Privacy Policy
1. Introduction
Pickering Podiatry (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This policy explains how we collect and use your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Due to the nature of our services, we process health-related information, which is classified as special category data.
2. Data Controller
The data controller responsible for your personal data is:
Rachel Johnson
Email: pickeringpodiatry@outlook.com
Address: The Balance Rooms, Smiddy Hill, Pickering, North Yorkshire, United Kingdom
3. Information We Collect
Personal Data
Name
Email address
Phone number
Address
Health Data (Special Category Data)
Medical history relevant to podiatry treatment
Treatment records and clinical notes
Appointment history
Clinical photographs (only where explicit consent has been given)
Technical Data
IP address
Browser type
Website usage data
4. How We Collect Your Data
We collect data when you:
Book an appointment
Contact us via phone, email, or website
Attend a consultation
Use our website
We use Cliniko to manage bookings, patient records, and communications.
5. How We Use Your Data
We use your information to:
Provide podiatry treatment and care
Manage appointments and patient records
Send appointment confirmations and reminders via email and/or SMS (via Cliniko)
Communicate with you regarding your care
Improve our services and website
Comply with legal and regulatory obligations
6. Lawful Basis for Processing
We process your personal data under the following lawful bases:
Article 6(1)(b) – Contract (to provide healthcare services)
Article 6(1)(c) – Legal obligation
Article 6(1)(f) – Legitimate interests
For health data:
Article 9(2)(h) – Provision of health or social care
7. Third-Party Services
Cliniko
We use Cliniko to securely manage patient records, bookings, and communications. Cliniko processes data on our behalf and complies with relevant data protection regulations.
Cliniko may also be used to send appointment confirmations and reminders via email and/or SMS.
Website Analytics
We use a WordPress plugin to collect basic website analytics data, such as page views and visitor behaviour. This helps us understand how visitors use our website and improve its performance. Data collected is typically aggregated and does not directly identify individual users.
8. Clinical Photography (Consent Required)
Where clinical photographs are taken for the purpose of assessment, treatment monitoring, or clinical record-keeping, these will only be taken with your explicit consent.
You may withdraw your consent for clinical photography at any time. Withdrawal will not affect treatment already provided but will prevent further photographs being taken.
9. Data Sharing
We do not sell your personal data.
We may share your data with:
Healthcare professionals involved in your care
Regulatory bodies where required by law
Trusted service providers who support our operations
10. Data Retention
We retain patient records in line with UK healthcare guidance, typically for a minimum of 8 years after the last treatment.
11. Data Security
We take appropriate technical and organisational measures to protect your data, including secure systems and restricted access.
12. Your Rights
Under UK GDPR, you have the right to:
Access your personal data
Request correction of inaccurate data
Request erasure (where applicable)
Restrict or object to processing
Data portability
Lodge a complaint with the Information Commissioner’s Office (ICO)
13. Cookies
Our website uses cookies to improve user experience. You can manage your cookie preferences via our cookie banner.
14. Changes to This Policy
We may update this policy from time to time. Please review it periodically.
15. Contact
If you have any questions about this privacy policy or your data, please contact:
Rachel Johnson
Email: pickeringpodiatry@outlook.com
Address: The Balance Rooms, Smiddy Hill, Pickering, North Yorkshire, United Kingdom