Privacy Policy

Osteopath & Sports Massage Therapist M.Ost DC BTEC MA (Psych)

Privacy Policy

Osteopath & Sports Massage Therapist M.Ost DC BTEC MA (Psych)

GDPR 2018 Privacy Notice

The General Data Protection Regulation (GDPR) which is EU wide and far more extensive than its predecessor the Data Protection Act, along with the Privacy and Electronic Communications Regulations (PECR), seek to protect and enhance the rights of EU data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU and its storage within the EEA.

1 – About Andreas Petrou

Andreas Petrou, Osteopath, who provides treatments at Nuffield Health, the Klinik, Tranquility pilates in the city of London, as well as the Yoga Bar in Twickenham and his home in Wandsworth Town is pleased to provide the following information.

2 – About osteopathy

Osteopaths diagnose and treat health conditions. Treatments are carried out in accordance with the guidelines set out by the General Osteopathic Council Practice Standards, and Institute of Osteopathy’s patient charter (the practice may also provide other treatments in future, about which Andreas will be pleased to provide more details).

3 – Personal Data

a) For the purposes of providing treatment, Andeas may require detailed medical information (C1, C4, C6 of updated osteopathic practise standards). Only what is relevant and necessary for your treatment will be collected. When you visit Andreas, he will make notes which may include details concerning your medication, treatment and other issues affecting your health. This data is always held securely and is not shared with anyone not involved in your treatment.  

b) To be able to process your personal data it is a condition of any treatment that you give your explicit consent to allow Andreas to document and process your personal medical data. Contact details provided by you such as telephone numbers, email addresses, postal addresses may be used to remind you of future appointments  and, if ever necessary, provide reports or other information concerning your treatment.

c) Andreas will also use the contact details provided by you to respond to your enquiries, including  texting and/or emailing appointment reminders. On the odd occasion, in addition to any usual social media posts which you may or may not receive, Andreas may forward information which he believes may be of interest to you.

d) In making initial contact with Andreas, you consent  to maintaining a “marketing” dialogue until you either opt out (which you can do at any time) or  he decides to desist in promoting his services.

e) Andreas does not broker your data and you can ask to be removed from his records by emailing, texting or phoning him using the contact details provided.

f) Andreas’ website uses cookies, which is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. His website visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using Osteopaths’ website.

g) Andreas will only collect the information needed so that he can provide you with the services you require, he does not sell or broker your data.

4 – Legal basis

The legal basis for processing any personal data is to meet professional contractual obligations: obtained from explicit Patient Consent, and legitimate interest to respond to enquiries concerning the services provided.

5 – Consent

Through agreeing to this privacy notice you are consenting to Andreas processing your personal data for the purposes outlined. You can withdraw consent at any time using the details provided at the end of this Privacy Notice.

7 – Disclosure

Andreas will keep your personal information safe and secure. Andreas will not disclose your Personal Information unless compelled to, in order to meet legal obligations, regulations or valid governmental requests.

In the event that you are referred to another professional (GP, physiotherapist etc) your explicit and written consent will be obtained.

8 – Retention Policy

Andreas will process personal data during the duration of any treatment and will continue to store only the personal data needed for eight years after the contract has expired to meet any legal obligations. After eight years all personal data will be deleted, unless basic information needs to be retained by to meet future obligations to you, such as erasure details. Records concerning minors who have received treatment will be retained until the child has reached the age of 25.

9 – Data storage

All Data is held in the United Kingdom. Microsoft 365 and Google Drive are GDPR compliant. Andreas does not store personal data outside the EEA.

10 – Your rights

At any point whilst Andreas is in possession of, or processing your personal data, you have the following rights:

Right of access – you have the right to request a copy of the information that held about you.

Right of rectification – you have a right to correct data that is held about you that is inaccurate or incomplete.

Right to be forgotten – in certain circumstances, you can ask for the data held about you to be erased from records.

Right to restriction of processing – where certain conditions apply you have a right to restrict the processing.

Right of portability – you have the right to have the data held about you transferred to another organisation, provided you consent to this explicitly.

Right to object – you have the right to object to certain types of processing such as direct marketing.

Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.

13 – Cookie policy

We use cookies and similar technologies on this site to personalise and enhance your experience while using the site. Cookies are small text files placed on your computer to collect standard internet log information and visitor behaviour information.

We may use cookies for the following purposes:

Necessary cookies – These cookies are required for you to be able to use some important features on our website, such as logging in. These cookies don’t collect any personal information.
Functionality cookies – These cookies provide functionality that makes using our service more convenient and makes providing more personalised features possible. For example, they might remember your name and e-mail in forms so you don’t have to re-enter this information next time you visit.

Analytics cookies – We use Google Analytics, a popular web analytics service provided by Google to look at the information collected on cookies, to measure traffic and help improve our visitor website experience.

Google has their own Privacy Policy which you can review and if you’d like to opt-out of tracking by Google Analytics, visit the Google Analytics opt-out page.

You can also set your browser not to accept cookies should you wish to; more information can be found on this website

Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as or For more information about cookies, visit

14 – Complaints

In the event that you wish to make a complaint about how your personal data is being processed  you have the right to complain to Andreas. If you do not get a response within 30 days, you can complain to the ICO.

ICO: Wycliffe House, Water Lane, Wilmslow, SK9 5AF Telephone +44 (0) 303 123 1113 or email:

Get in touch today

If you have any questions about the privacy policy or if you want to go ahead and book a treatment.
Contact Andreas here

Pin It on Pinterest

Share This