Bexleyheath Osteopaths on Pickford Lane.
Experts in back, neck, joint, nerve and muscle pain.
Providing a friendly professional service.
Open 7 days a week evening appointments and parking.
Only a two minutes walk from Bexleyheath Train Station.

Privacy Policy

Pickford Lane Osteopath Clinic, Wanstead Osteopath Clinic and Wanstead House Osteopath Clinic

__________________________________________________________________________

Pickford Lane Osteopath Clinic, Wanstead Osteopath Clinic and Wanstead House Osteopath Clinic are each operated by Levicki Osteopathy Limited (referred to as “us”, “ours” or “we” within this Privacy Policy), a company registered in England and Wales with company number 11043063. Our registered office is at 24 Tudor Close, Woodford Green, United Kingdom, IG8 0LF.

The information set out in this Privacy Policy is provided to individuals whose personal data we process (you or your) as data controller, in compliance with our obligations under the Data Protection Act 2018 and the UK General Data Protection Regulation (GDPR)

1. Data controller details

   1. We are the data controller in relation to the processing of the personal information that you provide to us. Our contact details are as follows:

Pickford Lane Osteopath Clinic:

1. 1. 1. telephone: 020 8303 8872

      2. email: contact@pickfordlaneosteopath.co.uk (please include “Personal Data Request” in your subject heading to ensure it receives the correct attention).

Wanstead Osteopath and Wanstead House Osteopath Clinics:

1. 1. 1. telephone: 07538 101438

      2. email: daniel.levicki@hotmail.com (please include “Personal Data Request” in your subject heading to ensure it receives the correct attention).

2. What is personal data

   1. For the purposes of this Privacy Policy, personal data or personal information means any information relating to a living individual who can be identified from that information (or from that information and other information in our possession). Personal data may be factual (e.g. name, address, date of birth) or it can be an opinion about that person, their action or behaviours.

   2. There are special categories of more sensitive personal information which require a higher level of protection. These include information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, physical or mental health or condition or sexual life.

3. How we collect your information

   1. Generally, the information we hold about you comes from the way that you engage with us, for example by:

      1. attending an appointment for osteopathic treatment with us;

      2. engaging with us via our website; or

      3. contacting us offline, for example by telephone, email or by post.

   2. We may also collect personal information from third parties such as your GP, hospitals, commissioners of healthcare services and clinicians (including their medical secretaries).

4. Information we collect

   1. The personal data that we collect will depend on your relationship with us (and whether or not you are already a patient of ours).

   2. The personal data held about you, may include the following:

Personal data

1. 1. 1. contact information, such as your name, postal address, email address and telephone number (including mobile number) (Contact Information);

      2. information about you such as your hobbies (where relevant to any injury/general complaint);

      3. date of birth;

      4. occupation; and

      5. payment information, such as credit card details used to pay us (Payment Information).

Special category data

1. 1. 1. details of your current or former physical or mental health (including previous healthcare you have received and medicines administered) (Medical Information); and

      2. clinic letters and medical records (Medical Records).

2. Purposes and legal basis for processing

We will use your personal information as follows:

Personal data

We may use your information for the following purposes, based on the following legal grounds:

• Contact Information

• Information about you such as your date of birth and occupation

 

• If it is necessary for the performance of our contract or for the purposes of entering into a contract: for the purpose of providing our services e.g. contacting patients to confirm appointments and discuss treatment.

• If it is in our legitimate business interests to do so: for internal record keeping for administration purposes, obtaining evidence of identity of our patients, communications regarding our service and fees and for dealing with any complaints or issues raised by our patients.

• Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements.

• Payment information

• If it is necessary for the performance of our contract: for the purpose of receiving payments in the course of providing our services.

• If it is in our legitimate business interests to do so: for internal record keeping for administration purposes and retaining evidence of payment transactions.

• Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements.

• Medical Information

• Medical Records

• For the provision of healthcare or treatment: we may process Medical Information and Medical Records relating to patients that we have provided osteopathic medical treatment to. This information is collected and processed in order for us to provide ongoing treatment to patients.

• To protect the vital interests of the data subject: in order to ensure the health and safety of our patients.

• Compliance with a legal obligation: in order comply with any legal or regulatory requirements such as with regards to record-keeping of medical data.

• Where it is necessary for reasons of public interest in the area of public health, such as medical research: where necessary in assisting statutory approved medical research projects and as permitted by law.

• With your consent: and at your request, we will pass on your details Medical Information and Medical Records to third parties in respect of insurance claims and/or benefits, and in respect of referrals made to other healthcare providers.

• Please note that we will not require consent from you to process special categories of your information where we have an alternative legal basis to process such information (such as those detailed above).

• Images or films displaying your treatment (or part of it)

• With your consent: we may film all or part of your treatment for inclusion on our website and/or our social media channels. Please note that we will only do so where you are comfortable with this and you have provided consent for us to do so.

