Privacy Policy [Your Practice Name] – Veterinary Physiotherapy Last updated: [Date]

1. Introduction

This Privacy Policy explains how [Your Full Name], trading as [Your Practice Name], collects, uses, stores, and protects personal information gathered through this website, including the vet referral form, customer enquiry form, and contact form.

I am committed to protecting the privacy of everyone who interacts with this website, including veterinary professionals, animal owners, and other visitors. This policy is in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who I Am (Data Controller)

Natalie Stoner Trading as: Natalie Stoner Veterinary Physiotherapy Email: [your@email.com] Phone: [Your Phone Number]

As a sole trader operating this website, I am the Data Controller responsible for your personal data.

3. What Personal Data I Collect

Vet Referral Form When a veterinary professional submits a referral, I collect: the referring vet's name and professional registration number; veterinary practice name, address, and contact details; the patient animal's name, species, breed, age, and sex; the animal owner's name and contact information; clinical history, diagnosis, and reason for referral; and any relevant medical notes or attachments provided.

Customer Enquiry Form When an animal owner or prospective client submits an enquiry, I collect: your full name; email address and/or phone number; the name and species of your animal; the nature of your enquiry; and any additional information you choose to provide.

Contact Form When anyone uses the general contact form, I collect: your name, email address, and the content of your message.

Automatic Data When you visit this website, certain technical data may be collected automatically, including your IP address, browser type, pages visited, and the date and time of your visit. This is used for website security and performance monitoring only.

4. Legal Basis for Processing

I process personal data on the following legal grounds under UK GDPR: legitimate interests (to respond to enquiries and manage referrals); contract performance (to provide physiotherapy services); legal obligation (to maintain records required by relevant professional and regulatory bodies); and consent (where you have explicitly agreed to specific processing).

Where information about an animal owner's health is incidentally mentioned in referrals or correspondence, it is treated with the same care as sensitive personal data.

5. How I Use Your Personal Data

I use the information collected to respond to enquiries and messages; process and manage veterinary referrals; book and manage appointments; maintain clinical records and provide treatment; communicate with referring vets regarding patient progress; comply with professional, legal, and regulatory requirements; and improve the website and services I offer.

I will never use your personal data for automated decision-making or profiling.

6. Who I Share Your Data With

I do not sell, rent, or trade personal data with third parties. I may share data in limited circumstances: with the referring veterinary practice for coordinated patient care; with professional advisers such as an accountant or legal adviser, under strict confidentiality obligations; with website hosting or software providers who act as data processors on my behalf; and where required by law, regulation, or court order.

7. How Long I Keep Your Data

Clinical and referral records are retained for a minimum of 7 years following the last appointment, in line with professional guidance. General enquiries and contact form submissions are retained for up to 12 months, or until the enquiry is resolved. Website technical data is retained for up to 12 months. After these periods, data is securely deleted or anonymised.

8. Data Security

I take reasonable steps to protect your personal data, including use of secure and encrypted communication where possible, password-protected storage of electronic records, HTTPS encryption on website forms, and restricted access to personal data on a need-to-know basis.

No method of electronic transmission or storage is completely secure. If you have concerns about sharing sensitive information online, please contact me directly.

9. Cookies

This website may use essential cookies necessary for the site to function, and analytics cookies to understand how visitors use the site. You can control and delete cookies through your browser settings, though disabling them may affect some website functionality.

10. Your Rights Under UK GDPR

You have the right to access the personal data I hold about you; have inaccurate or incomplete data corrected; request deletion of your data in certain circumstances; restrict how I use your data; receive your data in a portable format; object to processing based on legitimate interests; and withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact me using the details in section 2. I will respond within one calendar month and will not charge you for making a request.

11. Right to Complain

If you believe I have not handled your personal data correctly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk or by calling 0303 123 1113. I would appreciate the opportunity to address any concerns directly before you contact the ICO.

12. Third-Party Websites

This website may contain links to external websites. I am not responsible for the privacy practices or content of those sites and encourage you to read their privacy policies.

13. Changes to This Policy

I may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised date. I encourage you to check back periodically.

14. Contact

If you have any questions about this policy or how I handle your data, please get in touch:

[Your Full Name] Email: [your@email.com] Phone: [Your Phone Number] Address: [Your Business Address]