Privacy Policy

Privacy Policy

Version Date: January 1st 2020
We are committed to protecting and preserving the privacy of our visitors when visiting our site or communicating electronically with us.
This policy sets out how we process any personal data we collect from you or that you provide to us through our website. We confirm that we will keep your information secure and that we will comply fully with all applicable UK Data Protection legislation and regulations. Please read the following carefully to understand what happens to personal data that you choose to provide to us, or that we collect from you when you visit this site. By visiting our website you are accepting and consenting to the practices described in this policy.
Types of information we may collect from you

We may collect, store and use the following kinds of personal information about individuals who visit and use our website:

Information you supply to us
You may supply us with information about you by filling in forms on our website. This includes information you provide when you submit a contact/enquiry form. The information you give us may include your name, address, e-mail address and phone number,
Information our website automatically collects about you.
With regard to each of your visits to our website we may automatically collect information including the following:
technical information, including a truncated and anonymised version of your Internet protocol (IP) address, browser type and version, operating system and platform;
information about your visit, including what pages you visit, how long you are on the site, how you got to the site (including date and time); page response times, length of visit, what you click on, documents downloaded and download errors.
Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.
How we may use the information we collect
We use the information in the following ways:
  • To provide you with information and/or services that you request from us;
  • To administer our site including troubleshooting and statistical purposes;
  • To improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  • For security and debugging as part of our efforts to keep our site safe and secure.
  • This information is collected anonymously and is not linked to information that identifies you as an individual. We use Google Analytics to track this information. Find out how Google uses your data at https://support.google.com/analytics/answer/6004245.
Disclosure of your information
Any information you provide to us will either be emailed directly to us or may be stored on a secure server. We use a trusted third party hosting provider (FlyWheel) to facilitate the running and management of this website.
We do not rent, sell or share personal information about you with other people or non-affiliated companies, any external sources required by your website such as mailing lists from service providers such as mailchimp, sendinblue etc, are subject to your own user agreement per the terms of your account with the provider themselves.
We will use all reasonable efforts to ensure that your personal data is not disclosed to regional/national institutions and authorities, unless required by law or other regulations.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Third party links
Our site may, from time to time, contain links to and from the third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Your rights – access to your personal data
You have the right to ensure that your personal data is being processed lawfully (“Subject Access Right”). Your subject access right can be exercised in accordance with data protection laws and regulations. Any subject access request must be made in writing to us at our email address listed at the bottom of this page. We will provide your personal data to you within the statutory time frames. To enable us to trace any of your personal data that we may be holding, we may need to request further information from you. If you have a complaint about how we have used your information, you have the right to complain to the Information Commissioner’s Office (ICO).
Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be submitted via email using the address or contact form at the bottom of this page.

Clinical Policy

Privacy Policy
Walsh Chiropody – Podiatry

1. How We Use Your Personal Data

We are committed to protecting your personal data. This policy explains how we collect, use, and protect your information in compliance with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws.

We collect data from you or your parent/legal guardian to provide our services. The legal basis for processing your personal data includes:

  • Sensitive Personal Data (e.g., medical records): Processed under Article 9(2)(h) of UK GDPR – necessary for the provision of healthcare services.
  • Non-Sensitive Personal Data: Processed for the following purposes:
    1. Registering you as a new client.
    2. Managing payments.
    3. Collecting and recovering outstanding fees.
    4. Managing our relationship with you.
    5. Sending you information about our products/services (with your consent).
    6. Sending appointment reminders via mobile phone.

We will not share your details with third parties for marketing purposes without your express consent. You may withdraw consent at any time by contacting us.

2. Disclosure of Your Personal Data

We may share your personal data with:

  1. Service providers (e.g., Cliniko for patient management and Stripe for payments).
  2. Professional advisors (e.g., lawyers, accountants, insurers).
  3. Regulatory authorities (e.g., HMRC, ICO, NHS bodies where required).
  4. Other health professionals involved in your care.
  5. Third parties in the event of a business transfer, ensuring your data remains protected.

All third parties are required to treat your data securely and only process it under our instructions.

3. International Data Transfers

Some of our third-party providers may be based outside the UK/EEA. When transferring your data internationally, we ensure appropriate safeguards such as:

  • UK GDPR-approved Standard Contractual Clauses (SCCs)
  • Data Protection Certifications (e.g., ISO 27001)
  • Other legally recognized mechanisms

If no such safeguards exist, we will request your explicit consent before transferring your data.

4. Data Security

We have implemented strict security measures to protect your personal data from unauthorized access, loss, or misuse. Only authorized personnel can access your data, and they are bound by confidentiality obligations.

If a data breach occurs, we will notify you and any relevant authorities if legally required.

We may anonymize your data for research or statistical purposes, in which case we may use it indefinitely.

5. Data Retention

We retain your data only for as long as necessary. Legal requirements include:

  • Medical Records: Kept for a minimum of 8 years after your last treatment. If you were under 18 at the time of treatment, records will be retained until your 25th birthday (or longer if required by law).
  • Financial Records: Retained for 6 years to comply with tax laws.

After the retention period, your data will be securely archived or deleted.

6. Your Rights

Under UK GDPR, you have rights over your personal data, including:

  • Right to Access: Request a copy of your data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of data (subject to legal limitations, e.g., medical records must be retained for a minimum period).
  • Right to Restrict Processing: Limit how we process your data.
  • Right to Data Portability: Request transfer of your data.
  • Right to Object: Object to data processing in certain circumstances.
  • Right to Complain: Lodge a complaint with the Information Commissioner’s Office (ICO).

If you wish to exercise any of these rights, please contact:
Walsh Chiropody – Podiatry
329 Chester Road, Castle Bromwich, Birmingham, B36 0JG
Email: enquiries@walshpodiatry.com (marked for the attention of the Data Compliance Officer)

7. Keeping Your Data Up to Date

To ensure accuracy, we may periodically contact you to confirm your details. If any of your information changes (e.g., address, phone number), please notify us as soon as possible via the contact details above.

8. Complaints

We are committed to protecting your personal data. If you have concerns about how we handle your data, please contact us first so we can resolve the issue. If you are not satisfied, you can lodge a complaint with the ICO at www.ico.org.uk.

We may update this Privacy Policy from time to time. Any significant changes will be communicated to you.

Last updated: 10th March 2025