-
Welcome to Philip Yeates Physiotherapy
Philip Yeates Physiotherapy is committed to protecting and respecting your privacy.
Philip Yeates Physiotherapy understands that your personal data is entrusted to us and appreciates the importance of protecting and respecting your privacy. We comply fully with the data protection law in force in the UK and General Data Protection Regulations (GDPR) and with all applicable clinical confidentiality guidelines.
This Privacy Policy sets out how Philip Yeates Physiotherapy uses and process personal data about you including our practices regarding the collection, use, storage and disclosure of personal data that we collect from you and/or hold about you, and your rights in relation to that data.
Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website or other online or digital platform(s) you are accepting or consenting to the practices as described or referred to in this Privacy Policy.
The rules on processing of personal data are set out in the General Data Protection Regulation (the “GDPR”).
1. Who are we?
The data controller is Philip Yeates Physiotherapy. This means we decide how your personal data is processed and for what purposes. Our address is: East End Park, Halbeath Road, Dunfermline, KY12 7RB. When we refer to ‘we’, ‘us’ and ‘our’, we mean Philip Yeates Physiotherapy. For all data matters contact our Clinic Manager on 01383 842599 or physio@philipyeates.co.uk
2. How we use your data
We may use your personal data for the following purposes:
3. Personal Data we collect from you may include the following:
The data that we request from you may include sensitive personal data. This includes information that relates to medical conditions (which may include children’s data). By providing us with sensitive personal data, you give us your explicit consent to process this sensitive personal data for the purposes set out in this Privacy Policy.
When do we collect personal data about you?
We may collect personal data about you if you:
What personal data we may receive from third parties and other sources?
We may collect personal data about you from third parties such as:
If you are an employee of one of our corporate clients who has taken up one of our services, we may be passed your name, contact number, email address, medical information in order to get in touch with you to arrange an appointment or collect further information from you;
We work closely with the NHS and other private hospitals and health professionals and for the continuity of your care we may request or be passed medical information possibly in the form of a referral for the purposes of your treatment; medical history including medicine history; investigation results
Insurance providers and Intermediary companies will pass Philip Yeates Physiotherapy personal data of patients who have commenced a claim and require medical/Physiotherapy treatment. This will normally be in the form of a referral and may consist of basic details e.g. full name, date of birth, address, contact number and email address and area of pain or problems and the type of treatment they require.
How do we use your personal data?
Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable GDPR Laws, clinical records retention periods and clinical confidentiality guidelines.
Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with UK laws and guidelines of our professional bodies or for clinical audits (unless you object). Further details on how we use health related personal data are given below. We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it. Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.
4. Sharing your personal data
We may disclose your personal data (to the extent necessary) to certain third party organisations that we use to support the delivery of our services. Sensitive personal data (including information relating to your health) will only be disclosed to third parties in accordance with this Privacy Policy. That includes third parties involved with your treatment or care, or in accordance with UK laws and guidelines of appropriate professional bodies.
This may include the following:
We may also disclose your personal data to third parties in the event that we sell or buy any business or assets or where we are required by law to do so.
Medical professionals working with us: We share clinical information about you with our medical professionals as we think necessary for your treatment. Medical professionals working with us might be our employees, or they might be independent consultants in private practice or NHS health professionals. In the case of independent consultants, the consultant is the data controller of your personal data, either alone or jointly with us and will be required to maintain their own records in accordance with Data Protection and GDPR Laws and applicable clinical confidential guidelines and retention periods. Where that is the case, we may refer you to that consultant to exercise your rights over your data. In all circumstances, those individual consultants will only process your personal data for the purposes set out in this Privacy Policy or as otherwise notified to you.
External practitioners: If we refer you externally for treatment, we will share with the person or organisation that we refer you to, the clinical and administrative information we consider necessary for that referral. It will always be clear when we do this and you will be asked for verbal consent in those circumstances.
Your GP: If the practitioners treating you believe it to be clinically advisable, we may share information about your treatment with your GP. You may decline permission if we are legally permitted to do so, but you should be aware that it can be potentially very dangerous and/or detrimental to your health to deny your GP full information about your medical history.
