10Bridge Physio Ltd takes your privacy and the privacy of referred clients’ extremely seriously. This policy sets out how we collect and process any personal data provided to us when using our services and website www.10bridgemedicalltd.co.uk
10Bridge Physio Ltd have appointed a Data Protection Officer who will be responsible for privacy matters and the protection of personal data we hold as an organisation, their details are below:
Name: Darren Kewley
Telephone number: 01244 303 460
10Bridge Physio Ltd is a company registered in England and Wales registration number 08034973 whose registered office is:
10 Bridge Medical Ltd
Off Church Street
If you are unhappy with the way we collect or process your or your referred clients’ personal information, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) who are the UK’s supervisory authority for data protection.
Complaints and concerns can be lodged with the ICO via this link: https://ico.org.uk/concerns/
We kindly ask that before any complaints are lodged with the ICO, that you contact us first to try and resolve any issues you may have.
Personal information we may collect and process from you or your company includes:
Sensitive personal data
Under the General Data Protection Regulation/Data Protection Act 2018, sensitive personal data is data which includes information about a person’s race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about a person’s health and genetic and biometric data.
10Bridge Physio Ltd does collect sensitive personal data as part of our service. When we do this, we will either gain your or your referred clients’ explicit consent, or we will use the data in the pursuit of a legal claim on your or your referred clients’ behalf.
We will only use your or your referred clients’ personal data for the following reasons:
We can collect data about you or your referred clients’ via a variety of methods:
We have identified that we will use your or your referred clients’ information for the following reasons:
Where we rely on consent as a lawful purpose for processing your or your referred clients’ sensitive personal data, you or your referred clients’ have the right to withdraw consent (where applicable) at any time by contacting our Data Protection Officer.
We need to share your or your referred clients’ information with third parties in order to provide our services, these third parties include:
Where we do share information with third parties, we ensure that the highest levels of data protection are in place in accordance with the law.
Third parties with whom we share data are only permitted to process this data for the specified purposes we stipulate with them.
We do not sell your or your referred clients’ information on to third parties.
Where possible, we ensure that data is stored within the European Economic Area (EEA), however some of our storage locations and service providers may be hosted outside of the EEA. When we do need to transfer personal data out of the EEA, we ensure one of the following safeguards are in place to provide a similar level of security of data:
If none of these safeguards are available, we will only transfer the data with your or your referred clients’ explicit consent – which can be removed at any time by contacting us.
Please contact our Data Protection Officer if you want further information on the specific mechanism used by us when transferring your or your referred clients’ personal data out of the EEA.
Personal information will be retained in accordance with our Data Retention Policy which categorises all of the data assets held by us and specifies the appropriate retention period for each data asset.
These periods are based on the requirements to keep the data for as long as necessary to fulfil the purpose for which it was collected, to meet any legal requirements or to satisfy any reporting, accounting or contractual needs.
Under the Data Protection Act (2018), you or your referred clients’ have certain rights regarding personal data, these include the right to:
You or your referred clients’ may exercise any of these rights by raising a Subject Access Request with us. This can be done by contacting our Data Protection Officer.
We will not charge you or your referred clients’ for making a request and we will make all reasonable efforts to respond within 30 days. Sometimes it may take longer than 30 days to gather all the information we may hold, in this situation we will keep all parties updated at all times.
We may refuse your or your referred clients’ request or withhold any personal information that is requested if there is an overriding legal reason for us to do so.
10Bridge Physio Ltd takes the security of your and your referred clients’ information extremely seriously. In order to protect this data, we implement a risk-based approach to adopt the strongest organisational and technical controls in order to protect the confidentiality, integrity and availability of the data.
We keep this policy under regular review. This policy was last reviewed on 7th June 2018.
©2019 10 Bridge Medical Limited. All rights reserved
Made by Essential Design (NW) Ltd