General Data Protection Regulation (GDPR)
Back in Shape Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Back in Shape Ltd may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25th May, 2018.
Lawful Basis for Holding and Using Client Information
We need to retain some information in order to provide you with the best possible treatments, support and advice. The lawful basis under which we do so is known as legitimate interest. As we hold special-category data – specifically health-related information – the additional condition under which we keep and use this is to fulfil our role as healthcare practitioners.
What Information Do We Hold and What We Do With It?
In order to give treatments, we naturally ask for and keep information about your health. We only use this to inform decisions in relation to treatments, though, and to give advice as a result of treatments. The information we hold is:
- Your contact details
- Medical history and other health-related information
- Treatment details and related notes
We keep your information for seven years from the date of your last treatment received here. Other than in the unlikely event of being required to do so by law, there are no circumstances under which we transfer information outside the EU, or share your data without your explicit consent.
Protecting Your Personal Data
Back in Shape is committed to ensuring that your personal data remains secure. To prevent unauthorised access or disclosure of information, we use appropriate technical, physical and managerial procedures to safeguard it.
If you don’t agree to our keeping data about you/your treatments, or if you don’t allow us to use the information in the way we need, we may not be able to treat you. We have to keep your records of treatment for seven years from the date of your last treatment, which may mean that even if you ask us to erase your details, we might have to keep them until after that time.
What Are Cookies?
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
GDPR gives you the right...
- To be informed: to know how your data will be held and used – this notice.
- Of access: to see our records of your personal information, so you can verify it.
- To rectification: to make changes to your data if it’s incorrect or incomplete.
- To erasure/the right to be forgotten: to request we erase your information
- To restrict processing of personal data: to request limits on how we use your data
- To data portability: under certain circumstances, you may request a copy of electronically -held personal information so that you can reuse it in other systems.
- To object: to say you don’t want us using parts of your data, or only using it for certain purposes.
You also have rights in relation to automated decision-making and profiling, and the right to lodge a complaint with the Information Commissioner's Office if you feel your data is incorrect, being stored unnecessarily, or used in a way for which you’ve not given permission.
If you’re dissatisfied with our response, you may complain to the Information Commissioner's Office.