Head2Toe Physio Privacy Policy

This Privacy Policy sets out how Head2Toe Physiotherapy uses and protects the information that you give to us when you register as a patient.   Head2Toe Physiotherapy are committed to protecting and respecting your privacy and complying with the principles of the GDPR.  As healthcare practitioners we fully respect the confidentiality of the information that you may share with us both when you register as a new patient and during your appointments with your physiotherapist/practitioner.

It is our aim to process information about you in a secure and transparent way that enables us to carry out our job of treating you/making you well again, at the same time as holding your data in a way that you are able to understand and complies to current legislation.

When you register as a patient at any of our Head2Toe Clinics we will ask you for some basic personal data including name, address, date of birth, contact details and medical information both relevant to the condition you have been referred for/have referred yourself for and any other medical information about your general health.  This will help your physiotherapist/practitioner  to assess your condition and treat you in the most appropriate way that suits your individual needs.

How we store your information

  • Internal paper records/patient file
  • All records are held securely on our Preori management system which allows us to manage your records, appointments and correspond (if applicable and consent given) with your referring consultant, insurer, case management company to process your claim (as appropriate).
  • Your patient file information is held for a minimum of 8 years (as required by The Data Protection Act); any credit card payment records are kept securely for a minimum of 2 years before they are shredded. All financial records are retained for a minimum of 7 years.

Security of your information

We are committed to ensuring your information is secure.  We have processes in place to ensure that your data is not compromised.  We have physical, electronic and managerial procedures to secure the information that you supply us with.  We will not share your information with anyone other than the professionals (NHS/Private referrers) and intermediaries, (insurer, solicitor, employer or other party) that you have given us permission to share your information with.

How we might use your information

  • Our own record keeping
  • To provide you with the highest levels of care, treatment and customer service
  • As a patient, we may need to contact you by email, phone or through the post. Our primary means of contact is email.  We will forward appointment reminders to you and may need to liaise about payment matters.
  • From time to time we may send you an email with news about our clinics: the range of services we offer, clinic promotions and news and articles of interest to you.
  • To improve our services offered to you

Under 16s

All of our physiotherapists are DBS checked, fully qualified and insured to treat children under the age of 16.  We do insist that all children under the age of 16 are accompanied by a parent or guardian over the age of 18 at all times when visiting our clinics.  We also require the child’s parent or guardian to sign their consent for treatment and acceptance of our terms on behalf of the child when registering them as a patient.

Your rights of access and control over your data

You may choose to amend your contact preferences at any time.  You can do this as a new patient when you register, by writing to us at admin@head2toephysio.co.uk or if you have received an email from us simply click the unsubscribe box at the bottom of the email.

The GDPR grants all patients/clients of Head2Toe Physio certain ‘information rights’:

Right of Access: You are entitled to access your own records.   An electronic or paper record can be provided on request and this will be done free of charge.  Simply make this request by email or write to us at any of our clinic addresses.

Right of Rectification or Erasure:  If you feel that any data that we hold about you is inaccurate you have the right to ask us to correct or rectify it. You can also ask us to erase information about you where you can demonstrate that the data we hold is no longer needed by us, or if you withdraw your consent, or if you feel that we are unlawfully holding your data.  Your right of rectification and erasure extends to anyone we have disclosed your personal information to and we shall take all reasonable steps to inform those with whom we have shared your data about your request for erasure/rectification.

Right to withdraw consent: You have the right to withdraw your consent for the processing of your personal data.

Right of complaint: You also have a right to lodge a complaint about any aspect of how we are handling your data with the UK’s Information Commissioner’s Office who can be contacted at ico.org.uk

If you would like to find out more about your rights please contact us using the following details: admin@head2toephysio.co.uk or write to us at one of our clinic addresses.


All information provided to Head2toe is held in strict confidence.  We do not sell, distribute or disclose your information to third parties unless we have your permission or are required to do so by law or by following best medical practice.