Ethical Musculoskeletal Therapy and Myofascial Pain Specialists

News & Information > TotalMSK Privacy Policy

MSK Clinic Privacy Policy

Privacy Policy

Types of data TotalMSK holds and why

For the purposes of processing your personal data, TotalMSK is (the controller).

TotalMSK collects and holds the following types of personal data:-

Consumer Files/Records

Name, Address, Telephone numbers, email address, date of birth, next of kin, medical and health information including history, assessments and treatment.

The data is used and processed as part of a contract and relating to the provision of Musculoskeletal health services to individual patients. Each patient will have also given explicit written consent for examination, treatment and in some cases to contact the patient’s GP or other relevant practitioners concerning ongoing treatment.


The online patient booking system operates via a third party service provider, who is General Date Protection Regulation (GDPR) complaint. The data held by the third party is used by (the controller) for the scheduling of patient bookings, cancellations and correspondence regarding said purposes.

Text Messages

It is possible to send patient appointment reminders, via text and the online booking system. Consumers can request to withdraw from this free service at any time.

Telephone Voicemail

Consumer’s can leave voicemails on (the controller’s) mainline telephone number, or indeed numbers of individual practitioners working for (the controller). Consumer voicemails are deleted every two weeks.


Individuals can contact (the controller) via email, either via the website or various other means. From time to time, (the controller) may wish to contact a patient regarding on-going treatment, to inform them of a new news article or promotion. Individuals have the right to withdraw from such correspondence at any time by directly requesting to do so.

Social Media

(The controller) uses many social media platforms, purely to post and share health and wellbeing related articles. Many of these articles may prove interesting to the general the public and patients alike. Each Social Media platform has a privacy policy and terms and conditions of use. Individuals have a choice as to if they wish to follow (the controller) on one of the social media platforms it uses. However, as with all Social Media accounts, individual’s should be careful about the quantity and types of personal information they share on such platforms. (The controller), has little to no control over how third-party social media platforms use one's data and such things will be governed by the respective platforms T&C’s and privacy statements. Shortened URLs frequently appear on Social Media platforms, due to character limits on such platforms. It is possible for social media accounts to get hacked and for these shortened URLs to link to other resources. Hence, it is essential to be sure that the URL is from a legitimate source. A typical example of a shortened URL is (which happens to relate to an article on Plantar Fasciitis).

Website and Blog

(The controller) uses a number of third party companies for website data analytics purposes. The analytics are used for the purposes of improving the corporate website and tailoring information to the needs of users. The data provided by said third parties does not allow (The controller) to specifically identify any specific individual using the website or blog. (The controller's) website does not use any "cookies", however the Blog, which is hosted by Google (Blogger) does use "cookies". (The controller) uses the data gained from third parties to identify errors affecting user experience, popularity of articles/web pages and potential areas for new articles and improvements. (The controller) has limited access to information gained via third parties and indeed control over that process. Typically, the analytics data gained by these companies looks at when something was accessed/looked at, where the user was geographically (though this may not be actual location), the service the data was accessed via (internet provider etc.), how long data was accessed for, possibly the device and type of operating system used to access the content.

Retention Your Personal Data

The Chiropractors Act 1994 requires that patient record card information, including treatment notes, are retained for a minimum of 8 years from the last treatment/discharge date. Although one has rights regarding how one's data is used, any request to delete or destroy record card information cannot be acted on before the 8-year rule mentioned above. At this point, the data is automatically destroyed due to legislative requirements. These rules apply to patient's treated while Terry Davis was still working as a Chiropractor and before changing profession. In Australia, personal data retention and usage are governed by the Commonwealth Privacy Act 1988 and the State Privacy and Health Records Act. The Australian legislation requires that patient record card information is retained for a minimum of seven years for all patients over 21 years of age. Record card information has to be kept for seven years for all patients under 21 and seven years after reaching 21.

Your Rights

While your personal data is being processed and held, you the individual have certain rights, namely:-

The right to gain access to the data held about you.

The right to rectification (correction) concerning said data.

The right to erasure of said data where legally possible (see retention of personal data).

The right to restrict processing of said data.

It is possible to act upon any of these rights by contacting the Data Protection Officer, in writing or via email. The letter or email should be addressed “For the Attention” of the “Data Protection Officer” as per (The Controller) address and contact details. The letter or email should also contain the requestors full contact details; name, address, telephone number(s), email and details of the information or changes requested. (The Controller) is required to verify the identity of the requestor and thus will ask for copies of corroborating documentation such as Passport, Driving licence, recent utility bill etc.

Data Breaches

(The Controller) takes various precautions and protections to store and process the data held on patients safely. However, regardless of how robust processes and security is, there is always the possibility that data can get lost, stolen or otherwise illegally accessed. Should any of these situations occur and where the data breach constitutes a high risk to the individual's rights and freedoms, then (the controller) would make contact without any delay. Where known, the Data Control Officer would provide, their on contact details, details of the type of breach, the data involved, details of an on-going investigation and what is being done to prevent any such similar breach.


In the first instance, please contact the Data Controller concerning the complaint.

It is possible that there may have just been a simple misunderstanding, which can easily get remedied. If you are still unsatisfied with the response and UK based, then you can contact the Information Commissioners Office (ICO) via their website:-

Alternatively, in Australia the next step would be to contact:-

Massage and Myotherapy Registrations

Terry brings over 16 years of experience treating in the MSK Therapy field back to Brisbane from the UK. He is highly qualified with relevant education and training spanning from Certificate level through to higher education and a Masters. His training and experience cover many assessment methods, treatment types and soft tissue therapy (STT) skills. Besides the sixteen years of clinical experience, Terry has a further eight years of experience training and working at the highest physical performance levels within the elite British forces environment. He has a personal experience with a range of running injuries and a vast amount of professional treatment experience. He is still an avid distance runner to this day. Such knowledge has proved highly valuable in the treatment of elite-level athletes and members of the public. His ongoing sporting activities, experiences and interests have naturally led to him specialising in human performance and treating trauma and myofascial pain. He also taught as a senior course coach on the first myotherapy course in Brisbane. His skills are now available at the Morningside clinic, where he works as a Myotherapist.