Privacy Policy

Privacy Policy

Metro Physio Privacy Notice

We strive to achieve the highest possible standards of practice in all we do. We want to ensure we extend this to the way we handle and manage your personal data. You can be assured we take the safe keeping and privacy of data very seriously and do all we can to comply with the Data Protection Act 2018 and the General Data Protection Regulations (GDPR) 2018.

What data do we collect?

To provide health related services we need to collect personal and often sensitive medical information. The following data may be collected, held and shared.


  • Contact details, age, gender, personal and job role information to communicate with you and provide appropriate care.
  • Sensitive health information regarding your medical history and details of the condition we are to review and treat.

Who will it be collected from?

Directly from you or the referring party for example employer, occupational healthcare service, Consultant, GP or private medical insurer.

What is our lawful basis for processing?

If referred to us by your employer we process your health data under the specific regulation of the GDPR guidelines; – article 9-2(h) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3.

How do we look after the safety of your data?

We will ensure all personal data is collected, held and when required transferred in line with GDPR good practice guidelines. We will only process the data for the purposes for which it was collected so will not edit, transfer or delete this without legal basis or an individual’s express wishes. Please note data will not be transferred outside of EU borders. We ensure we take appropriate measures to safeguard the information we store to prevent unauthorised access or improper use. It is securely stored in a protected environment and only authorised people have access to the data.

Who will your data be shared with?

We will not disclose your information outside of Metro Physio except; –


  • With our IT support, patient management and exercise software companies who we have confirmed work to strict security and compliance standards.
  • With your express consent to the referring party who may be medical or non-medical (e.g. – Managers, Human Resources and Health and Safety personnel).
  • For quality assurance purposes we use your anonymised data for ongoing clinical audit With the University of Brighton.

In certain circumstances, we may be legally required to share certain data, which may include your personal data, for example, for legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority

The rights of individuals (Data Subjects) whose data we process

The GDPR regulations give the below rights to ‘data subjects’:


* Right to be informed – regarding how we legitimately process your data.


* Right to access – any data we have about you.


* Right to rectification – of any data you inform us is inaccurate.


* Right to erasure – of your data (‘right to be forgotten’) unless we are legally obliged not to.


* Right to restrict processing – to prevent further processing of the data we hold.


* Right to data portability – you may request we transfer your data to another data controller


* Right to object – to processing, profiling, direct marketing and some forms of research


* Right to question automated decision making – i.e. profiling


We will ensure we comply with your requests regarding your rights under GDPR unless there is a legal reason for us not to do so.

How long do we retain data for?

There are differing legal ‘retention periods’ we must comply with for example medical and personnel records. Personal data will be held for no longer than is in the interests of the individual. For example, to destroy medical records for a patient would potentially result in poor service as we may be required to go through a lengthy process of retaking information that had previously been provided. We may at any point be requested for information from an individual, so it is in their legitimate interests to keep this on file. Individuals have the right at any time to ask for their data to be destroyed or transferred (providing we that we are not legally bound to keep the data).

Information collected through our website

When you visit Metro Health & Wellbeing’s website, as is usual on almost all websites, the server automatically collects anonymous information such as; –


* IP address


* Date and time of visit to website


* The pages visited


* The browser used


* The country from which you are accessing the website


* The language of the browser used


* The website from which it is accessed


* The search word/s used


* The type of connection


* The operating system


The only reason this information is collected is to constantly improve the user’s website experience.


We do not collect any personal information other than information that is knowingly or voluntarily given. Visitors will not be contacted by us, unless such information is given, and contact is specifically requested.


Harmless cookies that are designed to enhance your user experience of this website are stored on your device. These consist of small data files relating to you and this website.


Information stored in cookies created by First Internet Marketing Ltd. are not shared with any third party unless required to do so by law.

By continuing to browse this website you are consenting to the storage of its first party cookies on your device.


The first party cookies used by this website include (but may not be limited to):


_ga = Google Analytics – Google Analytics = Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers

_gat = Google Analytics – Google Analytics = Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers

_gid = Google Analytics – Google Analytics = Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers

Requests, Complaints & Concerns

If you wish to request copies of your data, wish to make a complaint or have a concern regarding how we collect, store, save, manage or delete personal data, then please contact us on, or call us on 0161 745 7551 / 0151 515 223 or write to Metro Physio, 30 The Crescent, Salford, Manchester M5 4PF part of the Metro Health & Wellbeing group – Company registration number – 07637925. If you still feel dissatisfied you should contact the Information Commissioners Office who have full details on GDPR and data protection laws.
Scroll to Top