Privacy & Cookie Policy

Privacy Notice

Physio-Link is committed to protecting your privacy and complying with data protection legislation. This
Privacy Notice contains important information about us, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and the
ICO (the supervisory authority) in the event you have a complaint.

Who we are

Physio-Link is a trading style of Physio-Link Rehabilitation Services and is a private limited company registered in England (10339477). Its registered office is Senate Suite, Palatine House, Belmont Business Park, Durham, DH1 1TW.

Physio-Link collects, uses and is responsible for processing certain personal information about you. When we do so we are regulated under the General Data Protection (GDPR) (EU) 2016/679, which for the time being applies across the European Union (including the United Kingdom), and the Data Protection Act 2018, and we are responsible as ‘processor’ of that personal information for the purposes of those laws.

The personal information we collect and use

Collected by us:
In the course of providing medico-legal services, we may collect and process the personal data about you.

Information provided by you

Experts:
– Data contained within your CV, which may include contact information such as name, address, contact details and other personal data; this is stored within our database of experts on the grounds of legitimate interest. Our database is available to our clients
(firms of Personal Injury and Clinical Negligence solicitors) who can access it using a designated username and password.

– Data contained within other documentation such as ICO certificates and indemnity insurance certificates; these are also stored within our database of experts but not available to our clients.

Claimants:
– Personal data and information to assist us with providing a service to you via our instructing solicitor; this information is shared by the solicitor you have instructed and any other (medical) professionals necessary to assist with your case as appropriate.

Information obtained by us:

Publically available information about you or your business (including electronic sources).

How we collect your personal data

We may collect personal data about you or your organisation in a number of circumstances, such as:

Experts:
– When you or your organisation offer to provide services to us, such as the provision of medical reports.

Claimants:
– When we have been provided with your written consent to obtain personal data (such as medical records) on behalf of yourself and your solicitor in support of your Personal Injury or Clinical Negligence claim.

– When we are instructed to obtain a medical report or other service, for example an X-ray or other procedure.

Information we receive from other sources

We may receive personal data about you from people, such as solicitors, liaising with us in relation to the services we are providing to our law firms in relation to your Personal Injury or Clinical Negligence claim.

Personal data about other people which you provide to us

If you provide personal data to us about someone you must ensure that you are entitled to disclose that personal data to us and that, without us taking any steps to verify this, we may collect, use and disclose that personal data as described in this Privacy Notice. It is your responsibility to inform the individual concerned of this Privacy Notice.

How we use your personal information to provide our services

We process your information in the following ways:

Experts:
– A copy of your CV, which may including contact information such as name, address, contact details and other personal data, is stored within our database of experts, and is available to our clients who can access it using a designated username and password. – This enables our clients to view your CV before deciding to instruct you via MSRG.

– Data contained within other documentation such as ICO certificates and indemnity insurance certificates are recorded in our CRM system and their expiry dates are recorded. This allows us to monitor certificates which are due to expire so we are able to obtain up-to-date certification.

Claimants:
– To carry out our obligations arising from any contracts entered into between us and our instructing solicitor who is handling your Personal Injury or Clinical Negligence claim.

– To provide you with the information and services that you request from us, via your instructing solicitor.

– This information is shared with (medical) professionals necessary to assist you with your case, to enable them to provide the relevant (medical) evidence.

Who we share your personal information with

We may share and/or disclose your information with selected third parties including:

– Business partners, professional advisors, suppliers and sub-contractors for the
performance of any contract we are obliged to with your instructing solicitor;

– Medical experts, consultants or any other professional equivalent, such as an architect or accident reconstruction expert in connection with your matter;

– Service providers acting as processors based within the EEA and who provide IT and system administration services to us;

– Any law enforcement agency, court, regulator, government authority (including HM Revenue & Customs) or other third party where we believe this is necessary to comply with a regulatory obligation or otherwise to protect our rights or the rights of any third party;

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

How long your personal information will be kept

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Please contact us if you require further detail regarding our retention policy.

Reasons we can collect and use your personal information

We will process your personal data for one or more of the following lawful grounds:
– Where we need to perform the services we are contractually obliged.

Your rights under GDPR

Under GDPR you have a number of important rights, subject to certain conditions. In summary, those include rights to:

1. Request access to personal data held by us about you (also known as Data Subject Access Request);

2. Request correction of personal information held by us about you;

3. Require us to erase personal data held by us about you where there is no lawful reason to continue to process it or retain it;

4. Restrict our processing of personal data held by us about you;

5. Receive personal data, which you have provided to us, in a structured, commonly used and machine readable format. You also have the right to require us to transfer this personal data to another organisation, at your request;

6. Object to our processing of personal data held by us about you (including for the purposes of sending marketing materials to you);

7. Withdraw your consent, where we are relying on it to use your personal data; and

8. Not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please contact our Data Protection Officer using the details below:

Physio-Link
Senate Suite, Palatine House
Belmont Business Park
Durham
DH1 1TW

Email: physio-linkenq@premiermedical.co.uk

In order to process your request, you will need to provide:

– Sufficient information to identify you, that if your name, address and contact details;

– Proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and

– Sufficient explanation of your request relating to the rights set out above.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information.

The GDPR also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or by telephone on 0303 123 1113 or by post at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Changes to this Privacy Notice

This Privacy Notice was published in January 2020. We may change this Privacy Notice from time to time to reflect any changes to the way in which we process your personal data and to meet our legal requirements. Any such change to the Privacy Notice will be published on our website and will take effect as soon as they are posted.

How to contact us

Please contact our Data Protection Officer, on the details above, if you have any questions about this Privacy Notice or the information we hold about you.

Cookie Policy

A cookie is a small amount of data sent to your computer or mobile phone from a website. This means the website can recognise your device (your computer or mobile phone) if you return to the same site.

A cookie often includes a unique identifier, which is a randomly generated number. This is stored on your device’s hard drive. Many cookies are automatically deleted after you finish using a website.

Cookies are not programs and do not collect information from your device. Cookies make your experience of using websites faster and easier. They allow websites to create a customised view of pages to which you navigate. For example, they are commonly used to authenticate or identify registered users of a website without requiring them to sign in each time they access it, and tracking the pages a user has visited on a site for analysis purposes.

How to control and delete cookies

MSRG will not use cookies to collect personally identifiable information about you. However, if you wish to restrict or block the cookies, which are set by this website, or indeed any other website, you can do this through your browser settings.

How to manage your cookies

Cookies are sent to your browser (whether you use Internet Explorer, Google Chrome, Safari or any other browser) by a website and then stored in the cookies directory of your device.

To check and update your cookies settings, you will need to know what browser you are using and what version of it you have. You can usually find this out by opening the browser (just as though you were going to use the internet) and then clicking on ‘Help’ and then ‘About’. This will give you information about the browser version you are using.

To find out how to allow, block, delete and manage the cookies on all standard web browsers, go to www.aboutcookies.org and select the browser and version you are using. You’ll also find information about how to delete cookies from your computer.

If you use a mobile phone to browse this site or other sites that use cookies, please refer to your handset manual for guidance.

Google Analytics

This site uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of the site and compile reports for us on activity.

Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using this site, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Cookies set by third party sites

We sometimes embed content from other third party sites. As a result, when you visit a page with content embedded from, for example, YouTube, you may be presented with cookies from these websites. MSRG does not control the dissemination of these cookies. You should check the relevant third party website for more information about these.