1. Sharing your information

   1. Please note that personal information we are holding about you may be shared with and processed by:

      1. referring clinicians such as GPs and other medical practitioners where we are referring you for further treatment and/or scans;

      2. third parties in respect of insurance claims you are involved in and/or private healthcare benefit providers (at your request) and third party imaging providers (e.g. where a scan is required and you have requested us to refer you to a third party provider);

      3. our service providers and consultants (including their subcontractors) or third parties which process information on our behalf (e.g. internet service providers, payment providers and software providers such as Cliniko) so that they may help us to provide you with services and information you have requested;

      4. our social media channels where you have consented to your treatment being filmed and uploaded online;

      5. regulators, fraud prevention agencies or other third parties for the purposes of monitoring and/or enforcing our compliance with any legal and regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts;

      6. any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);

      7. other parties and/or their professional advisers involved in a matter where required as part of the conduct of the services;

      8. our own professional advisers and auditors for the purpose of seeking professional advice or to meet our audit responsibilities; and

      9. another organisation to whom we may transfer our agreement with you or if we sell or buy (or negotiate to sell or buy) our business or any of our assets (provided that adequate protections and safeguards are in place).

   2. Please note that personal data entered into the online billing portal within our website (provided by Cliniko) when you pay for your appointment will not be stored by us. However, Cliniko or Stripe (our payment provider) may store this personal data in accordance with the terms of their own privacy policy.

2. International transfers

1. 1. We will not transfer personal data relating to you to a country which is outside the UK or the European Economic Area (EEA) unless one of the following scenarios under the GDPR (or equivalent scenarios under UK data protection legislation, if applicable) applies:

      1. the country or recipient is covered by an adequacy decision of the European Commission under GDPR Article 45;

      2. appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 (for example using the European Commission’s Standard Model Clauses for transfers of personal data outside the UK or EEA); or

      3. one of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary):

         1. the transfer is necessary to perform, or to form, a contract to which we are a party:

            1. with you; or

            2. with a third party where the contract is in your interests;

1. 1. 1. 1. the transfer is necessary for the establishment, exercise or defence of legal claims;

         2. you have provided your explicit consent to the transfer; or

         3. the transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests.

2. Retention of personal data

   1. We have systems in place to periodically review and delete data that is no longer being used by us for the purposes set out in this Privacy Policy.

   2. As required by the Osteopathic Practice Standard D5 (3), we will retain patient records for a minimum of eight years after the patient’s last consultation (or, if the patient is a child, until their 25th birthday).

   3. Where we no longer need your personal information, we will dispose of it in a secure manner.

   4. In some circumstances you can ask us to delete your data: see your legal rights at paragraph 9 below for further information.

   5. In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

3. Your rights in respect of your personal data

   1. You have certain rights under existing data protection laws, including the right to (upon written request) access a copy of your personal data that we are processing. In accordance with the Data Protection Act 2018 and the GDPR:

      1. you will have the following rights:

         1. right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one copy of the personal information that we hold about you at no cost, but for any further copies, we reserve the right to charge a reasonable fee based on administration costs); and

         2. right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete; and

      2. in certain circumstances, you will also have the following rights:

         1. right to erasure/“right to be forgotten”: the right to withdraw your consent to our processing of the data (if the legal basis for processing is based on your consent) and the right to request that we delete or erase your personal information from our systems (however, this will not apply if we are required to hold on to the information for compliance with any legal obligation or if we require the information to establish or defend any legal claim);

         2. right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it;

         3. right to data portability: the right to request that we return any information you have provided in a structured, commonly used and machine-readable format, or that we send it directly to another company, where technically feasible; and

         4. right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.

   2. If you have subscribed to marketing communications from us, you have the right to unsubscribe from such communications at any time by following the link in the footer of the last email you received from one of our brands or by sending your request with detailed instructions to us (see contact details above).

   3. Please note that if you withdraw your consent to the use of your personal information for purposes set out in our Privacy Policy, we may not be able to provide you with access to all or certain parts of our site.

   4. If you consider our use of your personal information to be unlawful, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. Please see further information on their website: www.ico.org.uk.

4. Automatic decision making

We do not make decisions based solely on automated data processing, including profiling.

1. Security

   1. We keep your information protected by taking appropriate technical and organisational measures to guard against unauthorised or unlawful processing, accidental loss, destruction or damage. For example, we have implemented safeguards in relation to access and confidentiality in order to protect the information held within our systems.

   2. However, while we will do our best to protect your personal information, we cannot guarantee the security of your information which is transmitted via an internet or similar connection. It is important that all details of any username, password and/or other identification information created to access our servers are kept confidential by you and should not be disclosed to or shared with anyone.

2. Changes to this Privacy Policy

We may amend this Privacy Policy from time to time, for example to keep it up to date, to implement minor technical adjustments and improvements or to comply with legal requirements. We will always update this Privacy Policy on our site, so please try to read it when you visit the site.