Make Enquiry

Close

Enquiry

Please call us on 020 3848 9434 or complete the form below and we will get in touch with you.

  • Appointment Date

  • This field is for validation purposes and should be left unchanged.
Beyond Health Location

3rd Floor
Brigade House
8 Parsons Green
London
SW6 4TN

Privacy Policy

IMPORTANT: PLEASE READ THIS PRIVACY POLICY AS IT APPLIES TO ANY PERSONAL DATA YOU PROVIDE US OR WE COLLECT ABOUT YOU, FOR EXAMPLE IF YOU USE ANY OF OUR PRODUCTS OR SERVICES INCLUDING TO RECEIVE HEALTHCARE SUCH AS PHYSIOTHERAPY AND OSTEOPATHY (‘SERVICES’) OR ACCESS THE WEBSITE AT BEYOND-HEALTH.CO.UK OR ANY OTHER WEBSITE OWNED, OPERATED OR PROVIDED BY BEYOND HEALTH LIMITED, INCORPORATED IN ENGLAND, COMPANY # 07417549, REGISTERED OFFICE AT SWAN MEWS, PARSONS GREEN, FULHAM, SW6 4QT (‘WEBSITE’ AND ‘BEYOND HEALTH’, ‘US’, ‘WE’ RESPECTIVELY).

WHILE WE DO TREAT CHILDREN AS PATIENTS IN OUR PRACTICE, WE DO NOT MARKET TO OR ENTER INTO CONTRACTS WITH CHILDREN. PLEASE DO NOT ACCESS OR USE THE WEBSITE IF YOU ARE UNDER 18 YEARS OF AGE.

This policy
This policy sets out what personal data we might collect, how we process and protect that data, the lawful grounds for that processing, and your related rights. Essentially ‘personal data’ means any information relating to an identified or identifiable natural person, namely one who can be identified, directly or indirectly from that information alone or in conjunction with other information.

As data protection law and practice are constantly developing, we’ll need to update this policy from time to time, which we’ll do by posting a new policy on the Website that takes effect from the date stated. It is your responsibility to return to the Website from time to time and check for changes.

Special categories of personal data
Given the nature of our business, we do process certain ‘special categories of personal data’, such as information about your health and, if relevant to your treatment, sex life and sexual orientation.

Children
We do treat children (those under the age of 18) in our practice and, in the course of providing and invoicing for such treatment, we will process data concerning their health. Where consent is required for the processing, we will obtain consent from the child’s parent or legal guardian.

Legal basis for processing any personal data
Where we process any personal data relating to you we need to have a legal basis to do so. The legal basis for processing of personal data relating to you will be (in descending order of use) that the processing:

  1. is necessary to perform a contract with you, for example to provide treatment to you and to invoice you (‘Contract’),
  2. is necessary to comply with our legal obligations, for example to retain personal data for a specified period (‘Legal Obligation’),
  3. is necessary for our legitimate interests in carrying out our business, including to maintain, improve and market our products and services, provided those interests are not outweighed by your rights and interests (‘Legitimate Interests’),
  4. is based on your consent (‘Consent’), in which case we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent, or
  5. is necessary to protect your or another person’s vital interests (‘Vital Interests’).

Legal basis for processing special categories of personal data

Where that personal data is in a ‘special category of personal data’ such as your health data, we will also need a separate legal basis for that processing. In descending order of use, that legal basis will be that the processing:

  1. is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of you as an employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of EU or UK law or pursuant to contract with us as health professionals (‘Healthcare’),
  2. is based on your explicit consent (‘Explicit Consent’) in which case we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent, or
  3. is necessary to protect your or another person’s vital interests where you are physically or legally incapable of giving consent (‘SC Vital interests’).

How Do We Obtain Personal Data?
We collect or are provided personal data in the normal course of business, for example:

When you provide us with personal data about yourself or another person, you are confirming to us that you are authorised to provide us with that information and that any personal data you give us is accurate and up-to-date.

How do we use personal data?
We use personal data in the normal course of our business, for example:

Sharing Data & International Transfers
We will not give, sell or rent your personal data to third parties so they can market their services to you. Nor do we accept advertising from third parties on the Website. We may share personal data in the following limited circumstances. In each case, we share the minimum personal data necessary.

We may also share your personal data for the following purposes:

Where we share your personal data with our suppliers (or ‘processors’) for them to process it on our behalf, we ensure we have written contracts in place including relevant wording to safeguard that personal data and comply with applicable laws. Where possible, we keep personal data within the European Economic Area (‘EEA’). However, in order to carry out the above purposes, we may use third parties and their facilities outside the EEA. In all such cases we will ensure that appropriate security measures are in place to protect your personal data and a valid legal basis for the transfer applies.

Cookies
Our website uses cookies and/or similar technologies. Please review our Cookie Policy which is part of (and incorporated into) this Privacy Policy for more information, including on how to refuse or selectively accept cookies and/or similar technologies.

Retention
As a default position, we will only retain personal data for any statutory retention period, then a reasonable period (if any) necessary for the above purposes. This is subject, for example, to any valid opt-out or withdrawal of consent where processing is based on consent, or other valid exercise of your data subject rights which is effected. As an example, physiotherapists and osteopaths have legal obligations to retain patient health records, in general, for eight years from the date of last treatment for adults, and for children eight years after their 18 birthday or until 25 years of age. Other types of records may need to be stored indefinitely.

Security
The security of data is very important to our business. In accordance with our legal obligations, we take appropriate technical and organisational measures to protect your personal data and keep those measures under review. However, we can only be responsible for systems that we control and we would note that the internet itself is not inherently a secure environment.

Anonymised data
We may create anonymised data from personal data, and any anonymisation would be carried out in accordance with applicable law as well as relevant guidelines from regulators such as the UK Information Commissioner (‘UK ICO’). Anonymisation may, for example, be achieved by aggregating data to the point that no individual can be identified such as aggregating website use statistics to see which web content is working well and which could be improved. Anonymised data does not allow for the identification of any individual person and, as it is no longer personal data, neither data protection laws nor this Privacy Policy would apply to such data.

Third Party Services
If you access the services of another provider through our websites or services, for example through a link on the Website, your use of those services is entirely at your risk and governed by the terms and privacy policy of that third party provider. If we resell a service delivered or provided by a third party (‘Third Party Service’), including any software that is delivered or owned by a third party (‘Third Party Software’), it is that third party’s separate privacy policy that will apply to your personal data and your use of the Third Party Service and Third Party Software. Your use of a Third Party Service is not covered by this Privacy Policy. Please therefore review the privacy policy for any Third Party Service and Third Party Software before using it.

Your rights
You have the right to know if we process any personal data about you and, if we are, with certain limitations, to a copy of that personal data. You also have the right to ask us to remove or correct any of that personal data that is inaccurate, to object to certain processing and to withdraw any consent you may have given us for any processing of your personal data. You also have the right to ask us to restrict processing certain of your personal data, to erase your personal data, and to ‘port’ certain of your personal data to you or another provider, provided in each case that we have such data and certain conditions are met.

You have the right, at any time, to object to the processing of your personal data for direct marketing.

‘Do Not Track’
The Website does not use technologies that respond to ‘Do-Not-Track’ signals communicated by your internet browser.

Contact Us
If you’ve any question you can always contact us at the address above or by email to [email protected] You have the right, at all times, to notify a complaint to any regulator such as the UK Information Commissioner, although we would welcome the opportunity to discuss and resolve any complaint with you first.