top of page

Privacy Policy

Effective Date: 25.01.2025

​

DAOS CLINIC ("we", "us", "our") is dedicated to protecting your privacy and ensuring the security of your personal data. This Privacy Policy details how we collect, use, store, and protect your information in compliance with UK data protection laws, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Our clinic operates at Solent Business Centre, Unit 215, 343 Millbrook Road West, Southampton, Hampshire, SO15 0HW, UK.

1. What Information We Collect

We collect and process personal data to provide safe and effective massage therapy services. The types of data we collect include:

​

a. Website Submissions

​

  • First name, last name, and email address submitted via our website's contact forms.

 

b. In-Clinic Information

​

  • Personal details such as your name, address, date of birth, and phone number.

  • Medical history and health-related information, including current health conditions, illnesses, and any contraindications relevant to your treatment.

 

c. Additional Data

​

  • Appointment history and details of the treatments provided.

  • Notes taken during or after your treatments for ongoing care.

2. How We Use Your Data

We process your data for the following purposes:

  1. Provision of Services: To deliver tailored massage therapy treatments and ensure they are suitable for your health needs.

  2. Health Record Management: To maintain accurate and comprehensive health records as required by UK healthcare regulations.

  3. Communication: To contact you regarding appointments, reminders, or follow-up information.

  4. Legal and Regulatory Compliance: To fulfill obligations related to the retention and handling of health records under UK law.

  5. Internal Reporting: For internal audits and service quality improvements (anonymized where possible).

We do not use your data for unsolicited marketing purposes unless you have explicitly opted in.

3. Data Retention and Storage

We retain your data securely and in compliance with UK data protection regulations:

​

a. Website Data

​

Data collected through our website is stored on secure servers with encryption and access controls. This data is retained for as long as necessary to respond to your inquiries or provide requested services.

​

b. Health Records

​

Physical records are stored in locked cabinets within our premises, while electronic records are encrypted and secured with restricted access. As required by UK law:

  • Adult records are kept for 8 years following your last treatment.

  • Children’s records are retained until the patient turns 25 years old or 8 years after their last treatment, whichever is longer.

  • Records of deceased patients are retained for at least 8 years after their death.

After the retention period, all records are securely destroyed through shredding (for paper records) or permanent deletion (for electronic records).

4. Sharing and Disclosure of Your Data

We do not sell or share your personal data with third parties for marketing purposes. Your data may be shared in limited circumstances:

  • Legal Obligations: To comply with applicable laws, regulations, or court orders.

  • Insurance Claims: With your explicit consent, to process insurance claims related to your treatments.

  • Professional Obligations: When required to report anonymized data to professional bodies for audit or regulatory purposes.

Any third-party data processors are required to comply with strict confidentiality and data protection standards.

5. Your Rights Under UK Law

You have rights regarding your personal data, including:

​

  • Access: You can request a copy of your personal data and health records.

  • Rectification: You can ask us to correct inaccurate or incomplete data.

  • Erasure: You can request the deletion of your data, subject to legal retention requirements.

  • Restriction: You can ask us to limit the processing of your data under certain conditions.

  • Objection: You can object to specific types of data processing.

  • Data Portability: You can request your data in a portable format where applicable.

  • Withdraw Consent: For data processed based on your consent, you can withdraw consent at any time.

To exercise these rights, contact us at daos.arty@gmail.com. We aim to respond to all requests within 30 days, as required by law.

6. Security Measures

We employ robust security measures to protect your data:

  • Physical records are stored in secure, locked cabinets with access restricted to authorized personnel.

  • Electronic records are encrypted and protected by strong passwords and secure access protocols.

  • Staff are trained in GDPR compliance, confidentiality, and the secure handling of sensitive data.

  • Regular audits are conducted to ensure ongoing compliance and security.

7. Retention Periods and Disposal

We comply with UK healthcare regulations concerning record retention and disposal. At the end of the retention period, records are securely destroyed:

  • Paper Records: Shredded to ensure confidentiality.

  • Electronic Records: Permanently deleted using secure methods.

We ensure that all data is handled responsibly and securely throughout its lifecycle.

8. Updates to This Privacy Policy

This Privacy Policy may be updated periodically to reflect changes in our practices or legal obligations. Updates will be posted on our website with the revised effective date. Please review this page regularly to stay informed.

Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or how your data is handled, please contact us:

DAOS CLINIC
Solent Business Centre, Unit 215
343 Millbrook Road West
Southampton, Hampshire, SO15 0HW, UK
Email: daos.arty@gmail.com
Phone: 07799538292

​

​

By using our services, you acknowledge that you have read and agree to this Privacy Policy.

©2020 by DAOS CLINIC.

bottom of page