We are obligated by law to retain your records for a period of 7 years following your most recent appointment, or until you reach the age of 25 if that is longer. However, after this period, you have the option to request the erasure of your records. Once 7 years (or age 25 if longer) have passed, we will securely dispose of your records.
Your records are stored electronically on our work computers, which are protected by passwords and regularly updated with security measures to ensure their safety.
When you provide your personal information to us, it is stored and processed for the following reasons:
1) To provide you with the best possible treatment, we need to collect personal information about your health. By requesting treatment and our agreement to provide care, a contractual relationship is established. You have the right to refuse to provide this information, but it would hinder our ability to offer treatment.
2) Collecting this information is of "Legitimate Interest" as it enables us to effectively and safely perform our job.
3) We believe it is important to be able to contact you for appointment confirmations and updates related to your medical care. This also falls under "Legitimate Interest," but this time it is your legitimate interest.
4) With your consent, we may send you exercises electronically. You can withdraw this consent at any time.
We will never share your data with anyone who does not require access unless we have obtained your written consent. Only your practitioner has access to your data to provide you with treatment.
You have the right to access and review the personal data we hold about you, and you can request corrections to any factual errors. If the minimum legal retention period has passed, you can also request the deletion of your records.
We want you to have complete confidence in our responsible handling of your personal data and assure you that we take all necessary measures to ensure that only authorized individuals with a genuine need can access your data.
If you believe that we have mishandled your personal data in any way, you have the right to raise a complaint. Initially, complaints should be directed to us. While we strive to address any complaints, if you are unsatisfied with our response, you have the right to escalate the matter to the Information Commissioner's Office.