Introduction and General Terms
KK Physio & Pilates is committed to safeguarding your personal information by respecting and protecting your privacy. We understand that your personal data is entrusted to us and fully appreciate the importance of protecting this data and your confidentiality.
When we refer to ‘we’, ‘us’ and ‘our’ we mean KK Physio & Pilates. When we refer to personal data in this policy, we mean all the information that can or has the potential to identify you as an individual. This includes all the information provided to us via phone, SMS, email, letters, social media and our website.
KK Physio & Pilates are legally obliged to use all the information you provide to us in accordance with all applicable laws concerning the protection of personal information under the data protection (GDPR) laws in the United Kingdom and we comply fully with that. We also comply with all clinical confidentiality guidelines published by The Chartered Society of Physiotherapy and The Health Care Professions Council. We are registered with the Information Commissioner’s Office and for the purposes of data protection laws, the data controller is KK Physio & Pilates and our registered address is Unit 1.4, The e-Centre, Cooperage Way Business Village, Alloa, FK10 3LP.
This privacy and cookies policy advises you what personal data we collect and process about you and includes what we do with that information, how we store it, how we disclose it and your rights in relation to that data.
Please read the following carefully to ensure you understand how we process your personal data. By providing us with this data or by using our services, digital platforms or website you are consenting/ accepting to the practises laid out in this policy. You maybe asked for written consent or documented consent to this policy. If you are under 16 years of age your parent or legal guardian will be required to give consent on your behalf.
Lawful basis for processing personal data
Personal data shall be collected for specified, explicit and legitimate purposes only and will be adequate, relevant and limited to what is necessary. The personal data will be accurate and where necessary kept up to date. Every reasonable step will be taken to ensure that any inaccurate personal data recorded is rectified or erased without delay.
To ensure compliance with EU data protection law the legal basis for processing data is following legal obligations. This means that to comply with clinical guidelines as a health professional a certain standard of record keeping is required and the records must legally be kept for a set period.
Information we collect
When you contact us via phone, SMS, email, letters, social media and our website we may hold and use the personal data you provide us with. Please note that calls to KK Physio & Pilates are not recorded.
The list below shows that personal data we may collect from you:
Information you provide when you enquire or become a patient/ client with us including name, address, contact details (including email address and phone number)
Reports and notes about your medical health and any treatment and care you have received. This may include clinic and hospital visits, investigations, medications and other contact and correspondence we may have had with you
Information we have received from insurance companies, other healthcare professionals and medicolegal/ rehabilitation companies
Patient satisfaction feedback and patient audits regarding treatment outcome that you provide
Information from any incidents or complaints that occur
Information received from other sources including your use of other digital platforms and websites we operate or provided by other companies who have obtained your permission to share information about you.
Information from business partners, advertising networks and analytics providers if provided
Data received from other sources
Personal data received from other health care professionals, sports clubs or insurance companies/ medicolegal companies maybe collected. This information is usually in the form of a referral and may include basic details such as name, address, date of birth, contact phone number, email address and the reason for the referral.
How we use your personal data
Any sensitive personal information you provide to us in relation to your health will only be disclosed to those involved in your treatment or care, or in accordance with UK laws and guidelines of professional bodies. It may be used for the purposes of clinical audits but only with your permission. We will only use your sensitive personal data for the purposes of which you have given us your explicit consent to use it.
Further details on how we may use your personal data are listed below:
Respond to requests where we have a legal or regulatory obligation to do so
Support your doctor, nurse or other healthcare professional
Enable us to carry out our obligations to you that arise from any contract entered into between you and us relating to the provision by us of services or treatments to you. This includes matters relating to this service such as billing, accounting and audit
Check the accuracy of information about you and the quality of your treatment or care, including auditing medical and billing information for insurance claims. This also includes any claims or litigation processes
Assess the type of care/ quality of care (including giving you the chance to complete customer satisfaction surveys) and any complaints or concerns that may arise to ensure they can be fully investigated
Provide you with the information, products or services you request from us
Notify you about cancellations/ time changes for any services we provide
Security of your personal data
All the personal data that we hold for you is protected and we ensure this by having the appropriate organisational and technical security measures in place. This prevents any unauthorised access or unlawful processing of your personal data and any data being lost, destroyed or damaged.
At your request, we may transfer personal information to you via email or you may choose to transfer information to us via email. Email is not a guaranteed secure method of information transmission, therefore if you do send or receive information via email you do so at your own risk.
Where applicable, it may be disclosed to any person or organisation who maybe responsible for meeting your treatment expenses. It may also be provided to external service providers and regulatory bodies (unless you object) for clinical audit. This helps ensure the highest standards of care and record keeping are maintained.
In an emergency (or if you were incapacitated) we may share your personal information with a third party based on protecting your vital interest (i.e. your health).
A cookie is a small amount of data, often including a unique identifier that is sent to your devices web browser from a websites computer and is stored on your devices hard drive. This then tracks, saves and stores information about the user’s interactions and usage of the website and thus allows the website (through its server) to provide the user with a tailored experience.
Users are advised that if they wish to deny the use and saving of cookies from our website onto their devices then they should take the necessary steps within their web browsers security settings.
You have the right to change the permissions that you have given us in relation to how we may use your data. You also have the right to request that we delete all personal records that we hold relating to you. It should be noted however that in the event you have had treatment with us we are legally obliged to hold your records for a determined time after treatment. To exercise these rights at any point please contact us at the address below or via email at email@example.com If you are unhappy with how you feel your data is being handled by us you have the right to complain to the Information Commissioner’s Office.
Subject to access
As a data subject, you have a legal right, under EU Regulation 2016/679 General Data Protection Regulation to find out about our use of your personal data. To do this you need to complete a subject access request form which can be obtained by writing to the address below or by emailing firstname.lastname@example.org
Changes to this policy
This policy maybe updated to reflect any changes to the website and customer feedback. Please ensure you review this policy regularly to be kept informed as to how we are protecting your personal data. This policy was last updated in April 2018