top of page

Privacy Policy


1. ABOUT US


In this Privacy Policy references to “we” or “us” or “Flex” or “Flex Physio” are to Flexible Physio & Rehab LTD.


We are the data controller of any personal information you provide to us. This means that we are responsible for complying with data protection laws. This Privacy Policy describes what personal information we may collect from you, why we use your personal information and more generally the practices we maintain and ways in which we use and protect your personal information.

We have appointed a data protection officer to oversee our handling of personal information. If you have any questions about how we collect, store or use your information, you can contact our data protection officer using the details set out in section 14. Contacting us.

2. WE COLLECT INFORMATION ABOUT:
 

  • Previous, current and prospective clients

  • Flex Physio website users

  • Flex Physio Social media users, including: Facebook, Instagram, twitter ect.

  • Business contacts and other suppliers

3. WHEN DO WE COLLECT PERSONAL INFORMATION?
 

We collect information about you:

  • When you contact us via email or our social media platforms

  • When you book a physio or Pilates session

  • When you sign up to our newsletter

  • Whenever you use the Flex Physio website or social media platform

  • If you respond to a customer survey, questionnaire or marketing campaign

  • If you contact us for any other reason

  • From publicly available third-party sources such as the Facebook Pixel and Google Analytics.

4. WHAT PERSONAL INFORMATION DO WE COLLECT AND USE?

If you provide personal information to us about other individuals (for example, purchasing a gift to be delivered to someone else) you agree:
(a) to inform the individual about the content of this Privacy Policy; and
(b) to obtain any consent where we indicate that it is required for the processing of that individual’s personal data in accordance with this Privacy Policy.
Please review the sections below for detailed information regarding the types of personal information we are likely to collect and use about you.

Personal information when you are on the website:

  • General information such as your name, address, contact details, date of birth and gender.

  • When a purchase is made through our website we collect your delivery address and payment details

  • Information obtained through our use of cookies. You can find more information about this in our Cookies Policy

  • Website browsing history

  • Your marketing preferences

  • IP address

  • Device ID information

What personal data we collect when booking an appointment and receiving a physiotherapy, rehab or pilates session: 

  • Full name

  • Age/date of birth

  • Postal address

  • Telephone number

  • Email address

  • Next of Kin

  • GP details, consultant details and also where necessary NHS number.

  • History of presenting condition as well as job title, hobbies, past medical history and medication history.

  • Physical examination

  • Treatment performed

How we protect your personal data.

We require personal information related to your health records to help us understand your physiotherapy related problem and how we can rehabilitate your issue. We also use this data for internal record keeping. With your permission we may contact you with any promotional offers. The demographic, not personal, data that is provided may be used in a nationwide study that gathers information on the effectiveness of Physiotherapy. We may also use this demographic data to customise our website. We will also use your information to communicate with other health professionals who may be involved in your episode of care.

 

We are committed to treating your data with the utmost care and take all appropriate steps to store and protect it in a secure online environment. Access to your stored health records and personal data is password-protected. Access to the Contact Us section of our website which you may complete with personal information is secured by using ‘https’ technology. Personal information we may receive from you via our website or appointment booking system is physically secured via our hosting companies. By having their own data centres, they have built in a secure network infrastructure and do not rely on third-party solution.

5. HOW DO WE COLLECT YOUR INFORMATION?

We collect personal information from a number of different sources, including:

  • Through the process of you purchasing from our website.

  • Through publicly available sources such as internet search engines and social media sites

  • Via Google Analytics and Also use of Pixels – Such as the Facebook Pixel.

  • Through customer surveys and responses to various marketing campaigns and email

  • From your use of our website and cookies

6. CONSENT

How do you get my consent?

When you provide us with personal information to sign up to our mailing list, complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
 

How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at Charlotte.FlexPhysio@gmail.com

7. WIX
 

Our website is hosted on WIX. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through WIX. They store your data on a secure server behind a firewall.

8. PAYMENT:

If you choose a direct payment gateway to complete your purchase, then WIX stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

9 . THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

10. LINKS
 

In an attempt to provide you with increased value, we may from time to time include third party links on our Website. These linked sites have separate and independent privacy policies. We encourage you to review those policies when you visit those sites. This Privacy Policy Statement only covers our Website and does not cover any other website. We therefore have no responsibility or liability for the content and activities of these linked sites.

11. SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

12. COOKIES

We are use cookies to help improve our websites performance. You can choose if you want to opt-out of cookies or not.

13. AGE OF CONSENT

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.

14. HOW LONG DO WE KEEP PERSONAL INFORMATION FOR?

We will only keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Policy and in order to comply with our legal and regulatory obligations. In particular, for so long as there is any possibility that either you or we may wish to bring a legal claim under the insurance policy, or where we are required to keep your personal data due to legal or regulatory reasons. If you would like further information regarding the periods for which your personal information will be stored, please contact us via email at charlotte.flexphysio@gmail.com.

Under data protection law you have certain legal rights in relation to the personal information that we hold about you. You may exercise these rights at any time by contacting us via email charlotte.flexphysio@gmail.com

Please note:

  • in some cases we may not be able to comply with your request (e.g. we might not be able to delete your data) for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can’t comply with your request, we will tell you why.

Your rights include:

  1. The right to access your personal information. You are entitled to a copy of the personal information we hold about you and certain details of how we use it. There will not be a charge for dealing with these requests. Your information will usually be provided to you in writing, unless otherwise requested, or where you have made the request by electronic means, in which case the information will be provided to you by electronic means where possible.

  2. The right to rectification. We take reasonable steps to ensure that the information we hold about you is accurate and complete. However, if you do not believe this is the case, you can ask us to update or amend it.

  3. The right to erasure (also known as ‘the right to be forgotten’). In certain circumstances, you have the right to ask us to erase your personal information. Examples would include where the data is no longer required for the original purpose, consent has been withdrawn and there no overriding ground for continuing the processing, or for compliance with the national law.

  4. The right to restriction or suspension of processing. In certain circumstances, such as a question over its accuracy, you are entitled to ask us to stop using your personal information or to suspend its use.

  5. The right to data portability. In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice.

  6. The right to object to marketing. You can ask us to stop sending you marketing messages at any time.

  7. The right to lodge a complaint with the ICO.

We would hope that you will always raise any issues with us first, and that we will be able to resolve them to your satisfaction. However, if this isn’t possible then you always have a right to complain directly to the Information Commissioner’s Office (ICO) if you believe that any use of your personal information by us is in breach of applicable data protection laws and regulations.
Please see below for contact details of the ICO:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Email: casework@ico.org.uk
Making a complaint will not affect any other legal rights or remedies that you have.

15. UPDATES TO THIS PRIVACY POLICY
 

From time to time we will make changes to this Privacy Policy, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. You should check our website periodically to view the most up-to-date Privacy Policy. This Privacy Policy was last updated on 13/10/2024.

bottom of page