Last Updated 23/05/2018
Who We Are
The Muscle Clinic is a remedial and sports massage clinic.
Purpose of Policy
We are committed to protecting your personal information and being transparent about what information we hold about you.
Using personal information allows us to give our patients the best safe and effective treatment, tailored to your needs. It also enables us to provide you with relevant and timely information about the work that we do.
The purpose of this policy is to give you a clear explanation about how we collect and use the information we collect from you directly and from third parties.
We use your information in accordance with all applicable laws concerning the protection of personal information.
This policy explains:
- What information we may collect about you
- How we may use that information
- Information about how we keep your personal information secure, how we maintain it for and your rights to be able to access it.
We collect various types of information and in a number of ways:
Information you give us
When you make a booking, we’ll store personal information you give us such as your name, email address, postal address, and telephone number. We will also store a record of your bookings.
Information from third parties
We do not receive any personal data via third parties.
Special categories of personal data
Data Protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions. We collect health information from our patients in order to be able to give safe and effective treatments.
Information about your interactions with us
When we send you a mailing we store a record of this, and in the case of emails we keep a record of which ones you have opened and which links you have clicked on.
There are three bases under which we may process your data:
When you make a booking with us, you are entering into a contract with us. In order to perform this contract we need to process and store your data. For example we may need to contact you by email or telephone to discuss your booking, or in the case of problems with your payment.
Legitimate business interests
In certain situations we collect and process your personal data for purposes that are in our legitimate organisational interests. However we only do this if there is no overriding prejudice to you by using your personal information in this way. We describe below all situations where we use this basis for processing.
With your explicit consent
For any situations where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.
We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful.
We use our legitimate organisational interest as the legal basis for communications by email. We give you the opportunity to opt into receiving emails from us during your first appointment with us.
We provide you with an option to unsubscribe in every email that we subsequently send you, or you can alternatively use the contact details at the end of this policy.
We may also contact you about our work by telephone, however this will always be related to your bookings, and not for the purposes of marketing.
Special Categories of Personal Data
We collect health information from our patients in order to be able to give safe and effective treatments.
The lawful bases we use to process this data are:
- Consent or contract for personal data.
- The fact that the processing of the special category of personal data is necessary for the provision of healthcare.
Other Processing Activities
In addition to marketing communications, we also process personal information in the following ways that are within our legitimate organisational interests:
In order to improve our website we may analyse information about how visitors use it and the content that is interacted with.
We will always keep your rights and interests at the forefront. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy. Please bear in mind that if you object this may affect our ability to carry out tasks above that are for your benefit.
We would only disclose your personal information to third parties in a situation where we were under a duty to do so in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).
We would ask for your explicit consent if there was any other reason to share your data.
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
Your debit and credit card information
If you use your credit or debit card to purchase from us, we ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).
You can find more information about this standard here.
Maintaining your personal information
We store your personal information as long as we need to for tax and insurance purposes, and to inform your treatments.
Section B8 of the CNHC (Complementary and Natural Healthcare Council) Code requires registrants to keep client records safely and in good condition for eight years from the date of the client’s last visit or, if the client is a child, until his or her 25th birthday, or 26th birthday if the client was 17 when the treatment ended. This means that registrants have a ‘legitimate interest’ in retaining records for this period. In some instances, a registrant’s Professional Indemnity Insurance may require client records to be kept for a longer period, perhaps 10 years. This also represents a ‘legitimate interest’.
If there are aspects of your record that are inaccurate or that you would like to remove, please use the contact details at the end of this policy.
Any objections you make to any processing of your data will be stored against your record on our system so that we can comply with your requests.
Security of your personal information
We put in place appropriate safeguards (both in terms of our procedures and the technology we use) to keep your personal information as secure as possible.
Your rights to your personal information
You have a right to request a copy of the personal information that we hold about you and to have any inaccuracies in this data corrected. Please use the contact details at the end of this policy if you would like to exercise this right.
Contact details and further information
Room 20 Millfields Trust, HQ Business Centre, 237 Union St, Plymouth PL1 3HQ.