process your personal data we will comply with the relevant data protection laws and principles, which means that your data will be used lawfully, fairly and in a transparent way, kept securely and only for as long as necessary for the purposes we have told you about.
The types of personal data which we process will vary depending on your own specific circumstances but typically can include:
- Personal Information, which may include your name, date of birth, email address, phone number, business contact details, correspondence address, IP address. We shall process this data for the purposes of communicating with you and keeping our records;
- Customer or Client information, should you purchase goods and/or services from us then we may process information in connection with your purchase, and the supply of that purchase, as well as keeping appropriate records. Such information may include your Personal Information, billing address, delivery address, credit card or other payment details;
- User Information, this may include comments or statements that you may make or post via our website, online platforms or social media channels, images, documents or videos that you share on or through our website or through any of our pages or other online platforms, and information concerning your use of our website or other online platforms such as your browser information, page views, number of visits and where appropriate log-in details. We shall process this information to analyse and monitor usage and content of our website and other platforms and channels to ensure the content is relevant to you, to support our administration and record keeping requirements, and to maintain security of our systems;
- Promotional Information, this may include information you provide in connection with any promotions, marketing or advertising from us or our third parties. We shall use this information to provide relevant offers and advertisements, competitions and promotions and other free resources and to monitor our promotional activity, keep records and compile analytics.
In accordance with the Privacy and Electronic Communications Regulations (PECR) we may deliver or send you promotional or marketing information in cases where you have made an enquiry about or purchased goods or services from us or you have consented to receive contact for promotional or marketing purposes and you have not withdrawn your consent or opted out.
We may also process your personal data to deliver or send relevant advertisements to you through our website and other online platforms and to analyse the success and effectiveness of such adverts for the purposes of promoting and growing our business.
We may process your sensitive data such as details relating to your general health or medical condition in order to assess your suitability to engage or participate in our products or services and to provide relevant care, treatment and advice. To allow us to process your sensitive data we require your explicit consent and we will provide you with a separate form for you to complete to confirm your consent. We process your sensitive data on the ground of a legitimate interest to ensure that we are able to provide you with the best possible treatment, care and advice.
As a professional physiotherapy practice we are a member of the Chartered Society of Physiotherapists (CSP) and registered with the Health and Care Profession Council (HCPC) and accordingly we abide by the standard of conduct, performance and ethics as required by the HCPC which includes our requirement to respect confidentiality, keep records, manage risk and be honest and trustworthy.
We shall only collect and process your personal data for purposes that are clearly outlined prior to you providing us with your data, or for a legitimate reason.
Whenever we process your personal data we do so on the basis of a lawful condition this will either be because you have given your consent for us to process your data, where we are under a contractual or legal obligation, or where it is in our legitimate interests to do so.
It is very important to us that the information we hold about you is complete, accurate and up to date. If at any time your personal details change, please let us know by emailing us at firstname.lastname@example.org so we can update our records.
Who we share your data with
We may share your personal data as follows:
- Where it is necessary for external service providers who have been engaged by us to assist in the provision of services to our clients and customers;
- Where it is required by our professional support teams;
- Where we are required by a government body or legal obligation or to protect our rights;
- Where it is required in connection with the sale or purchase of any business or assets;
- With any other member or company of our group.
Where we have outsourced a function or activity to an external service provider we will only disclose personal data that the service provider needs to undertake that function or activity, and we require external service providers to agree to keep your personal data secure in accordance with the relevant law.
How long we retain your data
We will not keep your personal data for longer than is required with regard to the purpose for which it was collected by us or provided by you including any legal or record keeping requirements and will take reasonable steps to destroy or permanently de-identify your personal data when it is no longer required
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Your rights in relation to the data we hold
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where you have provided your consent for us to process your personal data you can withdraw that consent at any time. Should you wish to do so please contact us at email@example.com
If you are not happy with how we process your personal data you have the right to lodge a complaint with the Information Commissioners Office (ICO), the UK supervisory authority for data protection issues.
Share with Third Parties
We may share your information with trusted third parties such as our newsletter provider in order to contact you via email, our merchant accounts to process payments, and Google / social media accounts in order to run advertisements and marketing campaigns. We use the following subprocessors:
- ActiveCampaign LLC – Email Newsletter
- Amazon Web Services, Inc. – Website Backups
- Payments by PayPal – Payment Processing
- GoCardless – Payment Processing
- Calendly – Appointment Calendar
- Facebook – Analytics & Advertising
- Twitter – Analytics & Advertising
- Instagram – Analytics & Advertising
- Google LLC – Analytics & Advertising
- LinkedIn – Advertising
- ManageWP – Website Backups
- PayPal – Payment Processing
- ScheduleOnce – Appointment Calendar
- Stripe, Inc. – Payment Processing
- MailChimp – Email Newsletter
- WordPress – Content, Images, Form submissions, etc. Visitor comments may be checked through an automated spam detection service.
- QuickBooks – Bookkeeping
- Zapier, Inc. – Email Newsletter & Automation
- ClinicAppointments.com – Appointment & Clinical Notes System
Transfer of personal data outside of the EEA
Your personal data will only be stored within the UK or with trusted Third Parties listed above.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
How we protect your data
We take the protection of your personal information seriously and have taken suitable and reasonable steps to protect the personal information we hold from misuse, loss, unauthorised access, and any modification or disclosure.
We limit access to your personal data to those employees, agents, contractor or third parties who have a business need to know. They will only process your data on our instructions and must keep it confidential.
If you are submitting personal data over the internet that you wish to remain private, please note that while attempts are made to secure information transmitted to this site, there are inherent risks in transmitting information across the internet. If you prefer, you can contact us by alternative means using phone or mail.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Links to other sites
The website at https://www.martinhigginsphysiotherapy.co.uk/ may contain links to other sites. We are not responsible for the privacy practices of those web sites and have no knowledge of whether cookies or other tracking devices are used on any such linked sites.
If you have any concerns regarding the privacy of your information you should ensure you are aware of the privacy policies of those sites before disclosing any personal information.
If you have any questions about this Privacy Notice or require more information concerning our privacy practices please contact Helen Higgins at firstname.lastname@example.org or via post at Suite 2, Gledhow Mount Mansion, 32 Roxholme Grove, Chapel Allerton, Leeds, LS7 4JJ.