Privacy Policy

This privacy notice tells you what to expect us to do with your personal information.

Contact details
What information we collect, use, and why
Lawful bases and your data protection rights
Where we get personal information from
How long we keep information
Who we share information with
Use of Meta technologies
Use of Cliniko for patient data
How to complain

Contact Details

What Information We Collect, Use, and Why

We collect and use the following personal information to provide patient care, services, pharmaceutical products, and other goods:

Name, address and contact details
Gender
Pronoun preferences
Date of birth
Emergency contact details
Health information (including medical conditions, allergies, medical requirements and medical history)
Information about care needs (including disabilities, home conditions, medication and dietary requirements and general care provisions)
Test results (including psychological evaluations, scans, bloods, x-rays, tissue tests and genetic tests)
Payment details (including card or bank information for transfers and direct debits)
Insurance policy details

We also collect the following special category information, which is subject to additional protection due to its sensitive nature:

Health information
Sex life information

For patient app or portal functionality, we collect:

Names and contact details
Payment details

Lawful Bases and Data Protection Rights

Under UK data protection law, we must have a lawful basis for collecting and using your personal information. We rely on consent for both patient care and app/portal functionality. You have the right to withdraw your consent at any time.

Your data protection rights include:

Right of access – to request copies of your personal information
Right to rectification – to correct or delete inaccurate or incomplete data
Right to erasure – to request deletion of your personal information
Right to restriction of processing – to limit how we use your data
Right to object – to object to how your data is processed
Right to data portability – to request transfer of your data to another organisation
Right to withdraw consent – at any time when consent is the lawful basis

We must respond to your request without undue delay and within one month.

To make a data protection rights request, please contact us using the details above.

Where We Get Personal Information From

Directly from you
Family members or carers
Other health and care providers

How Long We Keep Information

We retain personal information based on the type of data and its purpose:

Website account information (e.g. contact details, login credentials, preferences):
Retained for as long as the user maintains an active account on our website. If an account is deleted or becomes inactive, associated data will be securely deleted within 12 months unless required for legal or regulatory purposes.

Clinical records and health-related information:
Retained for a minimum of 7 years from the date of last treatment or interaction, in accordance with professional standards and regulatory guidance for physiotherapy and healthcare services.

If you would like more information about our retention criteria or request deletion of your data, please contact us using the details above.

Who We Share Information With

We may share personal information with:

Other health providers (e.g. GPs and consultants)
Insurance companies, brokers and other intermediaries

We are subject to a common law duty of confidentiality. However, we may share relevant health and care information where:

You’ve provided consent (explicit or implied for care)
We have a legal requirement (e.g. court orders)
The public interest overrides confidentiality (e.g. serious crime prevention)
If in England or Wales – the Health Service (Control of Patient Information) Regulations 2002 apply
If in Scotland – sharing is governed by appropriate authorities such as the Chief Medical Officer or NHS Scotland

Use of Meta Technologies

We use technologies provided by Meta Platforms, including Meta Pixel and other Meta Business Tools, to understand how visitors interact with our website and to improve the relevance of our advertising across Meta-owned platforms such as Facebook and Instagram.

These tools may collect:

Pages visited
Actions taken (e.g. booking an appointment)
Device and browser information
IP address (anonymised where possible)

This data helps us measure the effectiveness of our Meta advertising and deliver content that is more relevant to your interests. We do not use Meta technologies to collect or transmit any health-related or sensitive personal information.

You can manage your preferences via our cookie banner, which complies with UK GDPR and allows you to opt in or out of non-essential cookies.

For more information, please refer to Meta’s Privacy Policy.

Use of Cliniko for Patient Data

We use Cliniko, a secure, GDPR-compliant practice management system, to store and process patient information. Cliniko acts as our data processor and provides:

End-to-end encryption of data in transit and at rest
Role-based access controls to restrict data to authorized personnel
Secure hosting in data centres that meet international compliance standards
Audit logs to monitor access and changes to patient records

Cliniko does not access or use your personal data for its own purposes. All data remains under our control and is used solely for the provision of healthcare services and related administration.

For more information, please refer to the Cliniko Privacy Policy.

How to Complain

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details above.

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline: 0303 123 1113

Welcome To

LP Physiotherapy and Pilates!

Movement for Life