Privacy Policy

Introduction

As a massage therapist and sole trader, I, Dorothee Weber, am committed to protecting and respecting your privacy. This privacy notice explains how I collect, use, and store your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It also outlines your rights in relation to your personal data.

This notice applies to all clients of Doro Massage (referred to as "I," "me," or "my"), and is intended to inform you about the personal data I collect and how it is used.


Data Controller

For the purposes of data protection laws, I, Dorothee Weber, am the data controller of your personal information.


Types of Information I Collect

I collect personal data to provide massage therapy services to you. The types of personal data I collect include:

  • Personal details: Name, address, email address, phone number

  • Health and medical information: Relevant health history, injuries, conditions, allergies, and any other medical details necessary for your treatment

  • Treatment information: Details of treatments provided, your response to therapy, progress notes

  • Emergency contact details: Information for a person to contact in case of emergency (if provided)


How I Use Your Personal Data

  • I use the personal data I collect for the following purposes:

  • To provide and manage your massage therapy treatments.

  • To maintain a record of the treatments you have received and progress made.

  • To contact you regarding your appointments or health matters related to your treatment.

  • ·To comply with legal obligations (e.g., health and safety requirements).

  • With your consent, to send you occasional updates, health tips, or promotional offers related to massage therapy (you can opt-out of this at any time).


Legal Basis for Processing Your Data

I process your personal data under the following legal bases:

  • Consent: When you provide your personal and health information for the purpose of receiving massage therapy.

  • Contractual necessity: To fulfil the contract between us when you book an appointment.

  • Legitimate interests: For routine communications related to your treatment, such as appointment reminders and health-related matters.

  • Legal obligation: In some cases, where required by law (e.g., insurance or health and safety regulations).


Sharing Your Personal Data

I will never share your personal data with third parties unless absolutely necessary, and only in the following circumstances:

  • Healthcare providers: If a referral to another healthcare professional is needed.

  • Insurance companies: If you are claiming for treatment under health insurance or personal injury.

  • Emergency contacts: In case of an emergency, if I am unable to reach you directly.

  • Regulatory authorities: If required by law or to comply with any legal obligations.

I do not share your personal data with marketing companies, and I will not sell your data to any third parties.


Data Retention

I will keep your personal data for as long as necessary to provide you with treatment and for any legal or regulatory purposes. For example, treatment records may be kept for a period of 7 years after your last visit, in line with industry best practices for medical records retention.

You can request the deletion of your data at any time after this period, provided it is no longer required for legal or regulatory reasons.


Your Rights

You have certain rights regarding your personal data. These rights include:

  • Right to access: You can request a copy of the personal data I hold about you.

  • Right to rectification: If your personal data is inaccurate or incomplete, you can ask me to correct it.

  • Right to erasure: You can request the deletion of your personal data, subject to legal obligations.

  • Right to restrict processing: You can request that I restrict the processing of your data in certain circumstances.

  • Right to object: You can object to the processing of your data in some cases, such as when processing is based on legitimate interests.

To exercise any of these rights, please contact me using the details below.


Data Security

I take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it from loss, misuse, or unauthorised access. Your data is stored securely, either in paper files kept in locked cabinets or in encrypted digital files.


Cookies and Website Usage

If you visit my website, www.doromassage.com, I may use cookies to improve the functionality of the site and monitor usage patterns. You can control cookies through your browser settings, but disabling cookies may affect how the website functions.

For more information on how cookies are used on this site, please refer to the Cookies Policy.


Changes to This Privacy Notice

I may update this privacy notice from time to time to reflect changes in my services or legal requirements. Any changes will be posted on this page, and the date of the last update will be indicated at the bottom.


Contacting Me

If you have any questions or concerns about how I process your personal data or wish to exercise your data protection rights, please contact me at:

Name: Dorothee Weber

Business Name: Doro Massage

Email: emaildoroweber@gmail.com

Phone: 07592 830 874


Complaints

If you are unhappy with how I have handled your personal data, you have the right to make a complaint to the Information Commissioner’s Office (ICO). You can contact them at www.ico.org.uk.

 

Last updated: 01/02/2025