top of page

Privacy
Policy

Last updated: November 2025
 

1. Introduction

SPF Foothealth (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how we collect, use, store, and protect your information when you use our services or otherwise interact with us.

We are registered and operate in the United Kingdom and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We act as a data controller when collecting and processing personal data from our patients, clients, and website users.

 

2. Information We Collect

In the course of providing foot health care services, we may collect and process the following types of personal data:

  • Identity Data: your name, date of birth, gender, and contact details.

  • Contact Data: your address, telephone number, and email address.

  • Health Data (Special Category Data): relevant medical history, foot health information, medication details, allergies, treatment notes, and other information necessary to provide clinical care.

  • Appointment Data: appointment times, attendance records, and payment history.

  • Technical Data: information collected automatically when you visit our website (such as IP address, browser type, and usage data).
     

We only collect the minimum information necessary to provide appropriate care and comply with legal obligations.

 

3. How We Collect Your Data

We collect personal data:

  • Directly from you when you register, book an appointment, or receive treatment.

  • From forms, correspondence, or phone calls.

  • Through your use of our website or online booking system (if applicable).

  • Occasionally from other healthcare professionals with your explicit consent (e.g., GP referrals).

 

4. How We Use Your Data

We process your personal data for the following lawful purposes:

  • To assess, diagnose, and provide foot health treatment and care.

  • To maintain accurate patient records.

  • To manage appointments, billing, and payments.

  • To communicate with you regarding your care, follow-up, or changes to our services.

  • To comply with legal and professional record-keeping obligations.

  • To manage our business operations, including insurance and quality assurance.

We will only process your health data when one or more of the following applies:

  • You have given explicit consent for the processing.

  • Processing is necessary for the provision of healthcare or treatment.

  • Processing is required to comply with legal obligations or to protect your vital interests.

 

5. Sharing Your Data

We treat your information with strict confidentiality.
We may share your data only when necessary and lawful, such as:

  • With other healthcare professionals involved in your care (with your consent).

  • With regulatory or professional bodies when legally required.

  • With service providers who support our operations (e.g., practice management software, payment processors, IT support).

  • With insurers or legal representatives, where necessary for legitimate purposes.

We do not share your personal data for marketing purposes and we do not sell your information.

 

6. Data Security

We implement appropriate technical and organisational measures to protect your data from loss, misuse, or unauthorised access.
Your data may be held in secure electronic systems and/or locked physical storage accessible only to authorised personnel.

 

7. Data Retention

We retain your records in accordance with professional and legal requirements.
For healthcare records, this is typically 8 years after the last treatment (or until the patient’s 25th birthday if under 18 at the time of last treatment), unless there is a lawful reason to retain them longer.

When records are no longer required, they are securely destroyed.

 

8. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • The right to access and obtain a copy of your data.

  • The right to correct any inaccurate or incomplete information.

  • The right to request erasure (in certain circumstances).

  • The right to restrict or object to processing.

  • The right to data portability.

  • The right to withdraw consent at any time (where processing is based on consent).

If you wish to exercise any of these rights, please contact us using the details below.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK regulator for data protection:
https://www.ico.org.uk
Telephone: 0303 123 1113

 

9. Cookies and Website Data

If you use our website, cookies may be used to improve functionality and analyse how visitors use our site.
You can control or disable cookies through your browser settings.
We do not use cookies to collect identifiable personal health information.

 

10. Lawful Basis for Processing

Our lawful bases for processing personal data include:

  • Consent – where you have given explicit permission.

  • Contract – when processing is necessary to deliver the agreed service.

  • Legal Obligation – where we must comply with applicable laws.

  • Legitimate Interests – where processing is necessary for the operation of our business.

  • Provision of Health Care – for medical diagnosis or treatment purposes.

 

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legislation or our practices.
The latest version will always be available at www.spf-foothealth.com

 

12. Governing Law

This Privacy Policy, and any disputes or claims arising from it, are governed by and construed in accordance with the laws of England and Wales.

 

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

SPF Foothealth
Email: sienna@spf-foothealth.com
Telephone: 07887431169

bottom of page