Who we are.
What data is collected and why.
When you visit our website
When you fill in an online enquiry form
If you fill in our enquiry form, you will be asked to give us your name, your phone number and your address email which will allow us to reply to your enquiry.
When you use online booking
If you decide to book online, you will be asked to give us
- your name
- your date of birth
- your address
- your phone numbers
- your email address
This info will be entered automatically into our web-based patient management system. We need this info to be able to contact you.
If you book online, we can assume you want to be treated by us and we are therefore obliged to get this info by law to identify you.
As soon as you start treatment (including treatment enquiries)
We are obliged by law to obtain the following data
- Your Name
- Your Date of Birth
- Your Address
- Your Contact number(s) and Email(s)
- The Name and address of your GP
- Your Previous Medical History
- Your Present medical History and treatment notes (including consent forms, communication with GP/Consultants, AHP’s or insurance and Photos and videos taken for clinical purposes)
- Your present and past medication
- The name and address of consultants and other Allied Health professionals (AHP’s) that you might have visited before coming to see us or we refer you to.
- The Name and Address of your Solicitors/Case Manager/Union Representative
- The information found on the portal of the insurance who referred you to us
We need to collect this information to
- Identify you
- Contact you
- Perform our profession as best as we can (as required by our professional bodies)
- Inform GPs/Consultants or other AHP’s about your condition (as long as you consent to it)
- Communicate with your insurance provider directly via email, by phone or via the insurance portal
- Communicate with your Solicitors/Case Manager/Union Representant
- Advertise our business via our website or social media (specific consent will ALWAYS be asked and obtained at the time if we would like to use any of your data for advertising purposes)
- We might allow contact you via email to ask for feedback or for marketing purposes (news, special offers, etc.). Please let us know if you are happy for us to contact you for this.
If you decide to follow Benji Physio, communicate with us via social media or befriend a member of staff on social media (such as Benji Physio Gilbert on Facebook), we will have access to all the information the social media allows us to have (although it is highly improbable that we will be looking at your personal page). We actively encourage our staff not to befriend patients via their personal accounts.
If you decide to pay us by bank transfer, we will only know who paid us, how much was paid in and the payment reference (generally the name of the patient).
Online payment are made through a system called Stripe (www.stripe.com). When you pay online, we can know
- the date and time of the appointment you made
- which clinician will be treated you
- the amount you paid
- the type of card you paid with
- the period of validity of the card but NOT the card number or CVC
- the type of browser you were on when you booked your appointment
- the device you used to book the appointment (Phone, laptop, desktop, Ipad,etc.)
- the location where the booking was made from
This info is required to know who paid us, how much was paid, who to refund in case of a cancellation.
How data is stored and for how long.
Web-based patient management system
Most of your personal data is kept in your file in our web-based management system. Only Benji Physio Limited staff have access to the system. The web-based management system can only be accessed with a secure email address and a secure password (each member of staff has a different password).
All paper forms given to Benji Physio Limited are scanned and uploaded to the patient management system. The paper forms are then immediately shredded.
All consultant/GP/AHL’s/solicitors’ letters are scanned and uploaded to the patient management system. The letters are then immediately shredded UNLESS you request to have them back.
Your information will be kept for seven years as requested by our governing bodies. Your data will be then deleted from our system.
Your data protection rights.
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Any question or queries.