Last updated: March 2026
Victoria Salomonsen (trading as Victoria S Physio) is committed to protecting the privacy and security of your personal data. This policy explains how your information is handled when you visit our website, book a consultation, or receive physiotherapy treatment.
1. Who we are
| Website: | www.victoriasphysio.co.uk |
| Business Name: | Victoria S Physio |
| Status: | Sole Trader |
| Address: | Send Therapy Rooms, 175 Send Rd, Send, Woking, Surrey, GU23 7ET |
| Data Protection Contact: | Victoria Salomonsen |
| Email Address: | info@victoriasphysio.co.uk |
For the purposes of the UK General Data Protection Regulation (UK GDPR), Victoria Salomonsen is the data controller responsible for your personal data.
2. The data we collect about you
As a physiotherapy provider, we collect and process several types of data:
-
Identity & Contact Data: Name, date of birth, address, email, and phone number.
-
Health & Clinical Data (Special Category Data): Medical history, current symptoms, injury details, physical assessment findings, clinical notes, and treatment plans. This is mandatory for providing safe and effective physiotherapy.
-
Technical Data: IP address, browser type, and usage patterns when you visit our website.
-
Marketing & Communications Data: Your preferences in receiving updates or health-related information from us.
3. Lawful basis for processing
We process your data under the following legal grounds:
-
Contractual Necessity: To manage your appointments and provide the physiotherapy services you have booked.
-
Legal Obligation: To maintain clinical records as required by professional regulatory bodies and UK law.
-
Health & Social Care (Special Category): Under Article 9(2)(h) of the UK GDPR, we process health data for the purposes of “the provision of health or social care or treatment” under a professional duty of confidentiality.
-
Legitimate Interests: To ensure our business is run efficiently and to protect our legal rights.
4. How we use your data
We use your information specifically to:
-
Conduct clinical assessments and develop personalized treatment plans.
-
Communicate appointment reminders or clinical follow-ups.
-
Maintain accurate medical records in line with Chartered Society of Physiotherapy (CSP) guidelines.
-
Process secure payments for your sessions.
5. Sharing your data
Your clinical confidentiality is paramount. We do not sell your data. We only share information with:
-
Clinical Software Providers: Secure, GDPR-compliant platforms used for electronic patient records and scheduling.
-
Healthcare Professionals: With your explicit consent, we may provide reports to your GP, consultant, or insurance provider.
-
Legal/Insurance Requirements: If required for professional indemnity or by law.
6. Data security & retention
We implement strict security measures to ensure your health records are kept private, whether stored digitally or in paper format.
-
Retention: In accordance with clinical record-keeping standards in the UK, adult records are typically retained for 8 years after your last treatment. For children, records are kept until their 25th birthday (or 26th if they were 17 at the conclusion of treatment).
7. Your legal rights
Under the UK GDPR, you have the right to:
-
Access: Request a copy of your personal data and clinical notes.
-
Correction: Ask us to update or fix inaccurate information.
-
Erasure: Request deletion of data (subject to our legal obligation to maintain medical records for a specific duration).
-
Withdraw Consent: Opt-out of marketing communications at any time.
To exercise these rights, please contact Victoria Salomonsen at info@victoriasphysio.co.uk.
8. Complaints
If you have a concern about our data practices, please contact us directly. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.