Privacy Policy for Vitalis Physio

Effective Date: 8th April 2025

1. Who We Are

Vitalis Physio (“we”, “our”, or “us”) provides physiotherapy services in the UK. We are committed to protecting the privacy and personal data of our website visitors, clients, and anyone we interact with.

For the purpose of the UK General Data Protection Regulation (UK GDPR), the data controller is:

Vitalis Physio
25 Oxford Road, Benson, Wallingford, OX106LX United Kingdom 
info@vitalisphysio.com
07432690233

2. What Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Full name, date of birth, gender

  • Contact Data: Address, email, phone number

  • Health Data: Medical history, diagnosis, treatment plans (collected only when necessary for providing services)

  • Usage Data: How you use our website (pages visited, links clicked)

  • Technical Data: IP address, browser type, time zone, cookies

3. How We Use Your Data

We use your data to:

  • Deliver physiotherapy and healthcare services

  • Respond to enquiries or appointment bookings

  • Maintain patient records securely

  • Improve our website and services

  • Comply with legal or regulatory obligations

We will never sell or rent your data to third parties.

4. Legal Basis for Processing

We only process your data where we have a legal basis to do so:

  • Consent: Where you have given clear permission (e.g. signing a consent form)

  • Contract: When processing is necessary to deliver a service you requested

  • Legal Obligation: To comply with UK laws

  • Legitimate Interest: For business functions like service improvements

  • Vital Interests: In rare cases, to protect someone’s life

5. How We Store Your Data

All personal data is stored securely in accordance with UK data protection law. Medical records are kept for the legally required minimum retention period and then securely deleted or archived.

6. Sharing Your Data

We only share your personal data when:

  • You provide written consent (e.g. referring to a GP or specialist)

  • Required by law or regulatory authorities

  • Necessary to deliver healthcare in collaboration with another provider

All third-party processors we use (e.g. booking platforms, email providers) comply with UK GDPR.

7. Your Data Rights

Under the UK GDPR, you have the right to:

  • Access your personal data

  • Correct any inaccurate or incomplete data

  • Request deletion of your data (“right to be forgotten”)

  • Restrict or object to processing

  • Data portability (in certain circumstances)

  • Withdraw consent at any time

To exercise these rights, contact us at info@vitalisphysio.com.