HOME PHYSIO GROUP PRIVACY POLICY

 

1.         INTRODUCTION

We, Home Physio Group Limited (HPG) are committed to protecting the privacy of all those whose personal data is processed by HPG or on our behalf by independent contractors and service providers. Please read the following privacy policy that explains how we use and protect your information.

You may be reading this privacy policy for a range of reasons, for instance, you may be a (i) a visitor to homephysio.com (our website); (ii) a chartered physiotherapist treating patients on a part-time or full-time basis; (iii) a patient of HPG; or (iv), a supplier to HPG.

Paragraphs 1 to 12 of this policy apply to you whichever category you fall into. However, to help you locate the information that is most relevant to you, specific information in relation to our use of your personal information can be found here: 

 

2.         HPG AS DATA CONTROLLER

HPG is the data controller of all personal information about you that is processed by HPG or on our behalf.

3.         CONTACT DETAILS

If you have any queries or requests concerning this privacy policy or how we handle your personal data more generally, please get in touch with us by contacting our general support team at: info@homephysio.com.

4.         THE BASIS ON WHICH YOUR INFORMATION IS PROCESSED

The data we collect from you will be processed only if there is a reason for doing so, and if that reason is permitted under data protection law. There will be a lawful basis for processing your information: If it is necessary to perform or enter into our contract with you; if we have a legitimate interest for processing your data; if you have provided your consent; it is necessary for health or social care purposes; or if we are under a legal obligation to do so.

Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in paragraph 10 below.

5.         HOW WE SHARE INFORMATION

The personal information we are holding about you may be shared with and/or processed by:

     the physiotherapists that provide treatment;

     relatives of patients;

     healthcare practitioners;

     social workers involved in the care of patients;

     our service providers, such as our practice management system for healthcare practitioners, marketing automation provider, technology (including cloud) service providers payment providers, marketing analytics providers, banks, and other support providers;

     our professional advisors (such as our lawyers, accountants and auditors); or

     another organisation to whom we may transfer our agreement with you, or if we enter into a joint venture with, purchase or are sold to or merged with another business entity.

6.         DIRECT MARKETING

Where we have a legitimate interest for doing so (and are permitted to do so by law) we will use your information to let you know about our other activities and opportunities that may be of interest to you and we may contact you to do so by email. You can withdraw your consent or opt out of receiving our marketing communications at any time. You may opt-out of receiving marketing communications and updates at any time. Additionally, you can control your email marketing preferences by doing the following:

    For marketing purposes: You can manage your receipt of marketing communications by clicking on the “unsubscribe” link located on the bottom of HPG marketing emails, or by emailing info@homephysio.com.

7.         SECURITY

We adopt robust technologies and policies such as encrypted servers and security protocols to ensure the personal information we hold about you is suitably protected.

We take appropriate technical and organisational measures to protect your information from unauthorised access and against unlawful processing, accidental loss, destruction and damage.

8.         THIRD PARTIES 

This privacy policy does not apply to information processed by our business partners or other third parties, including practice management software platforms and providers. 

Our website may contain links to third parties which we do not own or control – this privacy policy does not apply to these third-party websites that are accessible from, or referenced on, our website. We are not responsible for the privacy policies of other websites, and encourage you to read all applicable terms, conditions and privacy polices when using other websites. 

9.         RETENTION OF YOUR INFORMATION

We will not retain your information for any longer than we think is necessary.

Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Legal Grounds and Purposes of Processing” sections.

When determining the relevant retention periods, we will take into account factors including:

     our contractual obligations and rights in relation to the information involved;

     legal obligation(s) under applicable law to retain data for a certain period of time;

     statute of limitations under applicable law(s);

     our legitimate interests for your benefit;

     (potential) disputes; and

     guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your information where we no longer require your information for the purposes collected. We will keep basic data to identify you and retain it solely for preventing further unwanted processing.  Unless we are required or permitted by law to hold on to your information for a specific retention period, we may retain your information for the following purposes and periods:

     casual visitors to our website:

o   IP addresses and related data: up to 13 months (i.e. the maximum period that cookies on our website hold this information);

o   Information you submit via the “Contact us” and the “Live Chat” function”: 6 years from the point the information is submitted; 

 

     our patients: 6  years from the point you cease to be an HPG patient;

     our independent contractors (physiotherapists): 6 years from the point you cease to be an independent contractor for HPG; and

     our suppliers: 6 years from the point you cease to be an HPG supplier.

10.       YOUR RIGHTS

Under data protection law, you have a number of rights concerning the data we hold about you. If you wish to exercise any of these rights, please contact our general support team using the contact details (info@homephysio.com) set out above. For additional information on your rights please contact your data protection authority and see below.

The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.

The right of access. You have the right to request certain information about, access to and copies of your personal information (if we’re processing it).

The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete.

The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of certain of the information that we hold about you. However, please note that this will not apply if we are required to retain the information for compliance with a legal obligation.

The right to restrict processing. You have rights to request that we stop using your personal information or limit the way in which we use it. When processing is restricted, we can still store your information, but will not use it further.

