Privacy statement
I am committed to protecting and respecting your privacy and keeping your data secure. I require your consent to hold and process your data.
Purpose – why do I hold your personal data?
Your personal information is held for the purpose of providing a considered and appropriate massage treatment, including any follow-up recommendations I consider appropriate.
By providing me with your data and agreeing to this privacy notice, you are giving me your consent to process your data. If you do not consent I will not be able to provide you with the service you have requested.
Personal data I gather and hold
How client personal data is held
Your rights
Purpose – why do I hold your personal data?
Your personal information is held for the purpose of providing a considered and appropriate massage treatment, including any follow-up recommendations I consider appropriate.
By providing me with your data and agreeing to this privacy notice, you are giving me your consent to process your data. If you do not consent I will not be able to provide you with the service you have requested.
Personal data I gather and hold
- Client name
- Client contact details (postal and electronic address)
- Client personal information - general health, wellbeing and relevant medical history, including information about medication the client is taking; any injuries and issues. This may include postural assessment forms and notes from each session. The content of these additional notes will vary but all will include information on treatment given in the session, and may include other details, such as reaction to the previous session and your current state of health.
How client personal data is held
- Paper records: I hold client data in paper form, locked in a filing cabinet in my home office.
- Client email addresses and email correspondence: these are held within my password-protected G Suite account.
- Client phone numbers: these are held on my mobile phone and are backed up to my iCloud storage area.
- Electronic records: I use a secure notes and booking system by a company called Cliniko (this is a password-protected and encrypted system). Cliniko uses servers based in the UK to hold client data.
- When applicable, I offer clients additional support via a secure software package called Rehab My Patient to provide exercises/stretches to clients. Rehab My Patient is also a password-protected and encrypted system, and stores data in a UK data centre.
Your rights
- You have the right to access any personal data that Pat Hill Massage holds about you. Any request should be made in writing and Pat Hill Massage will provide the requested information within one month of receipt. You have the right to withdraw your consent to Pat Hill Massage holding any personal data concerning you.
- A withdrawal of consent should be made in writing and Pat Hill Massage will respond within one month of receipt. Pat Hill Massage will remove any personal data concerning you unless we have a legal requirement to retain it.
- You have the right to lodge a complaint if you feel that we are not treating or using your personal data in the right way. You can make a complaint direct to Pat Hill at [email protected], or via the Information Commissioners Office.