This Privacy Notice contains details of the information that we need to collect in order to deliver our services to you, why we need this data, the way that we will handle that data, how long we will keep that data and your rights regarding the data that we hold.
This Privacy Notice applies to the services that we offer related to Sports and Remedial Massage Therapy and other closely related therapies.
This Privacy Notice is intended to be clear and simple. Should you have any questions or require further clarification please contact the Data Controller at the contact details below.
The information we collect:
All clients will complete a data collection form which records client name, address and other contact details for the purpose of maintaining contact with clients. Via this form we will also collect data related to age, gender, occupation and fitness activities in order to develop a profile of the client to assist with the delivery of any treatment.
We will collect relevant sensitive information about any medical conditions or medication which may pose a risk to any treatment that is offered by Revitalise Therapy and we ask for details of the client’s Doctor (GP) should there be a need to make contact. We must stress that no contact will be made with the client’s GP without the express permission of the client.
Following consultations and treatment we will record the nature of treatment given and any relevant information related to the effectiveness of that treatment.
How we use your personal information:
Personal information will be used for the following purposes:
- Client administration (i.e. billing and booking of appointments)
- Personalisation of the treatment service provided (i.e. the potential impact of existing medical conditions or medication).
- Maintaining a record of treatment provided to review the ongoing effectiveness.
- Client marketing communication to offer new services and updates related to existing services.
The legal basis for processing your personal data:
The legal basis for Revitalise Therapy holding your personal information is related to your written consent (e.g. for marketing preferences), the need to maintain certain contact details to manage the service (i.e. the contract) and what is known as “vital interests” (i.e. the need to ensure that the treatment offered does not lead to adverse health effects).
How we share personal data:
In a “nutshell”, we don’t, because we do not need to!
We do not share any of your personal data with any third parties. If a reason does arise then we will not share this unless we have your express written permission. If information is then shared we will always ensure that you are provided with a copy of the information provided.
There are limited exceptions to this rule:
- Where we reasonably believe that the use or disclosure of the information is necessary to lessen or prevent a serious and immediate threat to someone’s health or safety or the public’s health or safety.
- Where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is necessary part in reporting the matter to the relevant authorities.
How we store, secure and process your personal data:
Revitalise Therapy places significant importance on the security of all information associated with clients. We have security measures in place to protect against the loss, misuse and alteration of personal information under our control.
All personal information used by Revitalise Therapy is processed in the UK and is normally maintained in paper based files held in secure storage. Some personal information (e.g. contact details) will also be stored in password protected electronic files.
We will maintain a basic secure set of contact details to enable Revitalise Therapy to recover necessary client information in the event of accidental destruction of the primary data.
Passwords to access the secure files will not be shared with third parties and will be periodically changed.
All personal information will be maintained for a period of at least 10 years after the last consultation in line with FHT guidelines to ensure that we have access to important client information. After this point we will destroy this personal information unless you are still an ongoing client.
Paper records will be securely shredded prior to disposal.
Your rights in relation to personal data:
Under the GDPR Revitalise Therapy must respect your rights to access and control your personal data. Therefore you have rights in respect of:
- access to your personal information
- correction and deletion of information
- withdrawal of consent (i.e. for marketing preferences)
- data portability
- restriction of processing and objection
- lodging a complaint with the Information Commissioner’s Office
If you wish to exercise those rights please contact the Data Controller using the email address given below. We will obviously require some evidence of identity should access to your personal information be requested.
How to contact us:
You can contact Revitalise Therapy at any time via the email address email@example.com should you have any queries or any need to complain about any aspect of how we handle your personal information.
Who we are
Our website address is: https://www.revitalisetherapycheshire.com
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
How we protect your data
Our website is hosted on a secure and encrypted server. We also have a security certificate which encrypts any data you may send to us.
What data breach procedures we have in place