Precision Gait Clinic

BOOK NOW

Privacy Policy

1. Introduction

This Privacy Policy outlines how Precision Gait Clinic (“we,” “us,” or “I”) collects, uses, shares, and protects personal information when you attend an appointment at our clinic, purchase products, contact us, or use our website http://precisiongait.co.uk. This policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). By using our services or website, you agree to the terms of this policy.

2. Privacy Policy

2.1. Data Controller

For the purposes of the UK GDPR, I, Conor Costello, am the data controller of your personal information. You can contact me at info@precisiongait.co.uk or 13 Grange Road, Slattocks, Middleton, M24 2UD.

2.2. Information I Collect

To provide podiatry services, process purchases, or respond to inquiries, we collect the following personal information:
  • Identity and Contact Data: Name, email address, postal address, and phone number.
  • Medical Information: Health-related data provided during podiatry assessments or treatments.
  • Payment Information: Details necessary to process payments for services or products.
  • Technical Data: IP address, browser type, device information, and browsing behavior collected via cookies or analytics tools (see Cookie Policy below).
  • Marketing and Communications Data: Preferences for receiving marketing materials, such as newsletters.
We collect this information when you:
  • Book or attend an appointment.
  • Purchase products from our clinic or website.
  • Fill out forms, contact us, or subscribe to newsletters.
  • Visit our website, where automated technologies (e.g., cookies) collect technical data.
Your information is stored securely on a password-protected electronic patient record and diary system.

2.3. Why I Need Your Information and How I Use It

We rely on the following legal bases under the UK GDPR to collect, use, and share your information:
  • Contractual Necessity: To provide podiatry assessments, treatments, or customer support, and to process purchases.
  • Consent: When you provide affirmative consent, such as signing up for our mailing list. You may revoke consent at any time.
  • Legitimate Interests: To improve our services, analyze website usage, or ensure security, provided this does not override your rights.
  • Legal Obligation: To comply with legal requirements, such as retaining purchase information for tax purposes or maintaining health records as required by healthcare regulations.

2.4. Marketing

We may wish to send you marketing materials, such as newsletters or product offers, via mail, email, text, or phone. We will only do so with your express consent, obtained through a clear affirmative action (e.g., ticking a box on a form). You can opt out of marketing communications at any time by contacting us or using the unsubscribe option in our communications. Marketing Consent Form Please indicate your preferred communication methods for receiving marketing materials:
  • Mail
  • Email
  • Text
  • Phone
  • No Marketing
We will retain a copy of your consent in your patient or customer record.

2.5. Information Sharing and Disclosure

We share your personal information only in limited circumstances:
  • Medical Professionals: With your consent, we may share your medical information with other healthcare professionals (e.g., your GP or consultant) to ensure continuity of care.
  • Service Providers: We engage trusted third parties (e.g., external reception services, payment processors, or website hosting providers) to perform functions on our behalf. These providers act as data processors and only receive the information necessary to perform their services.
  • Business Transfers: If our business is sold or merged, your information may be disclosed as part of the transaction, only to the extent permitted by law and with your knowledge.
  • Compliance with Laws: We may share your information if required by law, such as in response to a court order or to meet regulatory obligations.
All third parties are required to comply with UK GDPR and protect your data.

2.6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations:
  • Patient Records: Podiatry records are retained for a minimum of 8 years after your last appointment, in line with healthcare regulations.
  • Customer Purchase Data: Information related to product purchases is retained for a minimum of 6 years to comply with tax legislation.
  • Marketing Data: Retained until you withdraw consent or opt out.
  • Technical Data: Analytics data (e.g., from Google Analytics) is retained for up to 26 months.

2.7. Transfers of Personal Information Outside the UK

We may store or process your information through third-party hosting services (e.g., cloud-based servers) located outside the UK, such as in the US. If we transfer your data to a jurisdiction with different data protection laws, we ensure its protection through:
  • Adequacy decisions (e.g., for EU countries).
  • Standard Contractual Clauses or other approved mechanisms.
  • Privacy Shield certification, where applicable (e.g., [X Cloud] is Privacy Shield certified).

2.8. Your Rights

Under the UK GDPR, you have the following rights regarding your personal information:
  • Access: Request a copy of the personal information we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data, except for health records, which are typically exempt due to legal requirements.
  • Restriction: Limit how we process your data in certain circumstances.
  • Objection: Object to processing based on legitimate interests or to receiving marketing communications.
  • Data Portability: Receive your data in a structured, machine-readable format.
  • Withdraw Consent: Revoke consent for processing (e.g., marketing) at any time.
  • Complain: Raise concerns with the Information Commissioner’s Office (ICO) at www.ico.org.uk.
To exercise these rights, contact us at info@precisiongait.co.uk or 13 Grange Road, Slattocks, Middleton, M24 2UD. We will respond within one month.

2.9. Data Security

We implement robust technical and organizational measures to protect your data, including password-protected systems, encryption, and regular security reviews.

3. Contact Us

For questions, concerns, or to exercise your rights, contact:
  • Data Controller: Conor Costello
  • Email: info@precisiongait.co.uk
  • Address: 13 Grange Road, Slattocks, Middleton, M24 2UD

4. Updates to This Policy

We may update this policy to reflect changes in our practices or legal requirements. The latest version will be available on our website, in our clinic, and in leaflet form, with the effective date noted. Last Updated: 30 September 2025