Privacy Policy | Physio4Life

Privacy Policy

Website Privacy Policy

At Physio4life, we are committed to maintaining the trust and confidence of our visitors to our web site. In particular, we want you to know that Physio4life is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. In this Privacy Policy, we have provided lots of detailed information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

This website is operated by Physio4life. We take your privacy very seriously, therefore we urge you to read this policy very carefully because it contains important information about us and:

  • The personal information we collect about you, our users
  • What we do with your information, and
  • Who your information may be shared with


Last updated

This privacy notice was last updated on the 25th of May 2018. We may update this Notice from time to time and you should review it whenever you visit our website or before providing us with any personal data about yourself.


Who we are

Physio4life (‘we’ or ‘us’) are a ‘data controller’ for the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679) (“the GDPR”) (i.e. we are responsible for and control the processing of, your personal information). We are a limited trading company trading as Physio4life and based in South West London. We are a team of expert professionals providing private and specialist treatment such as (Physiotherapy, Osteopathy, Pilates, Personal Training, Massage, and Nutrition).


How we collect your personal data

We will only collect and use your personal data where we have legitimate business reasons to do so. We may obtain personal data from you to provide you a service when you contact us or visit our practices or when you get in touch with us via our website. This includes personal data provided to us when you register with us to receive our services or when you enter a competition or promotion.

We also collect your data when you contact us about employment with Physio4life, when you provide our staff with business cards or contact details, if you deal with us when we are providing services to one of our clients, when we receive referrals from other employees, clients or suppliers, when you deal with us in order to provide us with goods or services, when staff give us your details as an emergency contact or when potential employees give us your details as a referee.

We may also collect your data when we search websites where you have posted your data to be found in relation to business opportunities. We will of course let you know at the earliest opportunity when we have gathered your data in this manner.


The personal data we collect

We collect personal data in order to provide the best possible service we can or to maintain good business and client relationships. We only collect the data we need and we will ensure we have appropriate physical and technological security measures to protect your personal data.

For clients using our services or suppliers whose services we use, depending on the relevant circumstances, we may collect some or all of the following information: name, title, email address, postal address, telephone numbers and other contact numbers, bank details, health information and health insurance information. We may also collect data from medical professionals where you have given us permission to do so.


What we use your information for

Physio4life collects and processes your personal data for legitimate Business purposes including diagnosing and administering treatment, internal record-keeping, processing financial transactions, processing instructions from clients, in connection with legal, financial and dispute management, for compliance with legal, regulatory and tax reporting obligations and releasing your personal information to regulatory or law enforcement agencies, if they require us to do so by law for the prevention, detection and investigation of crimes. We may also use your data to market our related products and services directly to you and advise you of any updates to our services; where we do so you will be able to unsubscribe at any time from receiving any further communications from us.

We may use your personal data where we deem it to be necessary for our legitimate interests or for mutually beneficial legitimate interests. These legitimate interests are explained a little further down this notice.


Sharing your personal data

Where appropriate and in accordance with local laws, regulatory obligations and patient agreement, we may share some of your personal data with other medical professionals, third party service providers who perform functions on our behalf including external consultants, business associates and professional advisers such as lawyers, auditors and accountants, debt collectors, technical support consultants.


If Physio4lfofe acquires, merges with or is acquired by another business or company in the future, (or is in meaningful discussions about such a possibility) we may share your personal data with the other business or company, subject to appropriate assurances as to the protection of your data privacy.


 Personal information provides by third parties

We may receive information about you from other sources. This information may include, Full name, Date of birth, Contact number, Address. All information shared to Physio4life from Third Parties and other sources are referrals that have been pre-approved by a client who has agreed to share this information.

We will register this information for the following purposes:

To ensure the client has an account with us

To book the patient in with an appropriate practitioner


Personal information you provide about third parties

If you give us information about another person, you confirm that the other person has appointed you to act on their behalf and agreed that you:

Should consent on their behalf to the processing of their personal data;

Shall receive any data protection notices on their behalf; and

Shall consent on their behalf to the transfer of their personal data abroad.


 Monitoring and recording communications

We may monitor communications such as emails and telephone calls for the following purposes:

Quality assurance, Training, Fraud Prevention and Compliance.


