TotalMSK Privacy Statement

TotalMSK Privacy Policy

Privacy Policy

TotalMSK Ltd

Suite 137, 62 Portman Road, Reading, United Kingdom, RG30 1EA

Telephone: 07718 252 446

Types of data TotalMSK holds and why

For the purposes of processing your personal data, TotalMSK Ltd is (the controller).

TotalMSK Ltd collects and holds the following types of personal data:-

Patient Files/Records

Name, Address, Telephone numbers, email address, date of birth, next of kin, medical and health information including history, testing and diagnosis information and treatment.

The data is used and processed as part of a contract and relating to the provision of Chiropractic and Musculoskeletal health services to individual patients. Each patient will have also given explicit written consent for examination, treatment and in some cases to contact the patient’s GP or other relevant practitioners concerning ongoing treatment.


The online patient booking system operates via a third party service provider, who is GDPR complaint. The data held by the third party is used by (the controller) for the scheduling of patient bookings, cancellations and correspondence regarding said purposes.

Text Messages

It is possible to send patient appointment reminders, via text and the online booking system. Patients can request to withdraw from this free service at any time.

Telephone Voicemail

Patient’s can leave voicemails on (the controller’s) mainline telephone number, or indeed numbers of individual practitioners working for (the controller). Patient voicemails get deleted every two weeks.


Individuals can contact (the controller) via email, either via the website or various other means. From time to time, (the controller) may wish to contact a patient regarding on-going treatment, to inform them of a new news article or promotion. Individuals have the right to withdraw from such correspondence at any time by directly requesting to do so.

Social Media

(The controller) uses many social media platforms, purely to post and share health and wellbeing related articles. Many of these articles may prove interesting to the general the public and patients alike. Each Social Media platform has a privacy policy and terms and conditions of use. Individuals have a choice as to if they wish to follow (the controller) on one of the social media platforms it uses. However, as with all Social Media accounts, individual’s should be careful about the quantity and types of personal information they share on such platforms. (The controller), has little to no control over how third-party social media platforms use one's data and such things will be governed by the respective platforms T&C’s and privacy statements. Shortened URLs frequently appear on Social Media platforms, due to character limits on such platforms. It is possible for social media accounts to get hacked and for these shortened URLs to link to other resources. Hence, it is essential to be sure that the URL is from a legitimate source. A typical example of a shortened URL is (which happens to relate to an article on Shin Splints).

Website and Blog

(The controller) uses a number of third party companies for website data analytics purposes. The analytics are used for the purposes of improving the corporate website and tailoring information to the needs of users. The data provided by said third parties does not allow (The controller) to specifically identify any specific individual using the website or blog. (The controller's) website does not use any "cookies", however the Blog, which is hosted by Google (Blogger) does use "cookies". (The controller) uses the data gained from third parties to identify errors affecting user experience, popularity of articles/web pages and potential areas for new articles and improvements. (The controller) has limited access to information gained via third parties and indeed control over that process. Typically, the analytics data gained by these companies looks at when something was accessed/looked at, where the user was geographically (though this may not be actual location), the service the data was accessed via (internet provider etc.), how long data was accessed for, possibly the device and type of operating system used to access the content.

Retention Your Personal Data

The Chiropractors Act 1994, requires that patient record card information, including treatment notes, are retained for a minimum of 8 years from the last treatment/discharge date. Although, one has rights regarding how ones data is used, any request to delete or destroy record card information cannot be acted on prior to the 8 year rule mentioned above, at which point the data is automatically destroyed due to legislative requirements.

Your Rights

While your personal data is being processed and held, you the individual have certain rights, namely:-

The right to gain access to the data held about you.

The right to rectification (correction) concerning said data.

The right to erasure of said data where legally possible (see retention of personal data).

The right to restrict processing of said data.

It is possible to act upon any of these rights by contacting the Data Protection Officer, in writing or via email. The letter or email should be addressed “For the Attention” of the “Data Protection Officer” as per (The Controller) address and contact details. The letter or email should also contain the requestors full contact details; name, address, telephone number(s), email and details of the information or changes requested. (The Controller) is required to verify the identity of the requestor and thus will ask for copies of corroborating documentation such as Passport, Driving licence, recent utility bill etc.

Data Breaches

(The Controller) takes various precautions and protections to store and process the data held on patients safely. However, regardless of how robust processes and security is, there is always the possibility that data can get lost, stolen or otherwise illegally accessed. Should any of these situations occur and where the data breach constitutes a high risk to the individual's rights and freedoms, then (the controller) would make contact without any delay. Where known, the Data Control Officer would provide, their on contact details, details of the type of breach, the data involved, details of an on-going investigation and what is being done to prevent any such similar breach.


In the first instance, please contact the Data Controller concerning the complaint. It is possible that there may have just been a simple misunderstanding, which can easily get remedied. If you are still unsatisfied with the response, then you can contact the Information Commissioners Office (ICO) via their website:-

Mobile Chiropractor Service | Cambridge | Oxford | Reading

McTimoney Chiropractic is available as part of our Mobile Musculoskeletal / MSK Chiropractor and Sports Injury Clinic Service. There is a limited private patient service which covers Oxford and up to 20 miles from Caversham in Reading and Cambridge in Cambridgeshire. The company also operates a mobile Chiropractor lead Corporate Wellness Clinic service covering Reading, Berkshire, Buckinghamshire, Cambridge, Cambridgeshire, Oxford and South Oxfordshire.

Chiropractic and Massage Registrations

Patient's can be safe in the knowledge that all of our therapist's hold relevant professional registrations and or memberships. Our principal Chiropractor Terry Davis MSMA is registered with the General Chiropractic Council (GCC) and holds additional memberships and registrations for Massage Therapy with the Complementary & Natural Health Council (CHNC) and the Sports Massage Association (SMA). He is also BTEC Level 5 Clinical Sports and Remedial Massage Therapy qualified and holds numerous other soft-tissue therapy qualifications. Furthermore, he has also taught at Advanced Diploma level (Myotherapy / Musculoskeletal Therapy) in Australia, including theory, practical and advanced Myofascial Release techniques.

Complementary & Natural Health Council (CHNC)
General Chiropractic Council (GCC)
Sports Massage Association (SMA)