Introduction

Framlingham Physiotherapy Practice is committed to protecting the privacy and security of your personal information. We take care to protect the privacy of our customers that communicate (online or offline) with us, over the phone, through our website and social media platforms.

We have therefore developed this privacy notice to inform you of the data we collect, what we do with your information, what we do to keep it secure as well as the rights and choices you have over your personal information.

This website is not intended for children and we do not knowingly collect data relating to children.

Throughout this document we refer to Data Protection Legislation which means the Data Protection Act 2018 which incorporates the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the General Data Protection Regulation which is the governing legislation that regulates data protection across the EEA. This includes any replacement legislation coming into effect from time to time. 

We have appointed a Data Protection Lead (DPL) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact them by using the details set out below.

Full name of legal entity:        Framlingham Physiotherapy Practice

Email address:                        framlinghamphysio22@gmail.com

Postal address:           22a Well Close Square, Framlingham, Suffolk, IP13 9DS

Telephone number:                01728 723295/07770923873

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

The information we collect and when

We only collect information that we know we will genuinely use and in accordance with the Data Protection Legislation. The type of information that we will collect on you, and you voluntarily provide to us on this website, over the phone, via forms, service delivery or face to face includes:

  • Your name
  • Address
  • Telephone number(s)
  • Email address
  • Survey responses
  • IP address
  • Cookies

We may, in further dealings with you, extend this information to include your address, purchases, services used, and subscriptions, records of conversations and agreements and payment transactions etc.

  • You are under no statutory or contractual requirement or obligation to provide us with your personal information; however we require at least the information above in order for us to deal with you as a prospect, customer or service user in an efficient and effective manner.
  • The legal basis for processing your data is based on your specific consent that we will have requested at the point the information was initially provided, therefore we will not store, process or transfer your data outside the parties detailed above unless we have an appropriate lawful reason to do so.
  • Marketing and Communications Data includes your preferences in receiving marketing from us including newsletters and email communications.
  • We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

COOKIES 

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. Except for essential cookies, all cookies will expire after 3 months.

For more information about the cookies we use, please see our cookie notice below.

This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer / device.

Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.

This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google’s privacy policy here for further information http://www.google.com/privacy.html.

Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.

CHANGE OF PURPOSE 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

How we use your information

  • To contact you, following your enquiry, reply to any questions, suggestions, issues or complaints you have contacted us about;
  • Fulfilling our contract to provide you with the agreed service;
  • Make available our products and services to you;
  • Process your orders;
  • Take payment from you or give you a refund;
  • Personalise your shopping experience, for example we may provide you with details of products that match a product, which you may have purchased or enquired about previously;
  • For statistical analysis and to get feedback from you about our products, websites, mobile apps, and other services and activities. For example, occasionally we may invite you to review a product or service you’ve bought or used from us. If we do, it’s possible that we’ll use independent research and feedback providers to act on our behalf;
  • To power our security measures and services so you can safely access our website and mobile apps;
  • Help us understand more about you as a customer, the products and services you consume, so we can serve you better;
  • Contact you about products and services from us;
  • Provide you with online advertising and promotions; and
  • Help answer your questions and solve any issues you have.

Who we might share your information with

We may share your personal data with other organisations in the following circumstances:

  • If the law or a public authority says we must share the personal data;
  • If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk); or
  • From time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. However, all the information we share will be collected and anonymised, so neither you nor any of your devices can be identified from it.

International Transfers

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

 

How we keep you updated on our products and services

We will send you relevant offers and news about our products and services in a number of ways including by email, but only if you have previously consented to receive these marketing communications or we have a legitimate interest to do so and completed a legitimate interest assessment (LIA).

When you register with us, we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.

If you wish to amend your marketing preferences, you can do so by unsubscribing at the bottom of the email or by contacting us on the details outlined below.

 

Your rights over your information

Right to Access Your Personal Information

You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is sometimes termed ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 30 days from when your identity has been confirmed.

We would ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.

If you would like to exercise this right, please contact us as set out below.

 

Right to Correction Your Personal Information

If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.

If you would like to exercise this right, please contact us as set out below.

 

Right to Object, Erasure or Limit Our Processing of Your Data

You have the right to object to us processing your personal information if we are not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise this right, please contact us as set out below.

 

For more information about your privacy rights

The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly. You can access them here https://ico.org.uk/for-the-public.

 

How long we keep your information for

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Unless otherwise required by law, your data will be stored for a period of 7 years after our last contact with you/some other identifiable action or period, at which point it will be deleted. Details of retention periods for different aspects of your personal data are available upon request by contacting us as outlined below.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

 

3rd party links and sharing your thoughts

When using our website, you may be able to share information through social networks like Facebook and Twitter. For example, when you ‘like’, ‘share’ or review our Services. When doing this, your personal information may be visible to the providers of those social networks and/or their other users. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts so you are comfortable with how your information is used and shared on them.

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

 

Security

Data security is of great importance to us and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your collected data. 

We take security measures to protect your information including:

[Add or delete if/as required]

  • Limiting access to our buildings to those that we believe are entitled to be there (by use of passes, key card access and other related technologies);
  • Implementing access controls to our information technology
  • We use appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, networks, websites, mobile apps, offices and stores.
  • Never asking you for your passwords;
  • Advising you never to enter your account number or password into an email or after following a link from an email.

How to contact us

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this notice, the way your personal information is processed, please contact us by one of the following means:

By email:         framlinghamphysio22@gmail.com

By post:           22a Well close Square, Framlingham, Suffolk, IP13 9DS

 

Thank you for taking the time to read our Privacy Notice.

Framlingham Physiotherapy Practice

This Notice was last updated on 7/6/19