Privacy Policy – Christie Rae Physiotherapy

Effective date: 14/06/2025

Christie Rae Physiotherapy is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with UK General Data Protection Regulation (UK GDPR).

1. Who We Are

Christie Rae Physiotherapy
Email: christieraephysiotherapy@gmail.com
Data Controller: Christie Rae Physiotherapy

2. What Information We Collect

We may collect and process the following personal data:

Personal Identification Data:

  • Name

  • Date of birth

  • Address

  • Email address

  • Phone number

Health and Medical Information:

  • Medical history

  • Current symptoms and diagnoses

  • GP or consultant details

  • Treatment plans and clinical notes

Payment Information:

  • Payment records (note: we do not store card details)

Technical Data (via website):

  • IP address

  • Browser type

  • Cookies and usage data (see Section 7)

3. How We Use Your Information

We use your personal data to:

  • Provide physiotherapy assessment and treatment

  • Communicate regarding your appointments and care

  • Maintain accurate medical records

  • Process payments and issue invoices

  • Meet legal, regulatory, and insurance obligations

We will only use your personal data where we have a lawful basis to do so, including:

  • Your consent

  • Performance of a contract (e.g. treatment agreement)

  • Compliance with legal obligations

  • Legitimate interest (e.g. maintaining a patient database)

4. Sharing Your Information

We do not sell or rent your information. Your data may be shared only when necessary and only with:

  • Other healthcare professionals involved in your care (with your consent)

  • Your insurance provider (if applicable)

  • Regulatory bodies (e.g. HCPC, ICO) if legally required

  • Our professional advisors (e.g. accountant, legal team)

  • Secure third-party platforms used to manage bookings or clinical notes (e.g. [insert name if using one, e.g. Cliniko, JaneApp])

5. How We Store and Protect Your Data

  • Data is stored electronically using encrypted systems and secure servers.

  • Any paper notes are kept in locked storage.

  • Access is restricted to authorised personnel only.

  • We retain your medical records for a minimum of 8 years (or until age 25 for minors), in line with professional and legal guidelines.

6. Your Rights Under UK GDPR

You have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request deletion (in certain cases)

  • Restrict or object to processing

  • Request data transfer (data portability)

  • Withdraw consent at any time (where applicable)

To exercise your rights, please contact: [Insert your contact email]

7. Cookies and Website Use

Our website may use cookies to improve user experience. You can adjust your browser settings to disable cookies if preferred.

We may collect anonymous website usage data (e.g. pages visited, time spent) to improve our services. This does not include any personally identifiable information unless you submit it via a form.

8. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website, and significant changes will be communicated directly.