COLLECTION AND REGISTRATION OF PERSONAL INFORMATION
We sometimes request users of the Site to provide personally identifiable information. For example, in order to use our contact form, you will be required to submit certain personally identifiable information. The information collected from you is strictly voluntary. You may decline to submit personally identifiable information, in which case we may not be able to provide certain services to you. The type of information collected during the registration process may include your contact information, such as your name, email address, postal address, phone number and country of residence (“Registration Information”). You may choose to provide optional profile information such as your real name, photo, company/organisation affiliation, a profile description, tags, location and other information which may be collected and displayed on your public profile. It is your choice to post content (for example, company affiliation) and make it publicly available. You are solely responsible for the content you post.
USE OF PERSONAL INFORMATION
DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES
Access to your personal information is restricted to use by CC Physiotherapy. We do share non-personally-identifiable information (such as anonymous usage data, referring / exit pages and URLs, platform types, number of clicks, and user location) with interested third-parties to assist with understanding the usage patterns for certain content, services, advertisements, promotions, and/or functionality for the Site. We will not otherwise disclose any personal information without your consent except: in response to subpoenas, court orders, or legal process, or to establish or exercise our rights to defend against legal claims; and if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, the safety of person or property, violation of our policies, or as otherwise required by law.
GDPR COMPLIANCE – ACCESS AND CHANGES TO YOUR INFORMATION AND PREFERENCES DATA TRANSPARENCY
You may, at any time, request to view all the information we hold about you by using the form at the bottom of this page. We will endeavour to respond within two working days. You can request your information to be updated, corrected or entirely withdrawn and deleted from all our systems, processes and databases. Should you request data withdrawal, we will first provide you with all the data we hold about you, then confirm completion of the withdrawal request via the email address you provide in the form at the bottom of this page within 24 hours unless we receive communication by you to halt the process. We will send two confirmation emails with ‘read-receipt’ notification embedded after which the email address supplied will be deleted from our systems. You will receive no further communication from our systems unless you enter information on a form contained within the Site subsequent to deletion. You must allow consent of any information required to be submitted and stored.
DATA PROCESSING ADDENDUM
CC Physiotherapy will only act and process Customer Data in accordance with the documented instruction from Customer (the “Instruction”) unless required by law to act without such Instruction. The Instruction at the time of entering into this DPA is that CC Physiotherapy may only process Customer Data with the purpose of delivering Services as described in its Terms & Conditions and any product-specific agreements. Subject to the terms of this DPA and with the agreement of the parties, Customer may issue additional written instructions consistent with the terms of this Agreement. Customer is responsible for ensuring that all individuals who provide instructions are authorised to do so. CC Physiotherapy will inform Customer of any instruction that it deems to be in violation of GDPR and will not execute the instructions until they have been confirmed or modified. When Customer Data is processed by CC Physiotherapy both parties acknowledge and agree that: – CC Physiotherapy is a Data Processor of Customer Data under the GDPR – Customer is a Data Controller of Customer Data under GDPR.
RETENTION OF PERSONAL INFORMATION
We retain the personal information we collect from you for as long as the information is relevant to our business purposes or until you request that we remove the data by using the form at the bottom of this page.
OUR COMMITMENT TO DATA SECURITY
CC Physiotherapy recognise that your privacy is important to you, and therefore we endeavour to keep your personal information confidential. For example, to protect your privacy and security, we take reasonable steps (such as requesting a unique password) to verify your identity before granting access to a user’s account or making changes to a user’s account information. However, CC Physiotherapy do not represent, warrant, or guarantee that your personal information will be protected against unauthorised access, loss, misuse, or alterations, and do not accept any liability for the security of the personal information submitted to us nor for your or third parties’ use or misuse of personal information. You are solely responsible for maintaining the secrecy of your unique password and account information at all times. To help us make emails more useful and interesting for registered users, CC Physiotherapy may receive a confirmation when you open an email from the Site. CC Physiotherapy may also compare its registered user list to lists received from other companies, in an effort to avoid sending unnecessary messages to our registered users. CC Physiotherapy use MailChimp for email marketing activities. MailChimp is a robust platform fully compliant with GDPR regulations. CC Physiotherapy have entered into a signed DPA (Data Processing Addendum) agreement with MailChimp, a copy of which can be viewed here: https://mailchimp.com/legal/forms/data-processing-agreement/eu-eea/ CC Physiotherapy’s day to day handling of personal information as part of its business processes involves extensive use of G Suite from Google. G Suite services provide data encryption to 256-bit level when it’s on a disk, stored on backup media, moving over the internet or travelling between data centres. G Suite was built to meet stringent privacy and security standards based on industry best practices. In addition to strong contractual commitments regarding data ownership, data use, security, transparency, and accountability, it provides CC Physiotherapy with the tools it needs to help meet its compliance and reporting requirements to its clients.
To understand what content is useful to our website visitors, we use Google Analytics to track visitor activity on our website. This includes how you arrived at the website, what pages you visited and what content you viewed. It also includes how long you spend on each page and at what point you left the website. All information tracked by our use of Google Analytics is non-personally-identifiable information such as anonymous usage data, cookies, IP addresses, browser type, clickstream data, and user location.
IN THE EVENT OF MERGER, SALE, OR BANKRUPTCY
In the event that CC Physiotherapy are acquired by or merged with a third-party entity, we reserve the right, in any of these circumstances, to transfer or assign the information we have collected from our users as part of such merger, acquisition, sale, or other change of control. In the event of our bankruptcy, insolvency, reorganisation, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used.
For any issues or questions regarding the statement above, please send an email to ‘admin at ccphysiotherapy dot com’. lear Cut Physiotherapy Ltd is a registered company in England and Wales.
DATA POLICY FORM