Privacy Policy
​
Our Privacy Policy explains how we collect, process, and store your personal data when you use our website or receive services from our clinic. It sets out how we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, which govern the collection and use of personal and health information, and the Privacy and Electronic Communications Regulations 2003 (PECR), which cover electronic communications, marketing messages, and the use of cookies on our website. Where services are booked online, we also comply with the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013.
​
In short: GDPR protects your personal data overall, while PECR specifically governs how we communicate with you electronically and track your activity online. Consumer Contracts Regulations 2013, ensure you have clear information about your bookings, rights, and any charges.
What Data We Collect and How We Use It
At Posture Positive, we only collect the information we need to provide safe, effective, and personalised care, as well as to manage our services efficiently.
Personal and Contact Information
We collect your name, date of birth, address, phone number, and email address.
This information helps us schedule appointments, send reminders, and contact you if needed.
Health and Clinical Information
We collect relevant health information such as medical history, treatment notes, and other clinical data. This is typically discussed during consultations and may be supplemented with pre-consultation forms.
Keeping accurate medical notes is essential for providing safe Osteopathic care, monitoring your progress, and complying with legal and regulatory record-keeping requirements.
All electronic records, including your personal and clinical data, are stored securely using Cliniko, which meets required data protection standards.
We do not sell your information. We may share relevant data with your GP, other healthcare professionals, or insurers only when necessary and with your consent. In limited circumstances, we may share information where legally required (e.g., safeguarding concerns or court orders).
Payment Information
We collect information necessary to process payments for services, such as card or online payment details. Payments are processed securely via PCI DSS-compliant providers.
Website and Online Activity
When you use our website, we may collect data through cookies, booking forms, and analytics tools.
Non-essential cookies are only used with your consent, and you can manage your preferences at any time.
​
Marketing Communications & PECR
We comply with the Privacy and Electronic Communications Regulations (PECR).
You will only receive marketing messages from us (e.g., newsletters, offers) if you have explicitly consented.
You can unsubscribe or withdraw consent at any time by clicking the link in our emails or contacting us directly.
Service-related messages, such as appointment confirmations and reminders, are sent as part of providing your care and do not require separate consent.
​
Bookings and Consumer Rights
When you book services online or pay for appointments, we comply with the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013. This means:
-
You receive clear information about the services you are booking and any charges.
-
You have the right to cancel or change a booking where applicable according to our terms and conditions.​
​
How to Contact Us
If you have any questions about this Privacy Policy, want to exercise your rights, or have concerns about how your information is handled, please contact us via the form below.
​
Alternatively, for a full explanation of your rights under the UK GDPR, please visit the Information Commissioner’s Office (ICO) guidance on individual rights:
Updated 22 October 2025