RDM Osteopathy

Book Online

Policies

Privacy Policy

RDM Osteopathy Ltd
Effective Date: 3/10/2025

We are committed to protecting your personal data and respecting your privacy in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy explains how we collect, use, store, and share your personal information as part of our osteopathic healthcare services.

This document concerns personal data, which is defined as any information relating to a living individual (referred to here as the Data Subject) that is not publicly available. The General Data Protection Regulation (GDPR), an EU-wide regulation that is more comprehensive than the previous Data Protection Act, along with the Privacy and Electronic Communications Regulations (PECR), aims to protect and strengthen the rights of individuals within the EU regarding their personal data. These rights include safeguarding personal information, preventing unlawful processing, and ensuring the free movement and storage of personal data within the EU and the European Economic Area (EEA).

1. Who We Are

RDM Osteopathy Ltd
10, Coalway Road, Penn, Wolverhampton, WV3 7LX.
01902 655584
07590 274215
rdmosteopathy10@gmail.com
Data Controller: Ruby Myatt (Director and Principal Osteopath)

Regulatory Authority:
We are registered with the General Osteopathic Council (GOsC).

VAT Exempt.

We diagnose and treat physical musculoskeletal conditions and other related injuries. Treatments are formulated and conducted in accordance with GOsC regulations and the Institute of Osteopathy patient charter.

2. How we use and process your personal data:

a) Medical Information and Consent
In order to provide you with effective treatment, we may need to collect detailed medical information. We will only request and record data that is relevant and necessary for your care. During your visits to the clinic, we will take clinical notes which may include information about your medications, treatment plans, and any other relevant health-related matters.

All personal and medical data is stored securely and is only accessible to those directly involved in your care. For data storage purposes, some information may be handled by carefully selected administrative staff who have signed confidentiality agreements.

As part of our obligation to maintain accurate clinical records, it is a condition of treatment that you provide your consent for us to collect, document, and process your personal medical data.

The contact details you provide, such as phone numbers, email addresses, and postal addresses, may be used to send appointment reminders and relevant treatment-related communication, including reports and updates.

b) Marketing Communications
With your consent, we may also use your contact details to respond to enquiries and to send you occasional updates, news, or information about services that we believe may be of interest to you.

c) Ongoing Marketing Dialogue
By making initial contact with the clinic, you consent to receiving occasional marketing communications from us. You may opt out at any time by contacting the clinic using the details at the end of this notice.

In some cases, we may promote services offered by independent practitioners who operate from our premises but are not employed by us. In these instances, we may act as a data processor on their behalf. We do not sell or broker your data under any circumstances.

d) Data Minimisation and Protection
We only collect the personal data required to deliver the services you request. Your information is never sold or shared for commercial purposes. We are committed to handling your data responsibly and in full compliance with data protection laws.

3. Legal Bases for Processing

Legal processing of personal data will meet obligations gained by patient consent and contractual agreement. Under UK GDPR, we rely on the following legal bases:

a) Consent – by booking an appointment and agreeing to this policy, the patient is consenting to RDM Osteopathy Ltd to processing their personal data for the purposes stated. You have a right to withdraw consent at any time by contacting the practice via phone call, email or post. Thus, revoking agreement in the privacy policy.

b) Contract – to provide accurate and appropriate osteopathic services to you, the patient, for conditions with health that are indicative of osteopathic care.

c) Legal Obligation – to accurately maintain medical records under GOsC and iO regulations.

d) Vital Interests – in case of a medical emergency.

4. Sharing Your Information

We only share your information when necessary, and with appropriate safeguards in place:

a) With your GP, consultant, or other healthcare professionals (with your consent)

b) With insurers or health schemes (e.g. Bupa, AXA) when relevant

c) With regulators (e.g. General Osteopathic Council or ICO) where legally required

d) With software providers that securely store clinical or booking data. We use Cliniko practice management software.

We do not sell your data or share it for marketing purposes.

5. How Long We Keep Your Data

We retain your clinical records in accordance with legal and professional requirements:

  • Adults: 8 years after last treatment
  • Children (under 18): Until age 25 (or 26 if seen at 17)

After this time, records are securely deleted or destroyed.

6. Your Rights Under UK GDPR

You have the right to:

a) Access the personal data we hold about you

b) Correct inaccurate or incomplete data

c) Request deletion (where applicable)

d) Object to or restrict processing

e) Withdraw consent (where applicable)

f) Request data portability

g) Lodge a complaint with the ICO: http://www.ico.org.uk

To exercise your rights, please contact us directly using the contact details below.

7. How We Protect Your Information

a) All records are stored securely and appropriately and electronic records are encrypted and have password-protected systems including two-factor authentication. This will be held by Cliniko Practice Management Software.

b) Only authorised staff can access your data. An authorised staff member is any individual who has been given explicit permission by RDM Osteopathy Ltd to access personal data as part of their professional duties and complies with the company’s privacy and GDPR notices.

c) Our systems and policies comply with current data protection and clinical safety standards.

d) All records will be kept in the United Kingdom

8. Website and Cookies

Our website may use cookies to improve your browsing experience. You can choose to accept or reject cookies through your browser settings. We do not use cookies to collect identifiable health or personal data.

Cookies are a small text file that the website stores on your computer, phone, or device when you visit it. It helps our website remember information about you and your visit. If you wish to remove cookies, please visit allaboutcookies.org to help with this.

9. Complaints

If you wish to raise a concern about how we have handled your personal data, you have the right to make a complaint directly to us. If you are not satisfied with our response, or if you do not receive a reply within 30 days, you may escalate your complaint to the Information Commissioner’s Office (ICO).

ICO
Wycliffe House,
Water Lane, Wilmslow,
SK9 5AF
Telephone: +44 (0)303 123 1113   

10. Contact Us

If you have any questions or wish to exercise your data rights, contact us.

By Post:
RDM Osteopathy Ltd
10 Coalway Road, Penn, Wolverhampton, UK
WV3 7LX

By Telephone:
01902 655584
07590274215

By Email:
rdmosteopathy10@gmail.com