Privacy Policy

[Elysium Sports Therapy]

Last updated:10/03/2026

 

1. Introduction

Welcome to Elysium Sports Therapy ("we", "our", or "us"). We are committed to protecting the personal information you share with us when you visit our website or use our online booking system.

This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights in relation to it. Please read it carefully before using our services.

By using our website or booking a session with us, you agree to the collection and use of your information as described in this policy.

 

2. Who We Are

We are a sports therapy practice based in Taunton, Somerset. Our website, including the online booking system, is operated by:

 

Business Name: Elysium Sports Therapy

Address: Riverside House, Stewley Road, Hatch Beauchamp, Taunton, TA3 6AF

Email: t.hill@elysiumsportstherapy.co.uk

Phone: 07983 729397

 

3. Information We Collect

We collect information from you in the following ways:

3.1 Information You Provide Directly

When you make a booking, create an account, or contact us through our website, we may collect:

• Full name

• Email address

• Phone number

• Date of birth

• Home address

• Details about your injury, medical history, or health conditions relevant to your treatment

• Payment details (processed securely through our payment provider — we do not store full card details)

• Any other information you choose to provide in messages or intake forms

3.2 Information Collected Automatically

When you visit our website, we may automatically collect certain technical information, including:

• Your IP address

• Browser type and version

• The pages you visit and how long you spend on them

• Referring website (how you found us)

• Device type and operating system

This information is collected using cookies and similar technologies. See Section 8 for more details.

3.3 Health Information

As a sports therapy practice, we collect health-related information to provide safe and effective treatment. This is considered "special category" data under UK GDPR and is handled with additional care and strict confidentiality.

 

4. How We Use Your Information

We use the information we collect for the following purposes:

• To process and manage your bookings

• To provide sports therapy services tailored to your needs

• To send you appointment confirmations, reminders, and follow-up communications

• To process payments for services

• To maintain accurate client records as required for safe clinical practice

• To respond to your enquiries or complaints

• To improve our website and services

• To comply with our legal and regulatory obligations

• To send you occasional marketing communications about our services (only with your consent)

 

5. Legal Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following bases:

• Contract: To fulfil our booking agreement with you and deliver the services you have requested.

• Legitimate Interests: To manage our business operations, improve our services, and maintain records.

• Legal Obligation: To comply with applicable laws and professional regulatory requirements.

• Consent: For marketing communications and for processing your health information where required.

• Vital Interests: In emergency situations where it may be necessary to protect your health or safety.

 

6. Sharing Your Information

We do not sell or rent your personal data to third parties. We may share your information with:

• Our online booking system provider, who processes data on our behalf

• Payment processing services (e.g., Stripe, PayPal) to handle transactions securely

• Email or SMS providers used to send booking confirmations and reminders

• Healthcare professionals or emergency services where required for your safety

• Legal or regulatory authorities where we are required to do so by law

Any third parties we work with are required to handle your data securely and in accordance with applicable data protection law.

 

7. How Long We Keep Your Data

We retain your personal information for as long as necessary to provide our services and comply with our legal obligations. Specifically:

• Client records (including health information): retained for a minimum of 7 years after your last appointment, in line with professional guidance for healthcare records

• Booking and payment records: retained for up to 6 years for tax and legal purposes

• Marketing data: retained until you withdraw your consent

• Website analytics data: typically retained for up to 26 months

When your data is no longer needed, it will be securely deleted or anonymised.

 

8. Cookies

Our website uses cookies — small text files stored on your device — to help the site function properly and to understand how visitors use it.

We may use the following types of cookies:

• Essential cookies: Required for the website and booking system to function correctly.

• Analytics cookies: Help us understand how visitors interact with our website (e.g., Google Analytics).

• Preference cookies: Remember your settings and preferences.

You can control or disable cookies through your browser settings at any time. Note that disabling certain cookies may affect the functionality of the booking system.

 

9. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

• Right of access: You can request a copy of the personal data we hold about you.

• Right to rectification: You can ask us to correct any inaccurate or incomplete information.

• Right to erasure: You can request that we delete your personal data in certain circumstances.

• Right to restrict processing: You can ask us to pause processing your data in some situations.

• Right to data portability: You can request your data in a structured, machine-readable format.

• Right to object: You can object to processing based on legitimate interests or for direct marketing.

• Right to withdraw consent: Where we rely on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us using the details in Section 2. We will respond within one calendar month.

 

10. Data Security

We take the security of your personal data seriously. We use appropriate technical and organisational measures to protect your information against unauthorised access, loss, or misuse. These include:

• Secure (HTTPS) connections on our website

• Encrypted storage of sensitive data

• Restricted access to client records

• Secure, reputable third-party providers for booking and payment processing

While we take every reasonable precaution, please be aware that no method of data transmission over the internet is completely secure.

 

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies before providing any personal information.

 

12. Children's Privacy

Our services may be provided to clients under the age of 18 with the consent and involvement of a parent or legal guardian. In such cases, we collect information from and about the young person only with appropriate parental or guardian consent. We do not knowingly collect personal data from children without such consent.

 

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Any updates will be posted on this page with a revised date. We encourage you to review this policy periodically.

 

14. Complaints

If you have any concerns about how we handle your personal data, please contact us in the first instance using the details in Section 2 and we will do our best to resolve the matter.

If you are not satisfied with our response, you have the right to lodge a complaint with the UK's data protection regulator:

 

Information Commissioner's Office (ICO)

Website: www.ico.org.uk

Phone: 0303 123 1113