![Kaha [logo]](https://www.kahasportstherapy.co.uk/wp-content/themes/kaha-2020/assets/img/kaha-logo-white.svg){kind=logo}
Kaha Sports Therapy GDPR Policy
How we obtain your personal data
We will ask you to complete, with your therapist, a registration form. This will include name, date of birth, contact telephone number, email address, previous medical history and any other chronic health conditions which may prevent us from treating you.
We may also keep other information, which is relevant to the treatment you will be receiving from us.
How we use your personal data
We will only share information with other therapists within Kaha to provide the best treatment for you. We will never discuss treatments with other external therapists without your explicit consent and only if we feel it will benefit your treatment.
Your information will be used to make further appointments or contact you in the event of a cancellation. Your personal information will never be shared with third parties for marketing purposes and will not be used by us for marketing purposes without your consent.
How we will protect you personal data
We undertake, at all times, to protect your personal data in a manner which is consistent with the Kaha team’s duty of confidentiality. We will take all reasonable measures to protect your personal data stored in paper files and on our electronic system.
Your Rights
- Right to confirmation – you have the right to know if we hold personal data that concerns you
- Right to access – you have the right to view and to obtain a copy of any personal data we hold that concerns you
- Right to rectification – you have the right to the correction of any inaccuracies within the personal data we hold that concerns you
- Right to erasure – you have the right to have your personal data removed from our systems
- Right to complain – you have the right to complain to the data regulator but we would appreciate it if you would contact us in the first instance so that we can help with any issues
Cookies
Like most websites we set cookies to enable features on our website. You can find out more about cookies and how to manage them on the All About Cookies website.
We set strictly necessary cookies for security and to enable you to do things like login to our site.
| Cookie name | Reason |
|---|---|
| __cfduid | Set by Cloudflare and used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. |
| wordpress_[hash] wordpress_sec_[hash] wordpress_logged_in_[hash] | Set by WordPress if you login to our site to store your authentication details. |
| wordpress_test_cookie | Tests whether or not your browser has cookies enabled. |
| wp-settings-{time}-[UID] | Set by WordPress and used to customize your view of admin area interface (if applicable), and possibly also the main site interface. |
| _stripe_mid _stripe_sid m.stripe.com | Set by Stripe (our payment provider) for fraud prevention purposes |
Data processors
Emails
We use Mailgun as our email sending provider (ESP). They help to ensure email deliverability for notification emails (such as new appointments, reminders, etc). They store some email data for up to 7 days. This is stored in an EU data centre. Your can read more about their GDPR policy here.
Payments
We use Stripe as our payment processor. We do not store any payment card information. You can read about Stripe’s GDPR policy here.