Consumer Privacy Policy – Riverside Bodywork Practice

Last Updated: January 2025

1. Purpose of This Policy

This Privacy Policy explains how we collect, use, store, protect, and manage personal and limited medical information in compliance with the Protection of Personal Information Act, 2013 (POPIA). Our objective is to respect client privacy while ensuring safe, effective, and personalised treatment.

2. Personal Information We Collect

We may collect the following information from clients:

2.1 Personal and Contact Information

• Full name

• Phone number

• Email address

• Emergency contact details

• Appointment and booking records

• Personal medical information

• Preferences

2.2 Health and Medical Information (Limited and Relevant Only)

• Injury history

• Medical conditions relevant to treatment

• Contraindications or risk factors

• Pain areas, sensitivities, and treatment preferences

• Allergies or relevant lifestyle considerations

• Skin conditions / open wounds / relevant infections diseases

• Current injuries

We collect only information that is necessary to ensure safe treatment and injury prevention.

3. Purpose for Collecting Information

Client information is collected and used solely for the following purposes:

• Injury prevention, client safety and practitioner safety

• Tailoring massage treatments to client needs and preferences

• Creating a comfortable and client-preferred therapeutic environment

• Maintaining accurate client treatment records

• Scheduling and client communication

• Legal, ethical, and professional compliance

• Internal record-keeping and service improvement

We do not use personal information for unrelated purposes.

4. Lawful Basis for Processing Information

We process personal and medical information based on:

• Client consent

• Contractual necessity (to deliver requested services)

• Legal and professional obligations

• Legitimate business interests aligned with practitioner safety, client safety and client care

Clients may withdraw consent at any time, subject to legal or operational limitations.

5. Information Security and Storage

All client information is stored securely using appropriate technical and organisational safeguards, including:

• Password-protected digital storage

• Restricted access limited to authorised personnel only

• Secure physical storage for paper records (where applicable)

• Reasonable measures to prevent unauthorised access, loss, misuse, or disclosure

Personal and medical information is never shared without proper legal justification or client consent.

6. Sharing of Personal Information

We do not sell or trade client personal information.

Information may only be shared when:

• Required by law

• Necessary for medical or safety emergencies

• Requested or authorised by the client

• Required by insurers, accountants, or legal professionals (where applicable)

• Needed to protect the rights, safety, or wellbeing of clients or the business

All third parties must comply with confidentiality and data-protection standards.

7. Retention of Records

Personal and medical records are retained only for as long as necessary to:

• Fulfil treatment and professional obligations

• Comply with legal and regulatory requirements

• Resolve disputes or enforce agreements

Records are securely destroyed 12 months after last session.

8. Client Rights Under POPIA

Clients have the right to:

• Request access to their personal information

• Request correction or updating of inaccurate data

• Withdraw consent for data processing (where applicable)

• Request deletion of personal information, subject to legal requirements

• Object to certain processing activities

• Lodge a complaint with the Information Regulator of South Africa

Requests may be submitted in writing and will be handled within a reasonable timeframe.

9. Confidentiality and Professional Ethics

All client information is treated as confidential. Therapists and staff adhere to professional ethical standards regarding privacy, dignity, and data protection.

Medical and personal information is used only to enhance client wellbeing, safety, and comfort.

10. Marketing and Communications

We will only contact clients for:

• Appointment-related communication

• Service updates

• Optional marketing communications with prior consent

Clients may opt out at any time.

11. Changes to This Policy

This policy may be updated periodically. The latest version will always be available upon request or displayed at the practice.

12. Contact Information

For privacy enquiries, data access requests, or complaints, please contact:

Business Name: Riverside Bodywork Practice

Contact Person: Stephen Mullon

Email: stephen@riversidebodywork.co.za

Phone: 0827889992

Address: River Cottage, 22 Valley Road, Bordeaux, Randburg

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by