Privacy Policy

  1. Website Privacy Policy

  2. StretchMasters® Flex-Release® APP Suite – Privacy Policy

  1. Website Privacy Policy

Last updated: March 2025.

This website is operated by Skuil Ltd. We take your privacy seriously and comply with data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We also adhere to clinical confidentiality guidelines in line with the Eight Caldicott Principles published by the National Data Guardian for Health and Social Care.

For the purpose of UK GDPR and the Data Protection Act 2018, we are the data controller, and any enquiry regarding the collection or processing of your data should be addressed to us.

By using our services or accessing our website, you consent to this policy.

What Information We Collect and How We Use It

Personal Information We Collect

We collect and process personal data in accordance with UK GDPR under the following lawful bases:

  • Consent – When you provide explicit consent for data processing (e.g., signing up for newsletters, completing forms, agreeing to cookies).
  • Contractual Necessity – When processing your data is necessary to fulfill a contract (e.g., providing stretch therapy services, appointment booking).
  • Legal Obligation – When we are required by law to process your data (e.g., regulatory compliance, HMRC requirements).
  • Legitimate Interests – When processing is necessary for our legitimate interests, provided your rights are not overridden (e.g., analytics for service improvement).

Website Data

When you visit our website, we collect:

  • Information you provide through forms (e.g., name, email, phone number).
  • Analytical data such as traffic patterns, location data, and communication logs. This data does not personally identify you.
  • We do not process payments via our website.

Health Information

We may collect health-related information when providing stretch therapy services, including:

  • Referral details from healthcare professionals (with your informed consent).
  • Records of treatment provided, including notes and reports about your health.
  • Emergency contact information.
  • Patient feedback and outcome data.

We only process health data under Article 9(2)(a) of UK GDPR with explicit consent or where necessary for medical purposes.

How We Share Your Information

We only share your personal data when necessary, with your consent, or as required by law. This may include:

  • Healthcare professionals – If necessary for treatment, including independent consultants who act as data controllers under their own privacy policies.
  • Regulatory bodies – To comply with legal obligations and clinical audits.
  • Third-party processors – Such as IT service providers who support our systems. We ensure they operate under Data Processing Agreements (DPAs) to maintain confidentiality and security.

Data Retention

We retain personal data for the following periods:

  • Patient records – Retained for at least 8 years after the last treatment (or longer for minors until they reach adulthood + 8 years), per healthcare regulations.
  • Website enquiries – Deleted after 12 months if no ongoing communication.
  • Financial records – Retained for 6 years in compliance with tax laws.
  • Marketing data – Retained until consent is withdrawn.

Your Rights Under UK GDPR

Under UK GDPR, you have the right to:

  • Access – Request a copy of the personal data we hold about you.
  • Rectification – Request corrections to inaccurate data.
  • Erasure – Request deletion of your data (“right to be forgotten”), subject to legal requirements.
  • Restrict Processing – Request limitations on how your data is processed.
  • Data Portability – Request to receive your data in a portable format.
  • Object to Processing – Opt out of data processing where applicable.
  • Withdraw Consent – Where processing is based on consent, you may withdraw it at any time.

To exercise these rights, contact us in writing. We will respond within one month.

International Data Transfers

Your data may be stored outside the UK, including in the EEA or other countries. If transferred outside the UK, we ensure adequate protection through:

  • UK government-approved adequacy decisions for certain countries.
  • Standard Contractual Clauses (SCCs) to safeguard data privacy.

Cookies & Online Tracking

We use cookies for website functionality and analytics. Under PECR and UK GDPR, we require your explicit consent for non-essential cookies.

  • Google Analytics – Used to analyze visitor trends (anonymized, non-personal data).
  • Social Media Cookies – Set by third-party sites (LinkedIn, Twitter, Facebook, Google+). Please review their privacy policies.

You can manage cookies via your browser settings. Further details are available at: www.aboutcookies.org.

Security Measures

We take security seriously and implement:

  • Data encryption for sensitive information.
  • Access controls to limit data handling to authorized personnel.
  • Regular security audits to identify vulnerabilities.

However, no data transmission over the internet is 100% secure. You transmit data at your own risk.

Third-Party Links

Our website may contain links to external sites. We are not responsible for their privacy practices. Please review their policies separately.

Complaints

If you have concerns about our data practices, you can contact us directly. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: www.ico.org.uk/concerns
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Changes to This Policy

We may update this policy periodically. Please review it regularly to stay informed about how we protect your data.

For further inquiries, contact us at The Director, Skuil Ltd, Unit 114, No. 4 Blenheim Crt, Peppercorn Close, Peterborough, PE12DU or by Email: support@stretchmasters.co.uk.

 

2. StretchMasters® Flex-Release® APP Suite – Privacy Policy

Effective Date: 01 August 2025
Last Updated: 30 August 2025

  1. Introduction

StretchMasters® Flex-Release® Suite (“the App”) is developed and operated by Skuil Ltd, registered in England, United Kingdom.

