Foot Smart Ltd
Expert Midlands Podiatrist Care
Last updated: 6 May 2026
Foot Smart Ltd is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights in relation to it. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Foot Smart Ltd is the data controller for your personal information. We are a podiatry practice based in Hereford, England, providing clinical foot care services across the Midlands.
Data Controller: Foot Smart Ltd
Address: 4 Kyrle Street, Hereford, HR1 2EU, England
Email: info@footsmartltd.co.uk
Telephone: 03450178152
We may collect and process the following types of personal data:
Contact and Identification Information:
• Full name
• Home address
• Telephone number
• Email address
Health and Clinical Information (Special Category Data):
• Medical history relevant to podiatric care
• Details of medications and conditions
• Clinical notes, treatment records, and assessment findings
• Referral information from other healthcare providers
Website and Communication Data:
• IP address and browser type when you visit our website
• Information submitted via our contact or booking forms
• Email and telephone communication records
We use your personal data for the following purposes:
• To provide and manage podiatry treatment and appointments
• To communicate with you about your appointments and care
• To maintain accurate clinical records as required by our professional regulators
• To respond to your enquiries and complaints
• To comply with our legal and regulatory obligations
• To improve our website and services
We process your personal data on the following legal bases under UK GDPR:
• Contract: To fulfil our obligations when you book and receive our services.
• Legal Obligation: To comply with requirements from the HCPC, the Royal College of Podiatry, and applicable law.
• Legitimate Interests: To manage and improve our business and services.
• Consent: Where you have explicitly consented to a particular use of your data.
For special category health data, we process your information under Article 9(2)(h) UK GDPR — for the purposes of preventive or occupational medicine and the provision of health care — and on the basis of your explicit consent where required.
We do not sell or rent your personal data to third parties. We may share your information with:
• Other healthcare professionals involved in your care, with your knowledge and consent where appropriate
• Our professional regulators (HCPC, Royal College of Podiatry) if required
• IT service providers who assist us in operating our website and practice management systems (under data processing agreements)
• Law enforcement or other authorities where required by law
We retain clinical records for a minimum of 8 years following your last appointment, in line with guidance from our professional bodies. Records relating to children will be retained until the individual is 25 years old (or 8 years after last treatment, whichever is later).
Our website may use cookies and similar tracking technologies to improve your browsing experience. Cookies are small files placed on your device that help us understand how visitors use our site.
You can control or disable cookies through your browser settings. Please note that disabling cookies may affect the functionality of certain parts of our website. By continuing to use our website, you consent to our use of cookies in accordance with this policy.
Under UK GDPR, you have the following rights regarding your personal data:
• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data.
• Right to Erasure: You can request deletion of your data in certain circumstances.
• Right to Restrict Processing: You can ask us to limit how we use your data.
• Right to Data Portability: You can request your data in a structured, machine-readable format.
• Right to Object: You can object to processing based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at info@footsmartltd.co.uk. We will respond within one month.
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. All clinical records are stored securely and access is restricted to authorised personnel only.
While we take all reasonable steps to protect your data, no method of transmission over the internet is completely secure. Please do not send sensitive medical information via unencrypted email.
We do not routinely transfer your personal data outside the United Kingdom. If any transfer is necessary, we will ensure appropriate safeguards are in place in accordance with UK GDPR requirements.
If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: www.ico.org.uk
Telephone: 0303 123 1113
We would, however, always welcome the opportunity to resolve your concerns directly before you approach the ICO. Please contact us first at info@footsmartltd.co.uk.
We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated date. We encourage you to review this policy periodically.
