Privacy & Cookie Policy

Last updated: June 2026

At Osteopathy4u.uk, managed by Timothy Sparrow DO MSc(Hons) Ost.Med, we are committed to protecting and respecting your privacy. This policy explains when, why, and how we collect personal information about people who visit our website and book clinical services, how we keep it secure, and the conditions under which we may disclose it to others.

1. Information We Collect & How We Use It

As a healthcare environment, we collect data to provide you with safe, professional osteopathic medical treatment. We process data under two distinct categories:

• Personal Data: Name, contact details (email, phone number), and date of birth used purely for booking appointments and administrative communication.
• Special Category Data (Medical History): Details regarding your physical health, symptoms, lifestyle, and clinical case histories. This is gathered during your consultation to build a tailored treatment plan. We only process this data with your explicit, signed clinical consent.

2. Lawful Basis for Processing

Under the GDPR, our legal grounds for processing your data are:

• Contractual Necessity: To fulfill appointment bookings and manage your customer account.
• Legitimate Interests: To run an efficient healthcare practice and respond to diagnostic inquiries submitted through our contact forms.
• Provision of Health Care: For processing clinical health data, adhering to the requirements set out by the General Osteopathic Council (GOsC).

3. How We Use Cookies

Cookies are small text files placed on your device to help our website provide a better user experience. We use:

• Essential Cookies: Necessary for the website to function (e.g., managing a secure booking flow). These do not track personal behavior.
• Analytical/Performance Cookies: (Optional) These allow us to recognize and count the number of visitors to look at how traffic moves around the site, helping us optimize the layout. These run only if you select "Accept All" on our banner.

You can choose to block or delete cookies via your web browser settings at any time.

4. Data Retention & Security

We implement strict security measures to protect your data from loss, misuse, or unauthorized access. In accordance with UK medical law, adult clinical records must be safely retained for a minimum of 8 years after your last treatment session (or until age 25 for minor patients).

5. Sharing Your Information

We do not sell, rent, or trade your personal information with third parties. Your data is only shared with third-party service providers acting on our behalf (such as secure clinical booking software or encrypted email hosts) who strictly adhere to GDPR laws. We will never share medical files with your GP or other health professionals without your explicit authorization.

6. Your Rights Under GDPR

You hold substantial rights regarding your data. These include the right to:

• Request a copy of the personal and medical data we hold about you.
• Request corrections to inaccurate information.
• Request deletion of your personal data (subject to legal medical retention holding periods mentioned in Section 4).
• Withdraw your consent to marketing or non-essential cookie tracking at any time.

To exercise any of these rights, please reach out to us using the contact details displayed above. If you believe your data has been handled incorrectly, you have the right to lodge a formal complaint with the Information Commissioner's Office (ICO) in the UK.

← Return to Home Page