Privacy Notice
Michelle Pullen Physiotherapy is committed to protecting your personal data and privacy. This notice explains how, when and why I collect personal information and how I use it and keep it secure, in compliance with applicable data protection laws, in particular the General Data Protection Regulation.
Who is collecting your personal data?
Michelle Pullen Physiotherapy is a registered sole trader, who operates from The Chris Moody Centre, Gate 4, Moulton College, Pitsford Road, Moulton, NN3 7QL, phone number 07505742969. For all enquiries, please email michellepullen013@gmail.com
What information is being collected, when and why?
The data I collect from you is collected from you, in person, during your initial assessment. I collect contact details and date of birth to be able to register you as a new patient, send invoices and tailored exercises to you, and to recover monies owed. My legal grounds for processing this data is to carry out the contractual obligation to provide the service to you, and in the case of recovering monies owed it is processed as a legitimate interest.
I also collect sensitive personal data (your medical history) for the purposes of providing physiotherapy services to you. Occasionally this also involves obtaining further medical information from your GP or other medical professionals. The legal ground of processing this data is your explicit consent which is obtained when I collect the data.
Who will it be shared with?
I do not sell or rent your data to any third parties for marketing purposes.
Where relevant, I will be required to share your data with your private medical insurance company in accordance with their specific requirements in order to have you claim processed, and collect monies owed for treatment.
I also share data with third parties who, in accordance with processor service agreements, provide specific services to Michelle Pullen Physiotherapy. These include my patient management database provider and IT services, to ensure I can provide services to you. I also share selected data with HMRC & accountants as is legally required. I ensure that all precautions are taken to protect your data, and require third parties to respect the security & confidentiality of your data, and to treat it in accordance with the law.
Where appropriate, I will share your data with other medical professionals for the purposes of referrals or further investigations, but this will always be done with your explicit consent, unless there is a legal obligation to share such information.
How do I store your data?
I store all personal data on my secure patient database that is password protected, and is backed up to an encrypted, password protected cloud storage system. I take all reasonable steps to protect your personal data from unauthorized access, loss or destruction.
If any personal data is collected by pen & paper, this will be added to your patient file on the database and securely destroyed.
How long will your data be kept for?
Your data will be kept securely for 7 years from your last visit, in accordance with my legal obligations
How you can access and update your information
You are able to obtain all the data I hold on you by contacting me at any time.
I are committed to ensuring the accuracy of your information, and regularly check the details I have are correct. If any of the details I hold change, please notify me by email or make me aware at your next appointment.
If you are not happy with any aspect of how I collect and use your data, please contact me directly. If you are not happy with the response you have the right to complain to the Information Commissioner’s Office at any time.
Who is collecting your personal data?
Michelle Pullen Physiotherapy is a registered sole trader, who operates from The Chris Moody Centre, Gate 4, Moulton College, Pitsford Road, Moulton, NN3 7QL, phone number 07505742969. For all enquiries, please email michellepullen013@gmail.com
What information is being collected, when and why?
The data I collect from you is collected from you, in person, during your initial assessment. I collect contact details and date of birth to be able to register you as a new patient, send invoices and tailored exercises to you, and to recover monies owed. My legal grounds for processing this data is to carry out the contractual obligation to provide the service to you, and in the case of recovering monies owed it is processed as a legitimate interest.
I also collect sensitive personal data (your medical history) for the purposes of providing physiotherapy services to you. Occasionally this also involves obtaining further medical information from your GP or other medical professionals. The legal ground of processing this data is your explicit consent which is obtained when I collect the data.
Who will it be shared with?
I do not sell or rent your data to any third parties for marketing purposes.
Where relevant, I will be required to share your data with your private medical insurance company in accordance with their specific requirements in order to have you claim processed, and collect monies owed for treatment.
I also share data with third parties who, in accordance with processor service agreements, provide specific services to Michelle Pullen Physiotherapy. These include my patient management database provider and IT services, to ensure I can provide services to you. I also share selected data with HMRC & accountants as is legally required. I ensure that all precautions are taken to protect your data, and require third parties to respect the security & confidentiality of your data, and to treat it in accordance with the law.
Where appropriate, I will share your data with other medical professionals for the purposes of referrals or further investigations, but this will always be done with your explicit consent, unless there is a legal obligation to share such information.
How do I store your data?
I store all personal data on my secure patient database that is password protected, and is backed up to an encrypted, password protected cloud storage system. I take all reasonable steps to protect your personal data from unauthorized access, loss or destruction.
If any personal data is collected by pen & paper, this will be added to your patient file on the database and securely destroyed.
How long will your data be kept for?
Your data will be kept securely for 7 years from your last visit, in accordance with my legal obligations
How you can access and update your information
You are able to obtain all the data I hold on you by contacting me at any time.
I are committed to ensuring the accuracy of your information, and regularly check the details I have are correct. If any of the details I hold change, please notify me by email or make me aware at your next appointment.
If you are not happy with any aspect of how I collect and use your data, please contact me directly. If you are not happy with the response you have the right to complain to the Information Commissioner’s Office at any time.
This policy was updated on 25th May 2018