top of page

Privacy Policy

 

Privacy Policy – Telford Osteopaths

Last updated: May 2026

Introduction

This Privacy Policy explains how Telford Osteopaths (“we”, “us”, “our”) collects, uses, stores and protects your personal information when you use our website, contact the clinic or receive treatment.

We are committed to handling your personal data in a lawful, transparent and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We may update this Privacy Policy from time to time. Please check this page periodically for any changes.

Who We Are

Telford Osteopaths is the Data Controller responsible for your personal data.

Clinic Name: Telford Osteopaths
Email: telfordosteopaths@gmail.com
Phone: 07480699221
Website: www.telfordosteopaths.org

What Personal Data We Collect

Personal Information

We may collect and process the following information:

  • Full name

  • Email address

  • Telephone number

  • Postal address

  • Date of birth

  • Appointment history

  • Information submitted through website contact forms

  • Preferences relating to appointments or communication

Health Information (Special Category Data)

As an osteopathic clinic, we also collect health-related information necessary for safe and appropriate care. This may include:

  • Medical history

  • Current symptoms and health concerns

  • Treatment records and clinical notes

  • Medication information

  • Allergies

  • Lifestyle factors relevant to musculoskeletal care

  • Information discussed during consultations

Health information is classified as Special Category Data under UK GDPR and is handled with strict confidentiality.

How We Use Your Data

We use your personal data to:

  • Provide osteopathic treatment and musculoskeletal care

  • Maintain accurate clinical records

  • Arrange and manage appointments

  • Communicate about your care

  • Respond to enquiries

  • Improve clinic services and website performance

  • Meet legal, professional and regulatory obligations

  • Send clinic updates or marketing communications where consent has been provided

If you do not provide relevant clinical information, we may be unable to provide treatment safely.

Lawful Basis for Processing

Clinical Care and Treatment

  • Article 6(1)(b) – Contract
    Processing is necessary to provide healthcare services requested by you.

  • Article 9(2)(h) – Healthcare Provision
    Processing is necessary for the provision of healthcare by a regulated professional.

Appointment Management

  • Article 6(1)(f) – Legitimate Interests
    We use your information to manage appointments and support continuity of care.

Clinical Record Keeping

  • Article 6(1)(c) – Legal Obligation
    We are required to maintain healthcare records in line with professional obligations.

  • Article 9(2)(h) – Healthcare Provision

Marketing Communications

  • Article 6(1)(a) – Consent
    We only send marketing emails or newsletters where you have provided consent. You may withdraw consent at any time.

Website Analytics

  • Article 6(1)(f) – Legitimate Interests
    We may use anonymised website analytics to improve website performance and user experience.

 

Data Retention

We only retain personal data for as long as necessary.

Typical retention periods include:

  • Clinical records: Minimum 8 years after your last appointment

  • Children’s records: Until age 25 where applicable

  • Marketing preferences: Until consent is withdrawn

  • Website enquiries: Up to 12 months unless treatment begins

  • Financial records: 7 years for accounting and HMRC purposes

After retention periods expire, data is securely deleted or destroyed.

Who We Share Your Data With

We do not sell your personal data.

We may share information where necessary with trusted third parties involved in delivering clinic services, including:

Practice Management Systems

We may use secure software providers to manage:

  • Clinical records

  • Appointment scheduling

  • Patient communications

These providers are required to maintain confidentiality and comply with UK GDPR requirements.

Administrative Support

Reception or administrative staff may have limited access to appointment and contact information where necessary for clinic operations.

Treating Practitioners

Your practitioner may access clinical records relevant to your care.

Legal or Regulatory Requirements

We may disclose information where required by law or professional obligations.

International Data Transfers

Some third-party systems used by the clinic may process data outside the UK.

Where international transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or equivalent protections under UK GDPR Article 46.

We assess providers carefully to ensure appropriate security and confidentiality standards are maintained.

Data Security

We take reasonable and appropriate steps to protect your personal information.

Measures include:

  • Secure password-protected systems

  • Restricted access to clinical information

  • Secure storage of paper records

  • Staff confidentiality training

  • Regular system maintenance and security procedures

Use of AI-Assisted Tools

Telford Osteopaths may assess or introduce secure AI-assisted tools to support administrative or clinical processes.

This could include tools designed to assist with:

  • Clinical note organisation

  • Administrative efficiency

  • Appointment communication

Any AI-assisted technology used:

  • Would act only as an assistive tool

  • Would not replace practitioner judgement

  • Would not make clinical decisions

  • Would remain subject to practitioner review

  • Would operate under appropriate confidentiality and data protection controls

We will update this Privacy Policy if AI-assisted systems are introduced into active clinical use.

Cookies

Our website may use cookies to:

  • Analyse website traffic

  • Improve website functionality

  • Remember user preferences

Cookie data does not usually identify you personally.

You can manage cookie settings through your browser.

For more information visit:
www.allaboutcookies.org

External Links

Our website may contain links to external websites. We are not responsible for the privacy practices or content of third-party websites.

Your Rights Under UK GDPR

You have the right to:

  • Access your personal data

  • Request correction of inaccurate information

  • Request deletion of data where applicable

  • Restrict processing

  • Object to processing

  • Request transfer of your data

  • Withdraw consent for marketing

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

We aim to respond to requests within one calendar month.

Managing Your Information

Marketing Preferences

You can withdraw consent for marketing communications at any time by:

  • Clicking “unsubscribe” in emails

  • Contacting the clinic directly

Subject Access Requests

Requests for copies of your personal data can be made by email or in writing. We may request proof of identity before releasing information.

Complaints

Contact Telford Osteopaths

If you have concerns about how your data is handled, please contact us first.

Email: telfordosteopaths@gmail.com
Phone: 07480699221

We aim to respond to complaints promptly and fairly.

Information Commissioner’s Office (ICO)

You also have the right to contact the ICO.

Website: www.ico.org.uk
Phone: 0303 123 1113
Address:
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be published on this page.

bottom of page