​

Last updated: April 2025

At Osteopath Blackpool, your privacy is extremely important to us. This policy explains how we collect, store, and use your personal data in accordance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

 

1. Who We Are

We are Osteopath Blackpool, registered in the UK. We provide osteopathy and complementary health services, including acupuncture.

For data protection purposes, we are the Data Controller of your personal data.

Contact Details:

• Email: david@osteopathblackpool.co.uk

• Website: www.osteopathblackpool.co.uk

 

2. What Data We Collect

We collect and process the following types of personal data:

• Identity data: name, date of birth, gender

• Contact data: address, phone number, email address

• Health data: medical history, medications, symptoms, treatment notes

• Usage data: how you interact with our website or booking system

• Marketing preferences: if you have opted in to receive information from us

 

3. How We Collect Your Data

We collect your data when:

• You complete a new patient intake form

• You book an appointment online or by phone/email

• You visit our clinic

• You communicate with us via email, phone, or social media

• You opt in to receive future communications or newsletters

 

4. How We Use Your Data

We use your personal data to:

• Provide appropriate osteopathic care and treatment

• Maintain accurate medical records

• Communicate about appointments and clinical matters

• Share medical information with your GP or healthcare professional (with your consent)

• Comply with legal and regulatory obligations (e.g. record retention)

• Send occasional health-related updates, offers, or educational material (only if you have opted in)

 

5. Our Legal Basis for Processing Your Data

We process your personal data under the following lawful bases:

• Consent – when you opt in to communication or treatment

• Legal obligation – for compliance with record-keeping regulations

• Vital interests – in a medical emergency

• Legitimate interest – to manage the clinic and deliver effective care

 

6. Data Storage & Security

Your data is securely stored using Cliniko, a GDPR-compliant, encrypted healthcare records platform.

We take appropriate technical and organisational steps to protect your data from unauthorised access, alteration, or loss.

 

7. How Long We Keep Your Data

We retain patient records for 8 years from the date of your last treatment, in line with professional standards and legal requirements. After this period, data will be securely deleted or anonymised.

 

8. Sharing Your Data

We will never sell your data. We may share it:

• With your GP or another medical professional (with your consent)

• With Cliniko (as a data processor)

• If legally required (e.g., safeguarding or court orders)

 

9. Your Rights Under GDPR

You have the right to:

• Access the personal data we hold about you

• Request correction of inaccurate data

• Request deletion of your data (in certain circumstances)

• Withdraw consent at any time

• Object to certain types of data processing

• Make a complaint to the ICO (Information Commissioner’s Office)

 

10. Cookies and Website Analytics

Our website may use cookies or analytics tools (e.g., Google Analytics) to improve your browsing experience. You can manage cookie preferences through your browser settings.

 

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

 

12. Contacting Us

If you have questions or concerns about how we use your data, please get in touch:

📧 david@osteopathblackpool.co.uk
🌐 www.osteopathblackpool.co.uk