Privacy Policy

How I collect, use, and protect your personal information

Last updated: 20 March 2026

1. Introduction

This privacy policy explains how Touch Physique Therapies ("I", "me", "my") collects, uses, stores, and protects your personal data when you use this website, contact me, or engage my services. I am committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

I am the data controller for the personal information I collect. If you have any questions about this policy or how I handle your data, please contact me using the details below.

2. Data Controller

Touch Physique Therapies
Henley-in-Arden, Warwickshire
Email: therapies@touch-physique.co.uk
Phone: 07809 432341

3. What Information I Collect

3.1 Information you provide directly

  • Contact form submissions: Name, email address, phone number (optional), and the content of your message
  • Appointment bookings: Name, contact details, preferred dates and times
  • Treatment records: Treatment notes, physical assessment information, health history, and any information you share during consultations. This may be classified as special category data under UK GDPR
  • Payment information: Payment amounts, dates, and method of payment (I do not store card details)

3.2 Information collected automatically

  • Website usage data: Pages visited, time spent on the site, referring website, and browser type. This data is collected via cookies and analytics tools and is anonymised where possible
  • Device information: IP address (anonymised), device type, operating system, and screen resolution

4. How I Use Your Information

I use your personal information for the following purposes:

  • To respond to enquiries submitted through the contact form
  • To schedule and manage appointments
  • To provide treatments and maintain appropriate clinical records
  • To process payments for sessions
  • To communicate with you about your appointments (reminders, follow-ups)
  • To comply with legal and regulatory obligations
  • To improve this website and the services I offer

5. Legal Basis for Processing

I process your personal data on the following legal bases:

  • Consent: When you submit the contact form or sign up for communications, you consent to me processing your data for those purposes. You can withdraw consent at any time
  • Contract: Processing is necessary to provide the treatments you have requested and to manage our professional relationship
  • Legitimate interest: To improve my website and services, and to respond to your enquiries
  • Legal obligation: To comply with professional, legal, and regulatory requirements

6. How I Store and Protect Your Data

I take the security of your data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Treatment records are stored securely in an encrypted, password-protected system
  • Paper notes (if any) are kept in a locked filing cabinet
  • Electronic communications are sent via secure, encrypted channels where possible
  • Access to your data is limited to authorised personnel only
  • This website uses SSL/TLS encryption to protect data transmitted through the contact form

7. How Long I Keep Your Data

  • Contact form enquiries: Up to 12 months after your last communication, unless you become a client
  • Client treatment records: 7 years after the end of our professional relationship, in line with industry guidelines and insurance requirements
  • Payment records: 7 years, as required by HMRC
  • Website analytics data: Anonymised data is retained for up to 26 months

8. Sharing Your Data

Your confidentiality is important to me. I will not share your personal information with third parties except in the following limited circumstances:

  • Legal requirement: If required by law or court order
  • Risk of harm: If I believe there is a serious risk of harm to you or another person, I may need to share relevant information with appropriate authorities
  • With your explicit consent: For example, if you ask me to share information with another health professional involved in your care
  • Service providers: I use third-party services for website hosting and email. These providers are GDPR-compliant and process data on my behalf under appropriate agreements

9. Cookies

This website uses cookies — small text files stored on your device — to improve your browsing experience and to understand how visitors use the site. For full details, see our Cookie Policy.

10. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data I hold about you
  • Right to rectification: You can ask me to correct any inaccurate or incomplete data
  • Right to erasure: You can request that I delete your personal data, subject to any legal or professional obligations I have to retain it
  • Right to restrict processing: You can ask me to limit how I use your data
  • Right to data portability: You can request your data in a structured, commonly used format
  • Right to object: You can object to my processing of your data in certain circumstances
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact me at therapies@touch-physique.co.uk. I will respond to your request within one month.

11. Children's Privacy

I do not knowingly collect personal information from children under 13 through this website. If I treat young people, I obtain consent from a parent or guardian and handle their data with particular care in accordance with UK GDPR requirements for children's data.

12. Third-Party Links

This website may contain links to other websites. I am not responsible for the privacy practices of external sites. I encourage you to read the privacy policy of any website you visit.

13. Changes to This Policy

I may update this privacy policy from time to time to reflect changes in my practice or legal requirements. The "last updated" date at the top of this page indicates when the policy was last revised.

14. Complaints

If you are unhappy with how I have handled your personal data, I would appreciate the opportunity to resolve your concern directly. Please contact me using the details above.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

  • Website: ico.org.uk
  • Phone: 0303 123 1113
  • Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

15. Contact Me

If you have any questions about this privacy policy or wish to exercise your data rights, please contact me:

Touch Physique Therapies
Email: therapies@touch-physique.co.uk
Phone: 07809 432341
Address: Henley-in-Arden, Warwickshire

Made with by Therapy Webgenie