Privacy Policy

Last updated: March 2025.

This website is operated by Skuil Ltd. We take your privacy seriously and comply with data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We also adhere to clinical confidentiality guidelines in line with the Eight Caldicott Principles published by the National Data Guardian for Health and Social Care.

For the purpose of UK GDPR and the Data Protection Act 2018, we are the data controller, and any enquiry regarding the collection or processing of your data should be addressed to us.

By using our services or accessing our website, you consent to this policy.

 

What Information We Collect and How We Use It

 

Personal Information We Collect

We collect and process personal data in accordance with UK GDPR under the following lawful bases:

  • Consent – When you provide explicit consent for data processing (e.g., signing up for newsletters, completing forms, agreeing to cookies).
  • Contractual Necessity – When processing your data is necessary to fulfill a contract (e.g., providing stretch therapy services, appointment booking).
  • Legal Obligation – When we are required by law to process your data (e.g., regulatory compliance, HMRC requirements).
  • Legitimate Interests – When processing is necessary for our legitimate interests, provided your rights are not overridden (e.g., analytics for service improvement).

Website Data

When you visit our website, we collect:

  • Information you provide through forms (e.g., name, email, phone number).
  • Analytical data such as traffic patterns, location data, and communication logs. This data does not personally identify you.
  • We do not process payments via our website.

Health Information

We may collect health-related information when providing stretch therapy services, including:

  • Referral details from healthcare professionals (with your informed consent).
  • Records of treatment provided, including notes and reports about your health.
  • Emergency contact information.
  • Patient feedback and outcome data.

We only process health data under Article 9(2)(a) of UK GDPR with explicit consent or where necessary for medical purposes.

 

How We Share Your Information

We only share your personal data when necessary, with your consent, or as required by law. This may include:

  • Healthcare professionals – If necessary for treatment, including independent consultants who act as data controllers under their own privacy policies.
  • Regulatory bodies – To comply with legal obligations and clinical audits.
  • Third-party processors – Such as IT service providers who support our systems. We ensure they operate under Data Processing Agreements (DPAs) to maintain confidentiality and security.

Data Retention

We retain personal data for the following periods:

  • Patient records – Retained for at least 8 years after the last treatment (or longer for minors until they reach adulthood + 8 years), per healthcare regulations.
  • Website enquiries – Deleted after 12 months if no ongoing communication.
  • Financial records – Retained for 6 years in compliance with tax laws.
  • Marketing data – Retained until consent is withdrawn.

Your Rights Under UK GDPR

Under UK GDPR, you have the right to:

  • Access – Request a copy of the personal data we hold about you.
  • Rectification – Request corrections to inaccurate data.
  • Erasure – Request deletion of your data (“right to be forgotten”), subject to legal requirements.
  • Restrict Processing – Request limitations on how your data is processed.
  • Data Portability – Request to receive your data in a portable format.
  • Object to Processing – Opt out of data processing where applicable.
  • Withdraw Consent – Where processing is based on consent, you may withdraw it at any time.

To exercise these rights, contact us in writing. We will respond within one month.

International Data Transfers

Your data may be stored outside the UK, including in the EEA or other countries. If transferred outside the UK, we ensure adequate protection through:

  • UK government-approved adequacy decisions for certain countries.
  • Standard Contractual Clauses (SCCs) to safeguard data privacy.

Cookies & Online Tracking

We use cookies for website functionality and analytics. Under PECR and UK GDPR, we require your explicit consent for non-essential cookies.

  • Google Analytics – Used to analyze visitor trends (anonymized, non-personal data).
  • Social Media Cookies – Set by third-party sites (LinkedIn, Twitter, Facebook, Google+). Please review their privacy policies.

You can manage cookies via your browser settings. Further details are available at: www.aboutcookies.org.

Security Measures

We take security seriously and implement:

  • Data encryption for sensitive information.
  • Access controls to limit data handling to authorized personnel.
  • Regular security audits to identify vulnerabilities.

However, no data transmission over the internet is 100% secure. You transmit data at your own risk.

Third-Party Links

Our website may contain links to external sites. We are not responsible for their privacy practices. Please review their policies separately.

Complaints

If you have concerns about our data practices, you can contact us directly. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: www.ico.org.uk/concerns
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Changes to This Policy

We may update this policy periodically. Please review it regularly to stay informed about how we protect your data.

For further inquiries, contact us at The Director, Skuil Ltd, Unit 114, No. 4 Blenheim Crt, Peppercorn Close, Peterborough, PE12DU or by Email: support@stretchmasters.co.uk..