Privacy Policy / Cookie Policy

About us

Unity Physiotherapy and Wellbeing is committed to protecting your privacy and will process your personal information in accordance with GDPR, UK data protection, and other current legislation. We want to be clear and transparent about what data we collect, how we collect it, how it is processed and protected. We are registered with the Information Commission to process personal data, our registration number is ZA069890.

What data do we collect?

If you become a patient, or make a healthcare related enquiry, we collect personal information which includes some sensitive data. This is necessary to offer the service to you and respond to your enquiry. We are permitted to process your personal information, including sensitive information for healthcare provision and to meet our legal and healthcare regulations. We process your special category data (sensitive data), for example details of your physical or mental health, for healthcare purposes and to comply with our legal and professional healthcare obligations. Personal information collected includes name, address, email address, telephone numbers, demographic information such as date of birth and GP surgery and medical information, and how you heard of the clinic. Sensitive information collected includes medical information, your beliefs, and social factors including your religious beliefs (if this information is appropriate and shared by you). Financial data is not stored on any of our systems, payments are made by BACS, cash and cheque, the only financial data we record is the amount paid.
If you connect with us or interact with us on social media some details will be recorded by the social media servers, you can read their privacy policies online. We use social media to raise awareness of issues and things that can change health and wellbeing and promote awareness of our services. We may use aspects of case studies of patients we have helped but these would never include your personal information nor make you identifiable
If you visit our website and make an enquiry we will collect your name and email address along with any other information you provide, such as telephone number and reason for contacting us. Under GDPR we have a legitimate interest to process this information, as with data subjects who have become patients, under the provision of healthcare. The information you provide on the contact form is only used to contact you and is stored in your file along with any information provided by email or over the phone if you become a patient. If you don’t become a patient of the clinic the information from the contact email and any phone calls is deleted. Data provided by you on the contact form is encrypted until it reaches our server. If you visit our website then anonymous statistical information about your visit will be collected to assist us in understanding how our site is used, this is captured and managed using cookies. We also use Google analytics to monitor visitor numbers, they may gather your IP address, location and device information. Google analytics information is only used to monitor the use of our website and not for any other purpose, it is stored on Google servers. You can opt not to have your data captured for analytical purposes via your browser settings or add-on.
When video consultations are offered these will be done using third party software, such as Zoom which is hosted in the USA but is part of the Privacy Shield Scheme. No recording of the session will take place without expressed consent of the other party. You can read the GDPR policy, or privacy and security policy on the third parties website.
We have a legal obligation to process and store your data as it is essential for the provision of our healthcare service. We have a legal obligation to keep your data as medical records of our care. This all helps us provide the most effective service for you. We will process your information in line with what is set out in this privacy policy and in accordance with GDPR guidelines for providing health or social care or treatment, under our statutory legal obligations, in the event of any legal claims, and where appropriate with your consent.
We receive personal and sensitive data from the owners of the personal data (either as patients, enquirers or website visitors), as well as their carers and family members, other healthcare professionals, solicitors, insurance companies and other third party funding organisations. This information may be collected by phone, mail or email, following which it is recorded in the notes file and kept securely. Emails are printed and deleted once the email thread has ended. Occasionally communication is received by SMS text message this is to and from a phone that is locked with a security code. Data leaves the business via phone, letter, and sometimes email to other healthcare professionals, solicitors, insurance companies and third party funders whom patients have given consent to share data with. When sensitive data is emailed to yourself or a third party, with your consent, the document is password protected (this is sent to the receiver in a separate email or by text message). Your information is not passed to any third parties except in relation to your care, or unless an overriding lawful reason exists for sharing this, such as to protect yours or another person’s vital interests; where possible, this is usually only done with your consent. Occasionally we may require IT support and it is possible technical staff will need access to emails to rectify any issues. We will take adequate technical and organisational security precautions to minimise any exposure to the information you have provided to us.

To provide you with our healthcare service.

We will use your information to provide treatment and to contact you, this includes to remind you of your appointment and emailing exercises.

Your information is not passed to third parties except in relation to your care, and as specified above unless any overriding lawful reason exists for sharing this, and is usually only done with your consent wherever possible.

It is important data is accurate and up-to-date, we will do our utmost to ensure it is, however, you must also advise of any changes to your circumstances whilst you are a patient of the clinic.

We would like to stay in touch with you to provide general information that can help you live well, keep you up to date with any changes in our service, and generally send you information which the GDPR labels as direct marketing. We will only do this with your permission.

To keep clients and subscribers up to date with information we will use a third party email broadcast company which may be outside of the EEA, we will ensure that they have adequate technical and organisation measures in place to protect the information. Subscribers can change their preferences at any time by clicking on the unsubscribe link in any email broadcast, or simply email us at info@unityphysio.co.uk and you will be removed from our broadcast list.