The right to data portability. You have the right to request that we return your personal information in an accessible and transferrable format, or that we send it directly to another company, where technically feasible;

The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with your national data protection authority. If you are in the UK, this is the ICO – https://ico.org.uk . The postal address is Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

The right to withdraw consent. If you have given your consent to anything we do with your information (i.e. where we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time.

The right to object to processing. You have the right to object to certain types of processing where we use it for our legitimate interests or for marketing purposes.

11.       COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website or platform may become inaccessible or not function properly.

12.       CHANGES TO OUR PRIVACY POLICY

Any changes to our privacy policy will be posted to our website and, where appropriate, we will notify you of the changes for example by email or push notification. This privacy policy was last updated on 23 November 2022.

 

       

 

ANY VISITOR TO THE HPG WEBSITE

1.         INFORMATION WE COLLECT FROM YOU

     your IP address;

     other location data;

     device information, such as your hardware model, mobile network information, unique device identifiers;

     your cookie preferences;

     any information you submit via the “Contact us” or “Live Chat” functions (e.g. name, patient postcode, email address, phone number and message); and/or

     any other personal information that you otherwise send to us.

2.         HOW WE COLLECT YOUR INFORMATION

We collect information when you:

     visit our website, browse its pages, or when you return; and/or

     you submit a message to us via the “Contact us” or “Live Chat” functions.

Some of the information is collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies which are active on our website

LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is in our legitimate business interests to do so: to monitor and perform analytics in respect of who is visiting our website; to consider and respond to your message or request.

       

 

 

HPG PATIENTS

 

1.         INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

     your name;

     email and/or postal address;

     date of birth;

     health data; and/or

     any other personal information that you supply to us.

2.         HOW WE COLLECT YOUR INFORMATION

We collect your personal information when you complete an appointment form, or otherwise contact us directly via email, phone, post, message.

3.         LEGAL GROUNDS AND PURPOSES OF PROCESSING

Consent: where we have requested your consent and you have provided it (e.g. patient treatment forms).

It is in our legitimate business interests to do so: to keep internal records for administration purposes; to communicate with you (including with regard to your treatment, our services and fees); to tailor marketing communications about our services to your needs and preferences; to enable our support team to help you with any enquiries or questions in the most efficient way possible; to contact you for your views and feedback on our services; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; to gain insights into market trends and demographics; to develop our services so as to optimise experience for you or other patients in the future; and to send you marketing information about products and services which we think may be of interest to you.

4.         SPECIAL CATEGORIES OF INFORMATION

In respect of any information about your health (including any medical condition, health and sickness records, as well as, x-rays, hospital discharge reports and letters from health professionals such as general practitioners), we will process such special categories of personal data on the following ground:

It is necessary for health or social care purposes: we will use information relating to your physical and mental health for the purposes of preventive or occupational medicine, medical diagnosis or the provision of health care or treatment.

5.         HOW WE SHARE INFORMATION

In addition to the parties set out in paragraph 5 at the front of this privacy policy, the personal information we are holding about you may on the legal grounds set out in this privacy policy be shared with and processed by our independent contractors and other service providers.

       

 

 

INDEPENDENT CONTRACTORS (INCLUDING CHARTERED PHYSIOTHERAPISTS)

1.         INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

     your name;

     email and/or postal address;

     gender;

     date of birth;

     employment history and experience (both personal and professional);

   professional qualifications from the Health & Care Professions Council and the Chartered Society of Physiotherapy);

     references from previous employers;

     interview notes;

     next of kin, spouse or other beneficiaries;

     bank details for payment by us;

     disciplinary records, performance records, or performance feedback;

     timesheets; and

     other personal information that you may supply to us.

2.         HOW WE COLLECT YOUR INFORMATION

We collect information when you:

     make an application to work for us, or attend an interview with us; and/or

     commence providing  professional services to us.

3.         LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is in our legitimate business interests to do so: to keep independent contractor records for administration purposes; to assess your continued suitability for a role and planning progression; for promoting the business publicly; to contact you (and other individuals) and to enforce our contractual terms with you and to defend legal claims or otherwise protect our rights as a business. 

Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements, such as to create a record of your services for us.

4.         HOW WE SHARE INFORMATION

In addition to the parties set out in paragraph 5 of the front of this privacy policy, personal information we are holding about you may on the legal grounds set out in this privacy policy be shared with and processed by our service providers. 

       

 

OTHER SUPPLIERS TO HPG 

1.         INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

     your name;

     email address;

     job title;

     your company or organisation;

     details of previous work you have completed for us; and/or

     bank details for payment by us.

2.         HOW WE COLLECT YOUR INFORMATION

We collect information when you:

     contact us in connection with the services you provide to us; and/or

     invoice us for work completed (including payment details).

3.         LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is necessary for the performance of our contract or for the purposes of entering into a contract: in order to negotiate, enter into and undertake our contractual obligations to you (for instance to make payments to you).

It is in our legitimate business interests to do so: to tailor marketing communications to your needs and preferences; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; to present you with new opportunities and ways to work with us.

It is in our legitimate business interests to do so: to keep internal records for administration purposes; to communicate with you (including with regard to services and fees; to enable our support team to help you with any enquiries or questions in the most efficient way possible; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; or to obtain evidence of identity and credit history.

 

Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements, such as to create a record of your transaction with us.