We are committed to protecting your privacy and handling your personal data in compliance with the UK Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and, where applicable, the EU GDPR.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the App for:

  • Movement assessments (video analysis and progress tracking).
  • Physiotherapist-prescribed exercise delivery (exercise instructions, monitoring, and compliance tracking).
  1. Information We Collect

When you use the App, we may collect the following information:

  • Camera access: The App requires access to your device’s camera solely for recording videos of your movement assessments.
  • Video data: Videos are securely uploaded to our backend server for processing (e.g., range of motion analysis).
  • Login credentials: You may log in using a client ID or email. These are stored locally on your device and used to associate your results with your profile.
  • Performance metrics: Processed results (such as joint angle calculations and progress history) are stored securely to provide tracking features.
  • Exercise data: Records of prescribed exercises, progress updates, and user compliance (e.g., whether you completed an exercise) are stored securely.
  • Device and usage data (non-identifiable): We may collect diagnostic information (e.g., app crashes, error logs) to improve stability and performance.
  1. How We Use Your Information

We process your data only for the following purposes:

  1. To analyse your recorded videos and generate movement assessment results.
  2. To deliver physiotherapist-prescribed exercise programmes, track completion, and provide feedback.
  3. To display progress graphs, history, and performance tracking.
  4. To provide support, respond to enquiries, and improve the App’s functionality.
  5. To ensure the security and integrity of our services.

We do not use your videos, exercise information, or personal data for advertising or marketing without your explicit consent.

  1. Legal Basis for Processing

Under data protection law, we rely on the following lawful bases:

  • Performance of a contract – providing you with movement analysis, exercise delivery, and app functionality.
  • Consent – when granting camera permissions, uploading videos, or receiving prescribed exercise programmes.
  • Legitimate interests – ensuring the security, functionality, and improvement of the App.
  • Explicit consent for health data – when physiotherapist-prescribed exercises or movement analysis results reveal health-related information.
  1. Data Storage & Sharing
  • Video storage: Videos are stored temporarily on our server only for the duration of analysis. Once processing is complete, raw videos are deleted.
  • Processed results & exercise data: Retained securely to provide your progress history and exercise programme tracking.
  • No third-party sales: We do not sell, rent, or trade your personal data to third parties.
  • Third-party processors: We may use trusted service providers (e.g., secure cloud hosting, data analytics) who are bound by strict data protection agreements.
  • International transfers: If data is transferred outside the UK/EEA, we ensure adequate safeguards (e.g., UK/EU-approved Standard Contractual Clauses).
  1. Data Retention

We retain data only for as long as necessary:

  • Videos: Deleted immediately after processing is complete.
  • Movement results & exercise data: Retained while you maintain an active account. If you close your account, data will be deleted within 30 days, with secure backups removed within 90 days.
  • Diagnostic data: Retained only as long as necessary for performance monitoring and then anonymised.
  1. Your Rights

As a user under UK GDPR/EU GDPR, you have the following rights:

  • Right of access – to request a copy of the data we hold about you.
  • Right to rectification – to correct inaccuracies in your data.
  • Right to erasure – to request deletion of your personal data.
  • Right to restrict processing – to limit how we use your data.
  • Right to data portability – to receive your data in a structured, machine-readable format.
  • Right to object – to certain types of processing (e.g., marketing, profiling).

To exercise your rights, please email: support@stretchmasters.co.uk.

  1. Security

We use appropriate technical and organisational measures to protect your personal data, including:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure, access-controlled servers
  • Audit logging and regular reviews
  • Data minimisation and anonymisation where possible

We are committed to continuous improvement of our security practices. As we scale, we aim to achieve recognised standards such as ISO 27001 to demonstrate compliance and industry best practice.

However, no system is completely secure, and we cannot guarantee absolute protection against unauthorised access.

  1. Children’s Privacy

The App is intended for individuals aged 16 years or older.

Users under 16 years must not use the App.

Users aged 16–17 years may only use the App under the guidance of a qualified physiotherapist or with parental/guardian consent.

We do not knowingly collect data from children under 16. If you believe we have collected data from someone under this age, please contact us immediately for deletion.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be published in the App and/or on our website. Continued use of the App after changes means you accept the updated policy.

  1. Contact Us

If you have any questions or concerns about this Privacy Policy or your personal data, please contact:

 support@stretchmasters.co.uk
 Postal address: Skuil Ltd, Unit 114, No. 4 Blenheim Court, Peppercorn Close, Peterborough, PE4 5DN, England, UK

If you are not satisfied, you also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at https://ico.org.uk.

Trust & Security at StretchMasters®

At StretchMasters®, your privacy and security come first. Our app is designed to handle sensitive information, including health-related data, with the highest level of care. Below we have listed the standards that we strive to achieve.

 Our Commitments

  1. Data Protection by Design
  • All data processing is built to comply with the UK GDPREU GDPR, and the Data Protection Act 2018.
  • We apply the principle of data minimisation: we only collect what is strictly necessary.
  1. Video & Exercise Data Handling
  • Videos recorded for movement assessment are encrypted in transit, analysed securely, and then deleted immediately after processing.
  • Exercise programmes prescribed by your physiotherapist are stored securely and linked only to your account.
  1. Encryption & Secure Infrastructure
  • All traffic between your device and our servers is protected with HTTPS/TLS encryption.
  • Data is stored in secure, access-controlled servers located in trusted data centres.
  • We conduct regular security reviews and audits.
  1. International Transfers
  • If data is transferred outside the UK/EU, we use Standard Contractual Clauses (SCCs) and equivalent safeguards.
  1. User Control & Transparency
  • You may request access, correction, or deletion of your data at any time.
  • If you close your account, data is deleted within 30 days, and backups are securely erased within 90 days.
  • We never sell your personal data.
  1. Roadmap & Continuous Improvement
  • As we scale, we are committed towards achieving ISO 27001 certification for information security management.
  • We regularly review and update our systems to meet the highest industry standards.

 Contact Us

Questions about security? Get in touch:

 support@stretchmasters.co.uk
 Postal address: Skuil Ltd, Unit 114, No. 4 Blenheim Court, Peppercorn Close, Peterborough, PE4 5DN, England, UK