Cookies and similar technologies

A cookie is a small text file, which is placed onto your computer or electronic device when you access our website. Similar technologies include web beacons, action tags, local shared objects, (‘flash cookies’) and single pixel gifs. Such technologies can be used to track users’ actions and activities, and to store information about them. We use these cookies and/or similar technologies on our website.

For example, we may use cookies to monitor and/or collect the following information:

How many times a user visits the website

Which pages a user visits

Traffic data

Location data

When someone visits we use a third party service, Stat Counter Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way, which does not identify anyone. We do not make, and do not allow Stat Counter Analytics to make, any attempt to find out the identities of those visiting our website.

This information helps us to build a profile of our users. Some of this information may be aggregated or statistical, which means that we will not be able to identify you individually.

You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.

For further information on our use of cookies, please see our website cookie policy. For further information on cookies generally visit


Keeping your information secure

We will use technological and organisation measures to keep your information secure. These measures may include the following examples:

User accounts access is controlled by a unique username and password; all data is stored on a secure server; payment details are encrypted using SSL.

We are certified to ISO 27001. This family of standards helps us manage your information and keep it safe and secure.

However, while we will use all reasonable efforts to secure your personal data, in using the site you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us using the details below.


What rights do you have?

You have individual rights under the GDPR. You can exercise any of these rights by contacting us using our contact details at the end of this notice or by any other means. Your rights are listed and explained below. You have the right to:


  1. Right be informed of what we do with your data;


  1. Right to request a copy of your information/ ask us to share what information we hold about you;

You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or it, please:

  • Email, call or write to our data protection officer (see details below)
  • Let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill), and
  • Let us know the information you want a copy of, including any account or reference numbers, if you have them.



  1. Right to update your data if you think it’s incorrect or insufficient;


You can require us to correct any mistakes in your information, which we hold free of charge. If you would like to do this, please:

  • Contact us using the contact details below
  • Let us have enough information to identify you (e.g. driving license or passport)
  • Let us know the information that is incorrect and what it should be replaced with.


  1. Right to delete your information;

Physio4life is a private medical company and do not retain personal data for longer than necessary.

The guidelines that Physio4life follow are in accordance with the GDPR that replaces the Data Protection Act 1998, where records form as legal record of treatment and therefore must be retained safely and securely. The legal requirement to retain records for a certain period relates to the legal period for bringing civil claims under Personal Injury Law or Contract law as defined by the Limitation Act 1980 and The Limitation (Norther Ireland) Order 1989.

An individual has three years to bring a personal injury claim (with some exceptions) and six years if they wish to bring the claim under contract law. Therefore, records must be retained at least until the limitation period has expired.

Physio4life aim to store health records securely for seven years, give or take limits in a personal injury claim and under contract law.


CCTV is in place at the premise of Physio4life to protect staff and the business from suspicious transactions and incidents. Data is deleted after 30 days.

Telephone Recordings

Physio4life record telephone conversations for Quality assurance, Training, Fraud Prevention and Compliance. We also have a mute button in place on all of our telephone systems. We use this mute button to ensure we do not record sensitive information (i.e. payment information). You can also request to have your conversation muted. Telephone records are deleted after 6 months.

  1. Right to ask us to stop contacting you with direct marketing

You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:

  • Email, call or write to us (using the contact details below)
  • Let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill), and
  • Let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).

From time to time, we may also have other methods to unsubscribe from any direct marketing including for example, unsubscribe buttons or web links. If such are offered, please note that there may be some period after selecting to unsubscribe in which marketing may still be received while your request is being processed.

  1. Right to ask us to stop processing your data – where consent has been given you can withdraw that consent at any time by contacting us


  • Contact us using the contact details below
  • Let us have enough information to identify you (e.g. driving license or passport



Contacting us

If you have any questions about the policy or the information we hold about you, please contact us by:

Email:   (Reception)

(Data protection officer – Katherine Hoxha) (you should contact the data protection officer directly, if you would like to request for a subject access request).


Physio4life ltd

125 Upper Richmond Road

London, Putney

SW15 2TL


, or


Telephone: 0208 704 5998


Calls will be answered at the following times:


Monday – Thursday        0700 – 2200

Friday                                    0700 – 2000

Saturday                              0800 – 1600

Sunday                                 0900 – 1500


We may record calls for quality and training purposes.


Ready to book an appointment with Physio4Life?

To book an appointment please follow the link below to our online booking page.

Book Online