Data Protection & Privacy Policy

This privacy notice tells you what to expect when The Artemis Clinic collects your personal information. It applies to information we collect about our clients, current and former staff members and co-workers and requests from the aforementioned in relation to data protection rights, queries and freedom of information.

Updated 21/05/2024

 

1.a. What information do we ask for and why?

 

Your personal data is data which by itself or with other data available to us can be used to identify you. This privacy notice sets out how we will use your data. We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

Most of the personal data we collect is directly from our clients during the initial consultation, this information includes:

• Name, date of birth and contact details including home address, email address, telephone numbers (in order to ensure accurate identification and communication);

• Employment, hobbies and interests (are often relevant to the presenting complaint/s and recovery);

• Medical history both past and current (necessary as may/may not be relevant to presenting complaint/s);

• Medication being taken (necessary as may/may not be relevant to presenting complaint/s);

• Source of introduction to the clinic (to enable us to ascertain where our clients are coming from).

 

1.b. How do we use the information provided to us and how long will we keep it for?

All information provided is used for the purpose of identification, communication, building a medical profile and communication with GP’s/consultants/imaging and testing services/private health insurance companies. We do not share any of the information you provide us with any third parties, apart from those mentioned in 1c. The information you provide will be held securely by us and our data processors whether the information is in electronic or physical format. The clinic keeps client’s paper records for either ten or eight years, depending on the service used. After this time, all paper records are destroyed by cross shredding.  We do not delete client contact details and medical reports/letters from our database to maintain recognition for returning clients. If you would like your contact details deleted from our database, please inform us and this can be facilitated.

1.c. Who has access to the data we gather?

• Our clinic uses Pabau which is a cloud-based practice management system. Client data we enter in Pabau include all the data mentioned in section 1.a., appointment and payment history, medical notes, medical history and private health insurers details. For more information about how Pabau processes data see – https://pabau.com/privacy-policy/ 

• On occasion we email clients exercises via the UK based My Physio Rehab website. Only clients receiving these emails via My Physio Rehab will have their name and email addresses shared with this company. Verbal consent will be obtained prior to this facility being utilised. For their privacy policy see www.myphysiorehab.com/privacy-policy/

• For telecoms the clinic uses BT Cloud Phone which is a cloud-based call-management service that uses the latest VoIP technology. Client data entered into BT Cloud is phone numbers and names. For BT’s privacy policy see www.bt.com/privacy-policy/

• It is occasionally necessary to communicate letters/emails/reports with your GP/consultant/private medical insurance company which will be sent by letter, encrypted email or relevant portals. These communications will include personal contact information and medical reporting/updates. All such communication will be done with your prior verbal consent. The clinic’s IT systems and email services are secured with ESET soft wear.

• We use a third-party provider, Active Campaign, to deliver occasional group emails to those who have consented to receive them. To facilitate this, Active Campaign have access to those clients’ names and email addresses. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletters. For Active Campaign’s privacy policy see www.activecampaign.com/legal/privacy-policy

2.a. Enquiries: People who email us:

We use ESET to protect select email traffic. We also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

2.b. People who make a complaint to us:

If we receive a complaint from a person, we create a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We usually have to disclose the complainant’s identity to whoever the complaint is about and to a legal third party if necessary. This is inevitable where, for example, the accuracy of a person’s record is in dispute.

2.c. Job Applicants, Current and Former Artemis Clinic Staff/Therapists:

The Artemis Clinic is the data controller for the information you provide during the application process. Current and past clinic staff and users will have this data and any subsequent payroll information securely stored in physical or electronic formats. The clinic will keep such paper records for eight years after which they will be destroyed and any data held in electronic format will be permanently deleted.

3.a. Your Rights:

You have rights which you can exercise in relation to the information we hold about you. You can read more about these rights via the Information Commissioner’s Office’s dedicated webpage – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/. You have the right of erasure which is the right to withdraw consent for the clinic to hold your personal details on BT Cloud, My Physio Rehab and Active Campaign. If you have not had treatment your data can be erased from Power Diary. If you have had treatment, the relevant data must be retained as part of your medical record. You may withdraw your consent for us to retain your permissible data at any time and without detriment in relation to your data however it will likely impede your ability to have treatment within the clinic.

3.b. Our Data HandlingQueries or Complaints:

The Artemis Clinic strives to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our procedures are unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. You have the right to complain to the Information Commissioner’s Office (tel. 0303 123 1113) if you feel dissatisfied with our use or handling of your personal data.

3.c. Access to Personal Information:

We aim to be as open as possible in terms of giving people access to their personal information. Individuals can find out if we hold their personal information by contacting us. If we do hold information about you we will: respond within four working days, give you a description of it, tell you why we are holding it, tell you who it could be disclosed to and let you have a copy (on presentation of photographic ID) with no charge.

If you have any queries regarding your data protection rights or requests in relation to the contents of the above, please contact the Data Protection Officer at The Artemis Clinic, Ms Elaine Kythreotis, at office@artemisclinic.co.uk or 020 8777 1500.

Accreditations

  • Massage Beckenham

We Are Registered With

  • Sports Massage Bromley
  • Sports Massage Beckenham
  • Physiotherapist
© 2024 The Artemis Clinic 1st Floor, 106 - 108 High Street, West Wickham, Bromley, Kent BR4 0ND Tel: 020 8777 1500. All images are the property of the Artemis Clinic and are subject to copyright regulations and should not be reproduced. Cookie Policy