The Hill Hub, 1a Highfield Road, Dartford, Kent, DA1 2JH
Mon – Fri: 8:00 am – 8:00 pm, Sat: 8 - 2pm
info@ashcroftphysioclinic.com
Book Now
Book Now

Privacy Policy

Last Updated: April 2024

At Ashcroft Physiotherapy Clinic, we are committed to protecting your privacy and ensuring the security of your personal and medical information. This policy explains how we collect, use, and safeguard your data in accordance with the UK General Data Protection Regulation (UK GDPR).

1. Data Controller

The Data Controller responsible for your information is: Adebayo Ige Ashcroft Physiotherapy Clinic The Hill Hub, 1a Highfield Road, Dartford, DA1 2JH Email: info@ashcroftphysioclinic.com

2. Information We Collect

To provide safe and effective physiotherapy treatment, we collect the following:

  • Personal Identifiers: Name, date of birth, and contact details (address, email, phone).
  • Medical Records: Health history, assessment notes, treatment plans, and referral letters.
  • Special Category Data: As a healthcare provider, we process sensitive information regarding your physical health.
  • Financial Data: Payment card details and billing history.

3. Why We Process Your Data

We process your information under the following legal bases:

  • Contractual Necessity: To provide the healthcare services you have requested.
  • Health & Social Care (Article 9 UK GDPR): For the purposes of medical diagnosis and the provision of healthcare or treatment.
  • Legal Obligation: To maintain accurate clinical records as required by the Health and Care Professions Council (HCPC).

4. How We Use Your Information

Your data is used specifically to:

  • Assess, diagnose, and treat your physical conditions.
  • Manage your appointments and send reminders.
  • Liaise with other healthcare professionals (e.g. your GP or Orthopaedic Surgeon) to ensure continuity of care.
  • Process insurance claims with providers (e.g. Bupa, AXA) where applicable.

5. Data Sharing

We do not sell your data. We only share your information with third parties when:

  • You give us explicit consent to update your GP or Consultant.
  • It is necessary to process an insurance claim.
  • We use secure third-party clinical software to store your records (these providers are also UK GDPR compliant).
  • We are required to do so by law.

6. Data Retention

In line with UK Medico-Legal requirements, we retain adult clinical records for 8 years following the end of treatment. For children, records are kept until their 25th or 26th birthday. After this period, records are securely destroyed.

7. Your Rights

Under UK law, you have the following rights regarding your data:

  • The Right of Access: You may request a copy of your clinical notes at any time.
  • The Right to Rectification: You can ask us to correct any inaccurate information.
  • The Right to Erasure: You can request the deletion of data (though this may be limited by our legal obligation to keep medical records).
  • The Right to Object: You can opt out of any marketing communications.

8. Security

We employ industry-standard security measures, including encrypted software and secure physical storage, to protect your data from unauthorised access or disclosure.

9. Contact the Regulator

If you have concerns about how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

I Agree
We use cookies to improve your experience, analyze site traffic, and ensure our booking system works reliably. By clicking 'Accept', you agree to our use of cookies. I Agree