At The Body Rehab, we’re committed to protecting the privacy and security of all our customers and website users. If you’d like to know more about how we protect your privacy, please get in touch with us at firstname.lastname@example.org. For the purposes of our digital content and services, the data controller is The Body Rehab Ltd., and we act as the company responsible for your privacy.
When do we collect your personal information?
We collect personal data when you visit The Body Rehab website, book an appointment and / or become a patient, contact us via email or any other channel or subscribe to our mailing list.
What kind of personal data do we collect, and why do we collect it?
The data we collect may include your name, email address, address, phone number, social media usernames (if you interact with us this way) and your email preferences. Web usage data we collect (while you’re using our website) may also include your IP address, geographical information, browser and operating system and details of your visit to our website (including the pages you visited). We may also collect information about your visit using cookies in your web browser.
When you visit our clinic, we may collect the information above, plus your age and date of birth, and records of your injury / reason for visit, alongside any treatment carried out.
We collect your personal data in order to provide patients with our services, refer our clients on for scans or to consultants (with consent), and improve your customer experience. We’ll try our best to provide you with information we think will be of interest or relevance, and we’ll only send you marketing messages or emails with your permission (you can retract this permission at any time).
We collect technical information about your visit to our website in order to give our users the best experience we can, by analysing user behaviour and making improvements to our online services. We also use this information to help protect our website and allow us to meet our legal obligations in taking care of your data.
How do we share your personal data?
We’ll never sell any of the personal information you provide us to any 3rd parties (including your name, email address, address, phone number, or anything else you tell us).
We may share your data with trusted 3rd party companies where this is necessary or beneficial in order to provide you with services. We will only provide the information required in order for companies to perform their specific services. These 3rd parties may include:
- Companies providing us with professional services, including marketing, email campaign providers and website hosts.
- Organisations or individuals explicitly approved by you, such as consultants or other medical practitioners.
- Analytics providers (Google Analytics), in order to see how users interact with our website and ensure we’re bringing you the best possible experience.
- We may share information about fraudulent or potentially fraudulent activity where this is required – for example, sharing data about individuals with law enforcement bodies.
For more information, please contact us at email@example.com.
How is your personal data secured?
We treat information security as a matter of utmost importance, and it’s vital to us that your data is properly taken care of. Our patients’ details are stored securely, and accessible only to those individuals who require access. When you subscribe to our mailing lists, your information is taken securely over a ‘https’ secure connection, and access to any of your personal data is password protected and restricted solely to individuals who require it. Our website is hosted on servers using security and encryption best practices, with restricted access.
How do we contact you with marketing messages?
From time to time, if you’ve given us express permission, we’ll contact you via email with relevant marketing content. If you’d no longer like to hear from us, you can click on the ‘unsubscribe’ link in the footer of all our emails. Alternatively, you can email firstname.lastname@example.org and let us know how you’d like to hear from us.
As soon as you’ve done this, we’ll update our records to ensure you no longer receive any emails you don’t want in future.
How long do we retain your information?
We won’t keep your data any longer than is necessary. We keep medical records for as long as you remain a patient, with records kept for seven years following this in accordance with medical guidelines. If you’ve asked to hear from us with promotional content, we’ll keep your details stored for as long as you remain a subscriber. If you’ve given us any other information, we’ll retain this for as long as we need it to continue providing you with a service.
Web usage information (sent to Google Analytics to analyse traffic and user behaviour) is retained for a period of 26 months, and may include data like IP address, geographical information, browser usage and operating system. Any personal data older than this is automatically deleted / anonymised.
Where is your data processed?
Your data may be transferred to 3rd party data processors outside the EEA (European Economic Area). If we do this, we ensure data is granted the same protection that it would if it were processed within the EEA, and that any 3rd party data processors are fully GDPR compliant.
You have many rights pertaining to your personal data and how we use it, including:
- The right to access to the personal data we hold about you
- The right to access information about how your personal data is used
- The right to request correction of inaccurate, out of date or incomplete information
- The right to request deletion of your data, or that we stop processing or collecting it
- The right to opt-out of marketing messages if you withdraw consent
- The right to request transfer of your personal data to another service provider
- The right to submit a complaint to the ICO (Information Commissioner’s Office)
If you want to exercise any of these rights, you can email us at email@example.com.
Questions, complaints and contact
If you have any questions or feedback about this privacy notice, or would like to exercise any of your rights pertaining to our use of your personal information, you can contact us via the following channels:
- Email – firstname.lastname@example.org
- Phone – 01539 822746
- Unit 16, Staveley Mill Yard, Nr Kendal. LA8 9LR