Your insurer: We share with your medical insurer information about your treatment, its clinical necessity and its cost, only if they are paying for all or part of your treatment with us. We provide only the information to which they are entitled. If you raise a complaint or a claim we may be required to share personal data with your medical insurer for the purposes of investigating any complaint/claim. In some circumstance you may be asked to complete consent forms for this purpose.
The NHS: If you are referred to us for treatment by the NHS, we will share the details of your treatment with the part of the NHS that referred you to us, as necessary to perform, process and report back on that treatment.
Medical regulators: We may be requested – and in some cases can be required - to share certain information (including personal data and sensitive personal data) about you and your care with medical regulators such as the Chartered Society of Physiotherapists, for example if you make a complaint, or the conduct of a medical professional involved in your treatment is alleged to have fallen below the appropriate standards and the regulator wishes to investigate. We will ensure that we do so within the framework of the law and with due respect for your privacy.
In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).
We will use your personal data in order to monitor the outcome of your treatment by us and any treatment associated with your care, including any NHS treatment.
We are also asked by Insurers or Intermediary companies to provided them with statistics for example, about the average number of treatments or outcome measures or patient satisfaction survey data. All information is anonymised.
5. How long do we keep your personal data?
Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable UK laws.
The security of your personal data
We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged.
All information you provide to us is stored securely.
The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred via our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.
At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.
6. Providing us with your personal data
You are under no statutory or contractual requirement or obligation to provide us with your personal data. But failure to do so will mean that we are unable to enter a contract with you as we are not able to comply with Chartered Society of Physiotherapy guidelines. Other health professionals will likewise be unable to get an accurate history and therefore will be unable to provide their services with your health and safety in mind.
7. Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
8. Cookies
What are Cookies? Cookies are text files containing small amounts of information, often including a unique identifier, which are downloaded to your computer when you visit a website - if your browser preferences allow it. Cookies are then accessed by the originating website on each subsequent visit. Cookies are useful because they allow a website to recognise a user’s computer.
How are cookies used on our website? The cookies we use are there to allow you to perform the services you require and to assist us in providing a better website for our users. We do not use cookies to store information that identifies you as an individual. Details on cookies used are provided below. We encourage you to accept the cookies we serve. However, if you wish to restrict or block the cookies which are set by our or any other website, you can do this through your browser settings.
Google Analytics: We use Google Analytics cookies to hold information about your visit to our site. This helps us better identify the use and popularity of our services and how successfully the website is functioning. If you do not wish us to do this, you can opt out of the Analytics service by installing an add-on for your browser. This can be found at http://tools.google.com/dlpage/gaoptout. Alternatively, you can delete/restrict the cookies as for any other cookie - see ‘How to control and delete cookies’ for more information.
Types of cookies: Session cookies are created temporarily when a user visits a website. Once the user leaves the site/closes the browser, the session cookie is deleted. A persistent cookie file remains on the user’s computer and is re-activated when the user visits the website that created that particular cookie. These cookies expire after a certain period (set in the file) or can be removed manually.
Cookies used on our website:
Cookie Name |
Cookie Description |
Cookie Classification |
Cookie Behaviour |
PHPSESSID |
This cookie is part of the scripting language that runs our site and allows information to be passed between pages as you navigate through the site. For instance, should you use the online booking enquiry form, if you need to go back and correct any information on the form, this cookie helps by ensuring you don't have to type in all the information again. This cookie does not store any personally identifiable information and is deleted when you close your browser |
Strictly necessary cookie |
Session cookie - disappears when the user closes the browser. |
_gid |
Used to distinguish users in Google Analytics. |
Performance cookie |
24 hours |
_ga |
Used to distinguish users in Google Analytics. |
Performance cookie |
2 years |
Managing cookies: Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.
Cookie preferences: You can manage your preferences relating to the use of cookies on our website by following the steps above, most relevant to your web browser software. Please note that if you block cookies, you may not be able to use all of the features on our website. This may also “break” certain elements of our website and prevent them from functioning correctly for you only.
9. Amendments to our privacy policy
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy.
10. How to make a complaint
To exercise all relevant rights, queries or complaints please in the first instance contact our Clinic Manager, by emailing us at physio@philipyeates.co.uk or write to the Data Protection Officer at: Clinic Manager, Philip Yeates Physiotherapy, East End Park, Halbeath Road, Dunfermline, KY12 7RB.
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.