Cambridge Physiotherapy Clinic
Privacy Notice & Privacy Policy
Version Date: May 2026
Cambridge Physiotherapy Clinic is committed to protecting your personal information and respecting your privacy. This Privacy Notice explains how we collect, use, store and protect your personal data in accordance with UK GDPR and the Data Protection Act 2018.
1. Who We Are
Cambridge Physiotherapy Clinic is the data controller responsible for your personal data.
Address: Unit A Magog Court, Hinton Way, Cambridge CB22 3AD
Telephone: 01223 211606
Website: www.cambsphysioclinic.co.uk
2. The Information We Collect
We may collect and process the following information:
- Personal details such as name, address, date of birth, email address and telephone number
- Medical and health information relevant to your assessment and treatment
- GP and referrer details
- Appointment and attendance records
- Payment and billing information
- Website usage data and cookies
- Communication records including emails, phone calls and messages
3. Special Category Health Data
As a healthcare provider, we process special category health data to provide safe and appropriate assessment and treatment. This may include medical history, symptoms, diagnoses, medication, treatment plans and clinical notes.
4. How We Use Your Information
We use your information to:
- Provide physiotherapy and related healthcare services
- Manage appointments and communicate with you
- Maintain clinical records
- Process payments and invoices
- Send appointment reminders and service information
- Improve our services and website
- Meet legal and professional obligations
5. Lawful Basis for Processing
We process personal data under the lawful bases of:
- Provision of healthcare services
- Performance of a contract
- Legitimate interests
- Legal obligations
- Consent where required
6. Sharing Your Information
We may share information where appropriate with:
- Your GP or referrer
- Other healthcare professionals involved in your care
- Insurance companies where relevant
- Professional advisers or regulatory bodies where legally required
- Trusted third-party service providers who support clinic operations
7. Third-Party Systems & Processors
We use trusted third-party providers to support our services, including practice management, secure communications, payment processing, marketing and website hosting. These providers are required to keep your information secure and confidential.
8. AI-Assisted Documentation
We may use approved AI-assisted transcription or documentation tools to support clinical note taking and administration. Any such systems are subject to confidentiality, security and data protection requirements.
9. Communication Methods
We may contact you by telephone, SMS or email regarding appointments, clinic administration and service updates. Standard email is not always fully secure and patients choosing to communicate via email should be aware of this.
10. Marketing Communications
Where you have consented, we may send newsletters, clinic updates or health information. You may unsubscribe or withdraw consent at any time.
We retain records in accordance with legal, regulatory and professional requirements. Clinical records are retained for the required retention periods applicable to healthcare providers.
12. Keeping Your Information Secure
We use appropriate physical, electronic and organisational measures to protect personal information from unauthorised access, loss, misuse or disclosure.
13. Website Cookies & Analytics
Our website uses cookies and analytics tools to improve website performance and user experience. Further details are available in our Cookie Policy.
14. Your Rights
Under UK GDPR, you have rights including:
- Access to your personal data
- Correction of inaccurate information
- Restriction of processing in certain circumstances
- Objection to processing
- Withdrawal of consent where applicable
- The right to complain to the Information Commissioner’s Office (ICO)
15. Subject Access Requests
Requests for copies of your records or information may be made verbally or in writing. We may request proof of identity before releasing information.
16. Third-Party Websites
Our website may contain links to external websites. We are not responsible for the privacy practices or content of third-party websites.
17. Changes to This Privacy Notice
We may update this Privacy Notice from time to time. The latest version will always be available on our website.
18. Contact Details
19. Complaints
If you are unhappy with how we handle your information, you may contact the Information Commissioner’s Office (ICO).
Website: www.ico.org.uk
This Privacy Notice should be read alongside our Terms & Conditions and Cookie Policy.