If you give a testimonial, we would attribute this to you in a way you choose although we don’t usually state your full name. At any time you can withdraw your consent, but any testimonial or case study used in hardcopy marketing materials or already indexed by search engines may be difficult to stop.

If you attend an event run by us some of the organisation of this may be managed by a third party company such as Eventbrite. When this is the case the company may eb outside of the EEA, we will ensure that they have adequate technical and organisation measures in place to protect the information.

Your data is stored on a locked computer, backed up onto a password protected external drive and cloud storage which is also password protected and meets GDPR requirements. Emails are downloaded and stored with your patient file and then the email is deleted. Text messages are stored on a locked phone.

Whilst we always aim to keep your data within the UK, or EU, this may not always be possible. For example, we utilise some exercise management platforms to assist you with doing your exercises and these may be hosted outside the EEA. Your name, email and list of recommended exercises is the only data held on these sites. We will only use sites that can demonstrate adequate security to protect your information.

Legally medical records have to be kept 8 years from the date of your last treatment, and to age 25 years for children so this is the duration of time we store your data for.

Where specific concerns have been identified, it may be necessary to retain certain records for a longer period of time. Where this is the case they will be securely stored.

Under GDPR you have specific rights, those rights that are applicable to the data we hold on you include:-

  • The right to be informed of what information we hold
  • The right to access the information we hold on you
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to object

The above rights are not absolute, and there may be reasons why we are unable to comply which your request, for example we are legally bound to keep your notes for the period of time outlined above and would therefore not be able to erase your data if you ask us to  Each enquiry will be treated and considered on a case by case basis in-line with GDPR guidelines.

If you have any concerns or questions please contact:

 Ann Parkinson

Telephone:  07871240188

Email: info@untiyphysio.co.uk  

If you are unhappy with how we have processed your information, you have the right to lodge a complaint with the office of the Information Commissioner at:

Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Netscape Navigator or Internet Explorer) settings. Each browser is a little different, so look at your browser Help menu to learn the correct way to modify your cookies. If you turn cookies off, you won’t have access to many features that make your site experience more efficient and some of our services will not function properly. However, you can still place orders over the telephone by contacting customer service.
The following tables describe the cookies we use on this site and what we use them for. Currently we operate an ‘implied consent’ policy which means that we assume you are happy with this usage. If you are not happy, then you should either not use this site, or you should delete www.unityphysio.co.uk cookies having visited the site, or you should browse the site using your browser’s anonymous usage setting (called “Incognito” in Chrome, “InPrivate” for Internet Explorer, “Private Browsing” in Firefox and Safari etc).

We use session cookies to remember your log-in and what you’ve put in the shopping basket. These we deem strictly necessary to the working of the website. If these are disabled then various functionality on the site will be broken. More information on session cookies and what they are used for at http://www.allaboutcookies.org/cookies/session-cookies-used-for.html.

 
Cookie NamePurpose
PHPSESSIDThis cookie is used to hold the unique session ID which is generated every time our site is visited. This cookie is deleted when you close the browser.
Session_IDThis retains your ID for your shopping basket. Without this cookie, you cannot add products to your basket or make any purchases.
ProviderCookie nameExpiresPurposeMore information
Google Analytics_utma2 yearsThis cookie is typically written to the browser upon the first visit to your site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new __utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to your site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure.Read Google Analytics Safeguarding your data
Google Analytics_utmb _utmc30 minutesThese cookies work in tandem to calculate visit length. Google __utmb cookie demarks the exact arrival time, then Google __utmc registers the precise exit time of the user.Read Google Analytics Safeguarding your data
Google Analytics_utmz6 monthsThis cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation within your own site. The cookie is updated with each page view to your site.Read Google Analytics Safeguarding your data
Google Analytics_utmv2 yearsThis cookie is not normally present in a default configuration of the tracking code. The __utmv cookie passes the information provided via the _setVar() method, which you use to create a custom user segment. This string is then passed to the Analytics servers in the GIF request URL via the utmcc parameter. This cookie is only written if you have added the _setVar() method for the tracking code on your website page.Read Google Analytics Safeguarding your data
Google Analytics_utmx2 yearsThis cookie is used by Website Optimizer and only set when the Website Optimizer tracking code is installed and correctly configured for your pages. When the optimizer script executes, this cookie stores the variation this visitor is assigned to for each experiment, so the visitor has a consistent experience on your site.  See the Website Optimizer Help Center for more information.Read Google Analytics Safeguarding your data
 

Your choice regarding cookies on this site

We use cookies to optimise site functionality, give you the best possible website experience, and target our marketing activity. Read our cookie policy