The KiRO Clinic is a chiropractic and rehabilitation clinic based in Central London. We are committed to protecting and respecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.

2. What Information We Collect

We collect and process the following types of personal data:

Identity data: Name, date of birth, gender.
Contact data: Email address, phone number, home address.
Health data: Medical history, GP details, treatment notes (special category data).
Technical data: IP address, browser type, cookies, usage data (via analytics tools).

3. How We Collect Data

We collect personal data when:

You book an appointment online or by phone.
You fill out medical intake forms.
You contact us via website forms or email.
You browse our website (via cookies and analytics tools).

4. Why We Collect Your Data (Legal Basis)

We collect and process your data to:

Provide chiropractic services (Article 6(1)(b) – contract).
Maintain clinical records (Article 9(2)(h) – provision of health care).
Communicate with you about appointments, treatment plans, and updates.
Comply with our legal obligations (e.g. regulatory or tax requirements).
Improve website functionality and user experience (via cookies/analytics).

5. How We Store & Protect Your Data

We store your data securely on encrypted systems with access limited to authorised personnel only, on our current clinical software ‘Jane App’. Medical and health data is stored in compliance with the Records Management Code of Practice for Health and Social Care (2021).

We retain health records for 7 years after your last treatment (or until age 25 if under 18 at last appointment), as required by professional guidelines.

6. Sharing Your Data

We do not share your personal data with third parties for marketing purposes. We may share your data with:

Your GP or consultant (with consent).
Regulators or insurers if legally required.
Practice management software providers and virtual receptionists (under strict data processing agreements).

7. Your Rights Under UK GDPR

You have the right to:

Access the personal data we hold about you.
Request correction or deletion of your data.
Withdraw consent where applicable.
Object to or restrict certain processing.
Lodge a complaint with the ICO (Information Commissioner’s Office) at ico.org.uk.

To exercise your rights, please contact: info@thekiroclinic.com

8. Cookies & Analytics

Our website uses cookies and third‑party analytics (e.g. Google Analytics) to monitor site traffic and improve functionality. You can manage or disable cookies in your browser settings.

9. Third Party Links

This website may include links to external sites. We are not responsible for the privacy practices of these third‑party websites.