Cookie Policy

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. By choosing this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

Recipients of your data

Your information is provided to GPs, Consultants, Insurance Companies, hospitals and other health professionals directly linked to your treatment and with your consent.

If you have been referred for an NHS package of care, we are required to send a letter on discharge to your GP.

During your medical treatment you will be asked to consent to the transmission of this information.  In some instances, you will be able to withdraw your consent and the implications of this will be made clear to you during the consultation (as this may not be in your best interests).

We do not pass on your information to any other parties, unless required to by law or in connection with the sale or purchase of our business or assets.

Security of your data

We have taken all reasonable steps to ensure that we and our Data Processors adapt Industry standard security protection systems to ensure the security of your data.

In some instances, your email address and credit card details are stored in locations other than the EEA (USA) and in this instance, we have assured ourselves that the Data Processor is aware of their responsibilities for the privacy and security of your data under GDPR. All other data is stored in the EEA.

We adhere to the guidelines from our industry bodies such as the Chartered Society of Physiotherapy, Health & Care Professions Council, NHS and General Osteopathy Council, regarding the retention periods of your medical and contact data, which will be at least for 8 years from last treatment or until the age of 25.

All other data will be kept only as long as is required by law or for performance of our contract of services with you.

Transmitting your personal data via the internet

The transmission of information via the internet is not completely secure. We cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.

Credit/Debit Card payments

We never collect or store your payment card details, because they are processed either in person or by telephone via a third-party payment gateway. For credit card transactions made by telephone, the payment card details are cross-shredded immediately.

We cannot accept credit/debit card payments by email and will decline to accept payment by that means.

We only use PCI-DSS complaint payment systems procured from reliable third- party providers.

Your rights under GDPR

The GDPR provides the following rights for individuals: (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/)

• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• Rights in relation to automated decision making and profiling

If you would like to exercise any of your rights please email us info@theforgeclinic.com or write to us at The Forge Clinic, 37 Red Lion Street, Richmond, Surrey, TW9 1RJ.  We will make every effort to respond to your queries promptly and to your satisfaction.

However, if you are still not satisfied, you have the right to complain to the Information Commissioners Office (ICO).  Follow the link below to report a concern to the ICO.

https://ico.org.uk/concerns/ by telephone on 0303 123 1113 (local rate) or 01625 545 745.

Changes to our Privacy Notice

Any changes we may make to our Privacy Notice in the future will be posted on this page and, where appropriate, notified to you by e-mail.

25^th May 2018