top of page

HOW WE USE DATA

Privacy Policy

Privacy Policy – Phoenix Sports Injury Clinic

Last updated: 10/12/2025

Phoenix Sports Injury Clinic (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website or services.

We operate in accordance with the UK General Data Protection Regulation (UK GDPR) and other applicable UK data protection laws.

 

1. Who We Are

Phoenix Sports Injury Clinic

Carlisle Sports Centre, University of Cumbria, Fusehill Street, CA1 2HH, Carlisle, UK

Email: enquiries@phoenixsportsinjury.co.uk

We provide sports therapy, injury assessment, rehabilitation, and related clinical services.

​

2. Personal Data We Collect

Information you provide directly:

- Name

- Email address

- Phone number

- Appointment details

- Messages/Details entered into the contact form

- Any information provided during booking through the RehabGuru Booking Portal

​

Information collected automatically:

- IP address

- Browser type and device information

- Usage data

- Cookies and tracking data via analytics tools

 

Information collected through third-party services:

- Appointment and payment information via RehabGuru Booking Portal and Stripe

- Email engagement data through our email marketing provider

​

We do not intentionally collect sensitive health data through the website itself unless you voluntarily provide it. Clinical records are handled under a separate confidentiality policy.

​

3. How We Collect Data

We collect data when you:

- Use our contact form

- Make a booking through the RehabGuru widget

- Subscribe to email marketing

- Browse our website

- Interact with our emails

- Make payments via Stripe within RehabGuru

​

4. How We Use Your Data

Service provision:

- Manage bookings and deliver clinical services

- Communicate with you about appointments and enquiries

- Process payments securely via Stripe

​

Business operations:

- Improve website performance

- Monitor analytics

- Send marketing emails (opt-in only)

​

Legal & compliance:

- Maintain financial records

- Comply with legal obligations

- Protect against fraud. Legal Bases for Processing (UK GDPR)

- Consent

- Contractual necessity

- Legitimate interest

- Legal obligation

​

6. How We Share Your Data

We share data with trusted third parties including:

- RehabGuru Booking Portal

- Stripe

- Website hosting provider (wix.com)

- Analytics providers

- Our email marketing platform

​

We do not sell your personal data.

​

7. Cookies & Tracking Technologies

We use cookies to enable website functionality, analyse behaviour, and support performance and marketing. You may disable cookies in your browser.

​

8. Data Retention

- Enquiry form submissions: up to 12 months

- Booking and payment records: minimum 6 years

- Marketing data: until you unsubscribe

- Analytics data: per provider policy

- Clinical records: retained per regulatory requirements (typically 7–8 years).

​

9. Data Security

We use appropriate technical and organisational measures including encryption, secure processors, access controls, and security reviews.

​

10. International Transfers - Some providers may transfer data outside the UK. We use safeguards such as Standard

Contractual Clauses (SCCs).

​

11. Your Rights Under UK GDPR

You may:

- Access your data

- Request correction or deletion

- Withdraw consent

- Object to processing

- Restrict processing

- Request data portability

- Lodge a complaint with the ICO (www.ico.org.uk)

​

12. Third-Party Links

We are not responsible for the privacy practices of external websites.

 

13. Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page.

bottom of page