top of page

Privacy Policy

1. Who We Are

The data controller is:

Libby Hill Sports Therapy
Email: libby@libbyhillsportstherapy.co.uk
Phone: 07851 288734

This means we are responsible for deciding how your personal data is collected, stored, and used.

 

2. Information We Collect

We may collect the following information:

  • Personal details: name, date of birth, address, phone number, email address.

  • Health information: relevant medical history, injury details, treatment notes.

  • Booking and payment information: appointment history, billing details.

 

3. How We Collect Your Information

  • When you make a booking over the phone or online.

  • When you complete client intake or consent forms.

  • During treatment sessions.

  • Through our practice management software (Cliniko).

 

4. Why We Collect Your Information

We collect and process your personal data for the following purposes:

  • To provide appropriate sports therapy and massage services.

  • To manage your bookings and payments.

  • To maintain accurate medical and treatment records.

  • To contact you about your appointments.

  • To comply with legal and professional obligations.

Our legal basis for processing your data is:

  • Legitimate interest – to provide safe and effective therapy services.

  • Legal obligation – to maintain accurate treatment records in line with healthcare and tax requirements.

  • Consent – if you agree to receive marketing communications.

 

5. How Your Information Is Stored

  • We use Cliniko, a secure practice management system that is GDPR-compliant, to store your data.

  • Data may be stored on secure servers outside the UK/EU (e.g. in Australia). Where this occurs, it is protected by safeguards such as Standard Contractual Clauses to ensure compliance with UK GDPR.

  • Any paper notes (if used) are kept securely and destroyed appropriately.

  • We take reasonable steps to protect your information from unauthorised access, loss, or misuse.

 

6. Sharing Your Information

We will not share your information with third parties unless:

  • You give explicit consent (e.g. referral to another healthcare professional).

  • We are legally required to do so.

 

7. Marketing Communications

  • We will only send marketing emails, texts, or newsletters if you have given explicit consent.

  • You may withdraw your consent and unsubscribe from marketing communications at any time.

 

8. How Long We Keep Your Information

  • Client treatment records are kept for a minimum of 7 years after your last appointment (in line with professional and legal requirements).

  • For clients under 18, records are kept until they reach age 25.

  • After this period, records will be securely deleted or destroyed.

 

9. Your Rights

Under UK GDPR, you have the right to:

  • Request access to the personal data we hold about you.

  • Request correction of any inaccurate information.

  • Request deletion of your data (where legally permissible).

  • Restrict or object to processing of your data.

  • Request transfer of your data to another provider.

  • Withdraw consent to marketing communications at any time.

If you wish to exercise any of these rights, please contact us using the details above.

 

10. Complaints

If you have concerns about how we handle your data, please contact us first.
 

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has not been handled properly:

www.ico.org.uk
Tel: 0303 123 1113

bottom of page