JK Physio : Privacy Policy
The website address is: https://jkphysio.co.uk.
Google reCAPTCHA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Cookies
To enable us to monitor and improve the website, we may gather certain information about you when you use it, including details of your operating system, browser version, domain name and IP address, and the details of the website you came from.
www.JKPhysio.co.uk uses cookies. Cookies are small files that are placed on your computer by your browser which allow us to remember you each time you visit. Cookies contain no personal details about you and they can be disabled by changing your browser preferences. Google Analytics is also used to track website trends without identifying individual visitors. The cookie used by Google Analytics stores information such as what time the current visit occurred, whether the visitor has been to the site before, and what site referred the visitor to www.JKPhysio.co.uk.
When using www.JKPhysio.co.uk website you consent to the collection and use of this information. If you do not wish to have this information collected please change your computer’s security settings to block cookies. However, blocking cookies may restrict access to the website.
You may change your Cookie Preferences by clicking here: Cookie Settings
PRIVACY
Why do we collect personal information about you?
JK Physio collects personal information about you to inform you about, and provide you with services, to deal with any enquiries you may have and to improve and develop these and the site for the future.
JK Physio collects the following types of personal information about you:
~ Identity data – 1st name and surname, gender and marital status (optional), date of birth, medical information.
~ Contact data – E-mail address, phone number and address.
~ Transaction data – Details of the JK Physio services or products you have purchased from us and information about whether or not payment has been made.
~ Profile data – Details of your interests and preferences, feedback and survey responses.
~ Marketing and communications data – Details of your preferences in receiving marketing and communication from us.
Depending on your settings or the privacy policies for other online services, you may give us permission to obtain information from your account with those other services. For example, if you are using the site on your mobile, you may choose to provide us with location data. The information we obtain from those services does depend on your settings for that service or their privacy policies. So you should always regularly check what those are.
How do we receive personal information about you?
JK Physio receives your personal information directly from you when you contact us in person, by email, telephone or visit the JK Physio website and request to purchase a product or service, to make a general enquiry, to book an appointment, to provide us with feedback or to request marketing information.
How do we use Personal Information about you?
We will only use your personal data when the law allows us to – where we need to perform a contract with you, where necessary for our legitimate interests where those do not override your interests and rights, for legal compliance and where none of those apply, with your consent.
JK Physio uses personal information about you:
~ to identify who you are when you contact us.
~ to provide you with the JK Physio services or products you have requested ( we may not be able to perform a contract to provide services or products if you fail to provide certain of the information requested).
~ to ensure payment for JK Physio services or products purchased and to prevent or detect fraud.
~ to understand what JK Physio services or products you may be interested in.
~ to contact you regarding your JK Physio services or products to provide you with e-receipts, to answer your general enquiries or other related communications.
~ to contact you regarding your JK Physio services or to update you regarding your bookings.
~ to improve JK Physio services and to carry out customer surveys.
~ to resolve complaints or issues you may have with a JK Physio service or product.
~ to send you marketing information about JK Physio services, products or general JK Physio news that you may be interested in, if you have opted into receiving this service.
~ to invite you to JK Physio events you may be interested in.
~ to improve our customer relationship with you.
How will we contact you?
JK Physio may contact you by post, telephone, email and/or text message, unless you have told us not to.
TREATMENT PRIVACY
We store your digital information on our password protected record system.
If we receive anything on paper, the information will be entered into our system or scanned on. Once complete the paper copies will be shredded.
We collect this information to ensure we are carrying out safe, risk-assessed treatment. We may also use this information when contacting your General Practitioner, Consultant, Surgeon or other medical practitioner. We will always ask your permission before doing this.
Every so often, we may use your email address to send you offers or newsletters. These will always be relevant to our healthcare services and we only send information we believe to be beneficial to you. You will always have the option to unsubscribe from these emails.
Clinical Notes
We use a hosted system called TM3 to book appointments and store patients’ records.
TM3 have a dedicated infosec team to ensure all data of clients is protected to the highest possible level. All data is stored in ISO27001 accredited, highly secure and monitored datacentres. Our data is hosted in the UK.
https://www.tm3practicemanagement.com
TM3 acts as our data processor, i.e. they store data only and have no decision making in changing or editing your data – JK Physio is the data controller.
As with form-based information, any medical notes completed by a practitioner from your appointment will be entered on to our password protected record system. No one will have access to these notes apart from a member of staff at JK Physio, and any medical persons given permission by you to access them.
This includes the reception team, your personal practitioner and all other practitioners. They cannot be accessed by anybody else. Paperwork awaiting entry onto our system is locked away securely until shredded. All computers and phones are locked away when the clinic is closed.
AI Listening Tool : Heidi
We may use an AI listening tool during assessment and treatment with your verbal consent. The application used is Heidi, and the information taken is held outside of our hosted system TM3 and stores no personal data such as name, address, DOB etc. The formatted information is copied across into your records in TM3 following the assessment. This technology helps streamline documentation and allows more focus on care and less on administrative tasks. For more information:
https://www.heidihealth.com/uk/compliance/gdpr
Please note that we may, in some cases, need to disclose details provided by you to police/other enforcement agencies to assist with investigations when required to do so, by law.
We take every precaution to ensure that your personal information is safe and secure, and only used for its intended purpose as described in this policy.
Retention Policy
Medical records will be retained for at least eight years from the last treatment date for adults and up to the age of 25 years old for children (under 18) in order to meet professional healthcare record management guidance as set out by the Chartered Society of Physiotherapy. We may keep medical records for longer than 8years unless you ask us to destroy them, in which case, they will be destroyed immediately. Please contact us in writing/email to do so.
Data Storage
All data is held within the UK. JK Physio does not store personal data outside the EEA.
Your rights under GDPR
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
If you have any questions about the protection of your data, please e-mail us at
We will make every effort to respond to any query in a satisfactory way.
Marketing & Newsletters
Our ‘sign-up forms’, both electronic and physical, are designed to ensure the user understands that they are signing up to communications which will include news from JK Physio, and marketing campaigns. By signing up to the JK Physio Database, individuals are agreeing that we have a lawful basis for collecting and processing personal data. Unless otherwise instructed we will hold this information for ten years, at which point you may be contacted to reconfirm your subscription.
By the definitions of GDPR JK Physio is the ‘controller’ of your data, the organisation MailChimp is the ‘processor’ of your data. Subscribers personal details will be transferred to MailChimp, the applicable activities performed by MailChimp are: data collection through electronic sign up forms, storage of personal data in distribution lists and the transfer of personal data to certain of MailChimp’s sub-processors, who perform critical support for their services. Mailchimp’s servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. The legal ground for transferring personal data set out in the GDPR allows for an ‘adequacy decision’ – a decision by the European Commission that an adequate level of protection exists for personal data in the country, territory or organisation to which it is being transferred. A ‘Privacy Shield’ framework is one such example. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield Framework. They are committed to subjecting all Personal Information received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles.
GDPR also stipulates an individual’s ‘right to be forgotten’. To this end if you do not wish to receive any further emails from us please use the “unsubscribe” link found in all email communications. Alternatively send your unsubscribe request to . Please allow a few days for the request to process.
For the avoidance of doubt, JK Physio will not pass data to any third parties except to enable you to receive information you have requested to be sent to you by post or email.
Our site may link to other websites and we are not responsible for their data policies or procedures or their content.
If you are concerned about how your data is stored please contact us by email for further information; if you are not satisfied with our response you have the right to complain to the Information Commissioners Office (ICO) ICO Wycliffe House, Water Lane, Wilmslow, SK9 5AF Telephone +44 (0) 303 123 1113