We use low risk analytics cookies to make our site work smoothly & measure traffic

Edge Physio

Tel: 07858 590497

  • Home
  • Physio Services
    • Physiotherapy
    • Acupuncture
    • Shockwave Therapy
    • Sports Massage
    • ONLINE BOOKING
  • Footscan & Insoles
  • About Edge
  • Locations
  • More
    • Home
    • Physio Services
      • Physiotherapy
      • Acupuncture
      • Shockwave Therapy
      • Sports Massage
      • ONLINE BOOKING
    • Footscan & Insoles
    • About Edge
    • Locations

Tel: 07858 590497

Edge Physio
  • Home
  • Physio Services
    • Physiotherapy
    • Acupuncture
    • Shockwave Therapy
    • Sports Massage
    • ONLINE BOOKING
  • Footscan & Insoles
  • About Edge
  • Locations

Privacy Policy

This Privacy Notice tells you what to expect when Edge Physio collects your personal data.

We are committed to compliance with data protection legislation, as well as your rights to

confidentiality and respect for privacy. The Company will ensure that it keeps your personal data accurate and secure to provide you with efficient services.


We will only use the data it holds about you in accordance with the law. We will also only collect

the minimum data necessary, and when there is no longer a need to keep your data, it will be disposed of In line with UK medical record retention standards, as outlined below.


Edge Physio will ensure we respect your rights and comply with the law. If you have any

concerns about how we look after your personal data please contact Scott Baxter at

info@edge-physio.co.uk


Do you know what personal data is?

Personal data is any information that relates to an identifiable living individual directly or

indirectly. This includes data that when combined with other data can then identify a person. For example, your name and contact details.


Do you know that some of your personal data is considered as ‘special’?

Some data is considered to be special and needs more protection and safeguards due to its

sensitivity. It is often data that is very personal to you, that you wouldn’t expect or want to be

widely known. This will include anything that can reveal your:

• Sexuality or sexual health

• Religious or philosophical beliefs

• Ethnicity

• Race

• Physical or mental health

• Trade union membership

• Political opinion

• Genetic or biometric data

• Criminal history


Why do we need your personal data?

We may need to use some information about you to:

• Deliver physio services and support to you

• Manage those services we provide to you

• Train and manage our employees who provide those services

• Investigate any complaints or concerns you have about our services

• Keep track of our spending

• Monitor the quality of our services

• Research and plan for new services or changes to current services


When processing your personal data we must have legal reason to do so. Generally we collect and use your personal data where:

• You, or your legal representative, have given consent

• You have entered into a contract or are taking steps to enter into a contract with us

• It is necessary for the provision of health or social care treatment in accordance with artice 9(2)(h) of the UK GDPR.

• It is necessary to protect someone in an emergency

• It is required by law

• It is necessary for employment purposes

• It is necessary to deliver health or social care services

• It is necessary for legal cases

• It is in the public interest and to the benefit of society as a whole

• It is necessary to protect public health

• It is necessary for historic, research or statistical purposes


For handling your clinical treatment notes and health history, we process data under;

- Article 6(1)b to fulfill your physiotherapy treatment

- Article 9(2)h of the UK GDPR which specifically permits the processing of health data for the provision of health or social care treatment.

- The Common Law Duty of Confidentiality, relying on patient awareness and implied consent for information used directly in their care


How we use cookies and web analytics:

- We use low-risk, first-party analytics tools (such as Google Analytics) to monitor anonymous traffic patterns, page views, and user journeys across our website. This data is entirely aggregated and anonymised to help us optimise the performance of our online booking options, clinic services and general website performance.

- Under the UK Data (Use and Access) Act 2025 (DUAA), these purely statistical cookies are exempt from prior consent mechanisms.

- Edge Physio does not use any tracking pixels social media trackers or advertising cookies. We do not track or profile individual users across the web and we do not collect or use website data for marketing or targeted advertising purposes.


Your Right to Opt-Out

If you do not wish your anonymous browsing behavior to be counted in our clinic statistics, you can easily opt out by setting your web browser to refuse or block cookies before exploring our site.

Alternatively, you can install the official Google Analytics Opt-out Browser Add-on to prevent your data from being used


At the time of collecting your data, Edge Physio will inform you:-

• Why and how we will be processing your data

• Our legal basis for processing the data

• If the information will be shared with any 3rd parties

• If the information will be transferred to a third country (outside the European Economic

Area) including the safeguards in place to protect your data

• How long the information will be kept for

• Your individual rights, including accessing your data

• Your right to withdraw consent at any time, where relevant

• Your right to lodge a complaint with the Information Commissioners Office

• The possible consequences of failing to provide your data

• If an automated decision or profiling will be made using your data 


Who do we share your information with?

We use a range of organisations to help us deliver our services, where we have these

arrangements there is always an agreement in place to make sure that those organisations

comply with data protection law.


Where do we store your data?

• We use a fully GDPR compliant patient management system, with 2-factor authentication to manage your data, your medical notes and our clinic diary system. This system is called Cliniko.

• We occasionally use secure, encrypted Google Workspace environments (a cloud processor operating under strict UK GDPR-compliant contracts and a formally agreed business service contract with Edge Physio Limited) to manage client data between clinicians for information sharing and continuity of client care.

Any clinical notes or information handled via this system are strictly protected by multi-factor authentication and are retained or archived in line with the legislated duration of retention as further outline below in the retention and deletion section.

•  Client contact details (names and phone numbers) may be stored on secure, encrypted clinic hardware (such as mobile devices) for communication and appointment scheduling purposes. With the clients consent, rehabilitation / exercise videos may be sent but they will not be stored on the clinic hardware once sent.


