We are committed to maintaining your trust and confidence when you use our website and visit our clinic. We have never, and will never, buy/rent or trade email lists or other personal data with companies for marketing purposes – that’s not who we are!

We send the occasional email to subscribers (usually patients) who have opted-in and provided their consent to receive general health information and/or offers in the form of articles, advice or newsletters.

This page includes our patient privacy notice, which is handed to new patients on their first visit, as well as our website privacy & cookie policy which explains how your personal data is used when you visit our website.

Download PDF Patient Privacy Notice (May 2018, Ver 1)

When you supply your personal details to this clinic, they are stored and processed for 4 reasons (The words in bold are the relevant terms used in the General Data Protection Regulation – i.e. the law)

  1. We need to collect personal information about your health in order to provide you with the best possible treatment. Your requesting treatment and our agreement to provide that care constitutes a contract. You can, of course, refuse to provide the information, but if you were to do that we would not be able to provide treatment.
  2. We have a “Legitimate Interest” in collecting that information, because without it we couldn’t do our job effectively and safely.
  3. We also think that it is important that we can contact you in order to confirm your appointments with us or to update you on matters related to your medical care. This again constitutes “Legitimate Interest”, but this time it is your legitimate interest.
  4. Provided we have your consent, we may occasionally send you general health information and/or offers in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.

We have a legal obligation to retain your records for 8 years after your most recent appointment (or age 25, if this is longer), but after this period you can ask us to delete your records if you wish. Otherwise, we will retain your records indefinitely in order that we can provide you with the best possible care should you need to see us at some future date.

Your records are stored:

  • On paper and/or CD/DVD media – in locked filing cabinets.
  • Electronically – in our clinic management system, on clinic computers and secure network devices, all of which are password-protected and backed up regularly. Your records can also be accessed from our secure online booking system, which is part of our clinic management system.
  • As images – CCTV/X-ray – referred to the clinic, or captured during your visit.
  • Electronically – ‘in the cloud’, where:
    • We’ve communicated by email, or text message (SMS).
    • You’ve contacted us via our website, or a social networking site.
    • You’ve been provided with a ‘WebExercises’ programme.

Our service providers use secure, password-protected systems and have assured us that they are fully compliant with the General Data Protection Regulation. We do not use any system, which uses automated decision making or profiling in respect of your personal data. Our clinic is always locked and alarmed out of working hours.

We will never share your data with anyone who does not need access without your written consent. Only the following people/agencies will have routine access to your data:

  • Your practitioner(s) in order that they can provide you with treatment.
  • Our reception staff, because they organise our practitioners’ diaries, coordinate appointments/reminders and perform administrative tasks to assist our practitioners. E.g. send a letter to your GP.
  • Service providers, who:
    • Develop and support the clinic management system, which stores our patients’ contact and medical records.
    • Host our websites and email e.g. your name and email address is stored when you get in touch via the website contact forms.
    • Provide ‘address lookup’, or ‘text messaging’ services.
  • Other companies, such as our accountants, may see your contact details as part of our accounting records – e.g. an insurance claim with a name and appointment date – but would not have access to any medical notes.
  • Campaign Monitor for email campaigns, so your personal details may be saved on their server if you’ve consented to us contacting you in this way.

From time to time, we may have to employ consultants to perform tasks, which might give them access to your personal data (but not your medical notes). We will ensure that they are fully aware that they must treat that information as confidential, and we will ensure that they sign a non-disclosure agreement.

You have the right to see what personal data of yours we hold, and you can also ask us to correct any factual errors. Provided the legal minimum period has elapsed, you can also ask us to erase your records.

We want you to be absolutely confident that we are treating your personal data responsibly, and that we are doing everything we can, to make sure that the only people who can access that data have a genuine need to do so.

Of course, if you feel that we are mishandling your personal data in some way, you have the right to complain. Complaints need to be sent to the “Data Controller” – contact details are below:

Chirozone Ltd t/a Leighton Buzzard Chiropractic Clinic
01525 853002
3 Enterprise Court, Enterprise Way
Leighton Buzzard, LU7 4SZ

If you are not satisfied with our response, then you have the right to raise the matter with the Information Commissioner’s Office.

This policy provides information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

Website Cookies

Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website to the next.

A cookie does not allow us to access your computer and does not provide any information, other than the data you choose to share with us. You can choose to accept or decline cookies using the Cookie Control panel on the bottom left of any page. Some cookies are required as they enable core functionality. These can be disabled by changing your browser preferences, but you should be aware that the website cannot function properly without them.

We use Google Analytics to to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. This helps us understand which sections of the site are of most interest, allowing us to provide a better user experience to our visitors.

To learn more about cookies and how to manage them, visit

Mailing Lists and Contact Forms

If you sign up to our Newsletter, contact us, or send us a message using our website, we collect your name, email address and message details. We always ask you to positively opt-in, to make sure you’ve not clicked something by accident. We record these details, as well as the date and the opt-in statement as part of our data protection record keeping to ensure compliance with UK Data Protection law.

We use a third party provider, Campaign Monitor, to deliver our newsletters and other email based campaigns. . We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see Campaign Monitor’s Privacy Notice. You can unsubscribe from these mailings at any time  by clicking the unsubscribe link at the bottom of any of our emails or contacting us any convenient method.

Access to your Personal Information

You are entitled to view, amend, or delete the personal information that we hold. Please contact us here:

Leighton Buzzard Chiropractic Clinic
01525 853002
3 Enterprise Court, Enterprise Way
Leighton Buzzard, LU7 4SZ

Links to other websites

Our website contains links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Policy Updates

We update our policies from time to time, so please check this page to ensure that you are happy with any changes.

Last updated:  24th May 2018.

Leighton Buzzard Chiropractic Clinic is the trading name of Chirozone Ltd
Company Number 06135478, Registered in England and Wales.