Chiropractic & Massage Therapy Postal Address

Privacy Policy

Privacy Policy

TotalMSK Ltd

40 Caversham Road, Reading, Berkshire, RG17BT.

Telephone: 07718 252 446

For the purposes of processing your personal data, TotalMSK Ltd is (the controller).

TotalMSK Ltd collects and holds the following types of personal data:-

Patient Files/Records

Name, Address, Telephone numbers, email address, date of birth, next of kin, medical and health information including history, testing and diagnosis information and treatment.

The data is used and processed as part of a contract and relating to the provision of Chiropractic and Musculoskeletal health services to individual patients. Each patient will have also given explicit written consent for examination, treatment and in some cases to contact the patient’s GP or other relevant practitioners concerning ongoing treatment.

Bookings

The online patient booking system operates via a third party service provider, who is GDPR complaint. The data held by the third party is used by (the controller) for the scheduling of patient bookings, cancellations and correspondence regarding said purposes.

Text Messages

It is possible to send patient appointment reminders, via text and the online booking system. Patients can request to withdraw from this free service at any time.

Telephone Voicemail

Patient’s can leave voicemails on (the controller’s) mainline telephone number, or indeed numbers of individual practitioners working for (the controller). Patient voicemails get deleted every two weeks.

Emails

Individuals can contact (the controller) via email, either via the website or various other means. From time to time, (the controller) may wish to contact a patient regarding on-going treatment, to inform them of a new news article or promotion. Individuals have the right to withdraw from such correspondence at any time by directly requesting to do so.

Social Media

(The controller) uses many social media platforms, purely to post and share health and wellbeing related articles. Many of these articles may prove of interest to the general the public and patients alike. Each Social Media platform has a privacy policy and terms and conditions of use. Individuals have a choice as to if they wish to follow (the controller) on one of the social media platforms it uses. However, as with all Social Media accounts, individual’s should be careful about the quantity and types of personal information they share on such platforms. (The controller), has little to no control over how third-party social media platforms use one's data and such things will be governed by the respective platforms T&C’s and privacy statements. Shortened URLs frequently appear on Social Media platforms, due to character limits on such platforms. It is possible for social media accounts to get hacked and for these shortened URLs to link to other resources. Hence, it is essential to be sure that the URL is from a legitimate source. A typical example of a shortened URL is https://bit.ly/2tMx9nJ (which happens to relate to an article on Shin Splints).

Website and Blog

(The controller) uses a number of third party companies for website data analytics purposes. The analytics are used for the purposes of improving the corporate website and tailoring information to the needs of users. The data provided by said third parties does not allow (The controller) to specifically identify any specific individual using the website or blog. (The controller's) website does not use any "cookies", however the Blog, which is hosted by Google (Blogger) does use "cookies". (The controller) uses the data gained from third parties to identify errors affecting user experience, popularity of articles/web pages and potential areas for new articles and improvements. (The controller) has limited access to information gained via third parties and indeed control over that process. Typically, the analytics data gained by these companies looks at when something was accessed/looked at, where the user was geographically (though this may not be actual location), the service the data was accessed via (internet provider etc.), how long data was accessed for, possibly the device and type of operating system used to access the content.

Retention Your Personal Data

The Chiropractors Act 1994, requires that patient record card information, including treatment notes, are retained for a minimum of 8 years from the last treatment/discharge date. Although, one has rights regarding how ones data is used, any request to delete or destroy record card information cannot be acted on prior to the 8 year rule mentioned above, at which point the data is automatically destroyed due to legislative requirements.

Your Rights

While your personal data is being processed and held, you the individual have certain rights, namely:-

The right to gain access to the data held about you.

The right to rectification (correction) concerning said data.

The right to erasure of said data where legally possible (see retention of personal data).

The right to restrict processing of said data.

It is possible to act upon any of these rights by contacting the Data Protection Officer, in writing or via email. The letter or email should be addressed “For the Attention” of the “Data Protection Officer” as per (The Controller) address and contact details. The letter or email should also contain the requestors full contact details; name, address, telephone number(s), email and details of the information or changes requested. (The Controller) is required to verify the identity of the requestor and thus will ask for copies of corroborating documentation such as Passport, Driving licence, recent utility bill etc.

Data Breaches

(The Controller) takes various precautions and protections to store and process the data held on patients safely. However, regardless of how robust processes and security is, there is always the possibility that data can get lost, stolen or otherwise illegally accessed. Should any of these situations occur and where the data breach constitutes a high risk to the individual's rights and freedoms, then (the controller) would make contact without any delay. Where known, the Data Control Officer would provide, their on contact details, details of the type of breach, the data involved, details of an on-going investigation and what is being done to prevent any such similar breach.

Complaints

In the first instance, please contact the Data Controller concerning the complaint. It is possible that there may have just been a simple misunderstanding, which can easily get remedied. If you are still unsatisfied with the response, then you can contact the Information Commissioners Office (ICO) via their website:-

www.ico.org.uk


Chiropractic and Massage Registrations

All of our practitioner's hold relevant professional industry registrations and or memberships. Our principal practitioner Terry Davis MSMA holds additional memberships and registrations for Massage Therapy with the Complementary & Natural Health Council (CHNC) and is BTEC Level 5 Clinical Sports and Remedial Massage Therapy qualified and holds professional membership with the Sports Massage Association (SMA):-

Chiropractic and Massage RegistrationsSports Massage Association (SMA)General Chiropractic CouncilComplementary & Natural Health Council