Practice Telecommunications:

For telecommunications, client scheduling, and inbound/outbound clinic queries, our clinicians use bOnline, a secure, UK-based business VoIP phone network.

bOnline acts as a data processor on our behalf, managing call data records, contact numbers, and voicemail logs. In accordance with PECR (Privacy and Electronic Communications Regulations and the UK GDPR, this traffic data is processed strictly for communication continuity, is stored securely within UK data regions, and is subject to automated log cleanup schedules.


We sometimes have a legal duty to share personal data with other organisations. This is often at the request of the courts when:

• When we are required to do so by law.

• We are ordered by the courts to provide the information

• Someone is taken into care, or a service is being delivered


We may need to share your personal data when we feel there’s a reason that’s more important than protecting your privacy:

• In order to detect and prevent crime

• If there are serious risks to members of the public, our staff or to other professionals

• To protect a child or adult who are thought to be at risk

  

For all the reasons above, the risk must be serious before we can override your right to privacy.

Transferring data outside the European Economic Area (EEA)

Edge Physio will only transfer personal data outside of the EEA in compliance with Chapter V of

the UK General Data Protection Regulation. Transfers may be made where the Commission has

decided that a third country (a country outside the EEA), a territory or one or more specific

sectors in the third country, or an international organisation ensures and can demonstrate that

individual’s rights are protected by adequate safeguards.


How does the Edge Physio keep your personal data secure?

Edge Physio secures your personal information from unauthorised access, use or disclosure.

Edge Physio secures the personal data you provide on computer servers/Laptops in a controlled, secure environment, protected from unauthorised access, use or disclosure.


Retention and Destruction of your records

Your records are only kept as long as necessary for the length of your care/treatment and for a

period of time after. Edge Physio for the purposes of consistency follow the guidance issued by

the NHS Records Management Code of Practice 2020. If we have any paper records no longer required, these will be destroyed using secure shredding.

We may store your personal information using European Union based cloud providers, but only

where a data processing agreement is in place that complies with obligations equivalent to those of the UK General Data Protection Regulation. 

In compliance with UK health record standards, adult clinical notes are stored securely for 8 years following your final treatment session. For minor/paediatric patients, records are retained until their 25th birthday.


Individuals Rights

Individuals have certain rights in respect of their own personal data.

1. The right to be informed – This emphasises the need for transparency over how Edge

Physio uses your personal data, this will be done typically through a privacy notice at the

time your data is obtained.

2. The right of access – Individuals have the right to obtain confirmation that their data is

being processed and access to their personal data held by Edge Physio

3. The right to rectification – Individuals are entitled to have personal data rectified if it is

inaccurate or incomplete.

4. The right to erasure – The right to erasure is also known as ‘the right to be forgotten’.

This enables an individual to request that Edge Physio deletes or removes their personal

data where there is no compelling reason for its continued processing.

5. The right to restrict processing – Individuals have the right to block or supress

processing of personal data where there is no compelling reason for the processing.

When processing is restricted Edge Physio will be permitted to store the personal data, but

not further process it, and will retain just enough data about you to ensure that the

restriction is respected in future.

6. The right to data portability – Individuals have the right to obtain and reuse their

personal data for their own purposes across different services. It allows them to move,

copy or transfer personal data easily from one IT environment to another in a safe and

secure way, without hindrance to usability.

7. The right to object– Individuals have the right to object to processing based on

legitimate interests or the performance of a task in the public interest/exercises of official

authority, direct marketing (including profiling) and processing for purposes of

scientific/historical research and statistics.

8. Rights in relation to automated decision making and profiling – This provides

safeguards for individuals against the risk that a potentially damaging decision is taken

without human intervention.


External Website Links:

Our website may contain links to external third-party websites, professional bodies, or partner businesses for informational purposes. Please note that Edge Physio Limited does not own, operate, or control these external sites. Once you click an outbound link and leave our domain, you are subject to the privacy terms and cookie practices of that specific provider. We do not accept any responsibility or liability for the privacy policies, tracking mechanisms, or data protection practices of third-party platforms.


Changes to this policy

We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data


Further Information

For further information on the use of your data including how to make a request under your

individual rights above please contact our Director, Scott Baxter using the details below:-

Address: Edge Physio Limited, Unit 5b, Stour Valley Business Centre, Sudbury, Suffolk, CO10 7GB

Email: info@edge-physio.co.uk


If you wish to submit a Data Subject Access Request (DSAR) or lodge a formal data processing complaint, please email us with the subject line 'Data Request'. All such emails are automatically routed to our secure, restricted 'data requests / complaints' folder, where they are logged. We will formally acknowledge your request within 30 days and provide a substantive resolution without undue delay.


Complaints

If you remain dissatisfied with how Edge Physio has handled your personal data you may wish to

contact the Information Commissioner’s Office by:-

• Post: Customer Contact, Information Commissioner’s Office, Wycliffe House, Water

Lane, Wilmslow, Cheshire, SK9 5AF,

• Phone - 0303 123 1113,

• Email - casework@ico.org.uk

• Or by visiting the ICO website - www.ico.org.uk


  • Terms & Conditions
  • Privacy Policy

Edge Physio Limited trading as Edge Physio

Registered address; unit 5b, stour valley business centre, brundon lane, co10 7gb

07858590497 info@edge-physio.co.uk

Copyright © 2025 Edge Physio LIMITED - All Rights Reserved.

Powered by

podium  at world snowboarding event

If you have any questions, please send us a message in the box at the bottom of the page!

start your improvement