This Policy Statement is written by KTB Physiotherapy in the interests of all personal data providers. KTB Physiotherapy website is owned by KTB Physiotherapy, which is a data controller of your personal data.

This Privacy Policy outlines how the website and the practice handles personal information collected (including health information), the reasons why we must collect certain personal data about you and how the security of this information is protected as best as possible. Therefore, it is in your best interested to read this Privacy Policy statement before using KTB Physiotherapy website or visiting our clinic/practice.

Personal information collected and used via KTB Physiotherapy website

When you visit the KTB Physiotherapy website, we automatically collect certain information about your device including information about your web browser,

  • IP address,

  • time zone,

  • and some of the installed cookies on your device.

Additionally, as you browse the Site, we collect information about the individual web pages or products you view, what websites or search terms referred you to the Site, and how you interact with the Site.

We refer to this automatically-collected information as “Device Information.” Moreover, we might collect the personal data you provide to us (including but not limited to Name, Surname, Address, payment information, etc.) during registration to be able to fulfil the agreement.

How data is used via our website

Our top priority is customer data security, and, as such, we may process only minimal user data, only as much as it is absolutely necessary to maintain the website. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding website usage. This statistical information is not otherwise aggregated in such a way that it would identify any particular user of the system.

You can visit the website without telling us who you are or revealing any information, by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the website’s features, or you wish to receive our newsletter or provide other details by filling a form, you may provide personal data to us, such as your email, first name, last name, city of residence, organization, telephone number. You can choose not to provide us with your personal data, but then you may not be able to take advantage of some of the website’s features. For example, you won’t be able to receive our Newsletter or contact us directly from the website. Users who are uncertain about what information is mandatory are welcome to contact us via info@ktbphysiotherapy.co.uk.

Information security:

We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We keep reasonable administrative, technical, and physical safeguards to protect against unauthorized access, use, modification, and personal data disclosure in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed.

Links to other websites:

Our website may contain links to other websites that are not owned or controlled by us. Please be aware that we are not responsible for such other websites or third parties' privacy practices. We encourage you to be aware when you leave our website and read the privacy statements of each website that may collect personal information.

Personal data collected via Zanda Health Ltd. Online booking system

When making a booking with us ‘KTB Physiotherapy’, personal data is collected through a GDPR compliant ‘Data Collection System’, Zanda Health Ltd. Zanda Health Ltd. is certified with the highest global security standards assuring you your personal data, including health information, is safe.

Personal data and health information is collected and relevant in order to identify you as an individual, as a client and use your health information accordingly to provide a thorough assessment and keep track historically to ensure you gain the best assessments, treatments and reviews of health as possible.

This includes the sharing of information to other organizations to which the practice usually discloses client health information, and any law that requires the particular information to be collected. Client consent to the handling and sharing of health information should be provided at an early stage in the process of client care. Clients should be made aware of the collection statement when giving consent to share health information.

In general, quality improvement or audit activities for the purpose of seeking to improve the delivery of a particular treatment or service is considered a directly related secondary purpose for information use or disclosure. Specific consent for this use of client health information is not required.

How long is data kept?

To meet our legal and regulatory obligations, we hold your personal and health information while you are a client and for 8 years after your last treatment. However, this is being reviewed to ensure they are not kept longer than necessarily once you have left the practice (for example you have moved abroad or have died).

Who has access to data?

Only necessary employees of KTB Physiotherapy will have access to your data. All employees regardless of access have a duty and responsibility to maintain the privacy of personal health information and related financial information.

Under no circumstances will employees of KTB Physiotherapy discuss, or in any way reveal client information to unapproved employees, colleagues, other clients, family or friends, whether at the practice or outside of it, such as in the home or at social occasions. This includes client accounts, appointments, referral letters or any other clinical documentation.

KTB Physiotherapy practitioners and other employees are aware of confidentiality requirements for all client encounters and understand that significant breaches of confidentiality may provide grounds for disciplinary action or dismissal.

Third-party access:

Requests for third-party access to client records should be initiated by either receipt of correspondence from a lawyer, government agency, another source including the examples listed below, or by the client with a written request. Where a client’s written request and / or signed approval is not obtained, the practice is not legally required to release information without a court order.

Requests for access may be received from various third parties including:

  • Subpoena / court order / coroner / search warrant

  • Relatives / friends / caregivers

  • External practitioners & healthcare institutions

  • Police / lawyers

  • Health insurance companies / workers compensation / social welfare agencies

  • Employers

  • Government agencies

  • Accounts / debt collection

  • Research / quality assurance programs

  • Media

Transfer of personal data:

Transfer of records from this practice can occur in the following instances:

  • For legal reasons, when a record is subpoenaed to court

  • When a client asks for their record to be transferred to another practice, due to moving residence or for other reason

  • Where an individual record report is requested from another source

  • Where the practitioner is retiring and the practice is closing

Legal disclosure:

We will disclose any information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Data breach:

A data breach occurs when personal information that KTB Physiotherapy holds is subject to unapproved access or disclosure or is lost. Data breaches can happen to any practice.

KTB Physiotherapy can reduce the reputational impact of a data breach by effectively reducing the risk of harm to affected individuals, and by demonstrating accountability in their data breach response.

User rights

Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data.

  • You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability

  • If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn

  • You have the right to lodge a complaint to the Information Commissioners' Office (ICO) if you believe that we have not complied with the requirements of the GDPR with regard to your personal data

If you would like to exercise your rights, please contact us through the contact information below.

Contact information

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send an email to info@ktbphysiotherapy.co.uk.

Policy changes

Policy statements are reviewed annually. If any changes are required to the policy an email will be sent to all clients registered with the practice with a summary to the changes made, and a link to the ‘full updated policy statement’.

For non-clients registered with the practice, it will be your responsibility to check for updates.

Effective date of the Policy

Privacy Policy, updated & reviewed - 23/11/2024.

Privacy Policy

Move More, Live Well...

Expert physiotherapy for your health and well-being

Support & Enquires

info@ktbphysiotherapy.co.uk

KTB Physiotherapy © 2024. All rights reserved.

07881 771 300

01432 483 481

Email now

Follow us...