General Data Protection Regulation Statement (GDPR)


Your privacy and personal data are important. I will only use your personal data to provide the service you have requested and store it carefully.

GDPR requires me to clearly inform you how I use, store and destroy your personal data.


I need to collect some personal information about you and your health in order to make sure there are no contraindications to your treatment, and legal requirements. You can of course, refuse to provide the information, however unfortunately I would have to refuse your treatment as this form is a legal requirement for our insurance.


I have a legal obligation to retain your records for ten years after your most recent appointment. After this time your records will be destroyed in a method compliant with GDPR.


Records retained on paper, which is locked in a cabinet within the treatment room, is only accessible by staff of Norwich Massage Therapy.

Your phone number and email may be used electronically, with your permission. This is for appointment reminders or clinic news.


I will never share your data with anyone who does not need access without your consent. Only the owner of Norwich Massage Therapy will have access to your data.


You have the right to see what personal data of yours I hold and you can also ask the Owner of Norwich Massage Therapy to correct any factual errors. Provided the legal minimum period has elapsed, you may also ask the business to erase your records.


I would like you to be absolutely confident that I treat your personal data responsibly and that I do everything I can to make sure that only people who can access that data have a genuine need to. Of course if you feel I have mishandled your data in some way, you have the right to make a formal complaint.