Do you provide biomechanical assessments and gait analysis?

Yes. We provide comprehensive biomechanical assessment and gait analysis at our clinics on the Lisburn Road and Ormeau Road, using advanced pressure-plate technology and ultrasound imaging where appropriate.

Do you make custom orthotics?

Absolutely. Custom orthotics are prescribed following a detailed clinical assessment. At Lower Limb, we design and manufacture all orthotics in-house using 3D scanning and SLS 3D printing technology. This gives you a greener, more precise, and longer-lasting orthotic than traditional manufacturing methods.

Do you offer shockwave therapy?

Yes. Shockwave therapy is available once an assessment has been carried out and a clinical diagnosis is made. All new potential shockwave patients must first be assessed for suitability via a Lower Limb Injury Assessment appointment.

Can I book a same-day appointment?

If there is availability, of course! We would normally book out quickly though so we do advise booking your appointment in advance. You can see all our availability online. We also provide evening and weekend appointments.

Do you treat children?

Yes, of course. All our podiatrists are trained to manage paediatric conditions from common verruca or warts to gait issues such as in-toeing, flat feet and other childhood foot concerns.

Do you accept health insurance?

We are covered by most major health insurance companies except AXA PPP. If you are a BUPA member you must provide a pre-authorisation code. All other insurance companies — you will need to pay then claim back with your receipt.

Do you offer home visits?

Unfortunately we are unable to offer home visit appointments at present. We have two convenient clinic locations on the Lisburn Road and Ormeau Road in Belfast.

What happens at a first appointment?

All new patients need to be assessed first. Please come prepared with a list of any medications you take. We do thorough checks on your feet including blood flow quality and advanced neurological testing for diabetic patients. Before any treatment, we discuss your primary concerns and answer any questions about your treatment plan.

Privacy Policy | Lower Limb Clinic Belfast

1. Introduction

Lower Limb Clinic ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our website (www.lower-limb.com), attend our clinics, or interact with our services.

We comply fully with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR). This policy should be read alongside our Terms & Conditions.

2. Data Controller

The data controller responsible for your personal data is:
Lower Limb Limited
Company Number: NI636450
Registered Address: 385 Lisburn Rd, Belfast BT9 7EP
Email: hello@lower-limb.com
Phone: 028 9013 9185

For all data protection enquiries, please contact us at hello@lower-limb.com marked "FAO Data Protection".

3. What Data We Collect

We may collect and process the following categories of personal data:

3.1 Identity & Contact Data

Full name, date of birth, gender
Address, email address, telephone number
Emergency contact details
Next of kin details (where clinically relevant)

3.2 Health & Clinical Data (Special Category Data)

This is "special category data" under Article 9 of UK GDPR and receives enhanced protections. It includes:

Medical history, current medications, and allergies
Clinical assessment notes, diagnoses, and treatment plans
Biomechanical and gait analysis data
Diagnostic imaging (ultrasound scans, clinical photographs)
3D foot scan data used for orthotic manufacturing
AI-assisted clinical notes (see Section 8)
Referral correspondence with other healthcare providers

3.3 Financial & Transaction Data

Payment card details (processed securely via our PCI DSS-compliant payment provider — we do not store card numbers)
Invoices, receipts, and transaction history
Gift voucher purchase and redemption records
Insurance claim information

3.4 Technical & Usage Data

IP address, browser type and version, operating system
Pages visited, time spent on site, referral source
Cookie and analytics data (see Section 12)

4. How We Use Your Data

We process your personal data only where we have a lawful basis to do so. The table below sets out the purposes for which we process your data and the corresponding lawful basis under UK GDPR:

Purpose	Lawful Basis (UK GDPR)
Providing clinical treatment and care	Art. 6(1)(b) — Contract; Art. 9(2)(h) — Health purposes
Managing appointments and bookings	Art. 6(1)(b) — Contract
AI-assisted clinical note-taking	Art. 6(1)(f) — Legitimate interests; Art. 9(2)(h) — Health purposes
Processing payments and invoicing	Art. 6(1)(b) — Contract
Sending appointment reminders	Art. 6(1)(f) — Legitimate interests
Complying with legal and regulatory obligations (HCPC, HMRC)	Art. 6(1)(c) — Legal obligation
Safeguarding and child protection	Art. 6(1)(d) — Vital interests; Art. 9(2)(c) — Vital interests
Improving our website and services	Art. 6(1)(f) — Legitimate interests
Managing insurance claims on your behalf	Art. 6(1)(b) — Contract; Art. 9(2)(h) — Health purposes
Marketing (only with your explicit consent)	Art. 6(1)(a) — Consent

Where we rely on legitimate interests, we have carried out a Legitimate Interest Assessment (LIA) to ensure that your interests, rights, and freedoms do not override our legitimate interests. You may request details of our LIA by contacting us.

5. Special Category Data — Additional Safeguards

Health and clinical data is classified as "special category data" under UK GDPR and receives additional protections. We process this data under Article 9(2)(h) — processing necessary for the purposes of preventive or occupational medicine, medical diagnosis, the provision of health or social care, or the management of health or social care systems and services. This is further supported by Schedule 1, Part 1, Paragraph 2(2)(f) of the Data Protection Act 2018, which permits processing for the management of health care systems or services.

All clinicians who access special category data are subject to a duty of confidentiality under HCPC professional standards and the common law duty of confidence.

6. Third-Party Data Processors

We use carefully selected third-party services to help us deliver our services. Each processor is bound by a written data processing agreement in accordance with Article 28 of UK GDPR and operates in compliance with applicable data protection law:

6.1 Cliniko (Practice Management System)

We use Cliniko to manage patient records, appointments, and clinical notes. Cliniko stores all data on secure, encrypted servers and acts as a data processor on our behalf. Cliniko's servers are located in Australia; appropriate safeguards (including Standard Contractual Clauses and the UK International Data Transfer Agreement) are in place. For more information, see Cliniko's Privacy Policy.

6.2 Gift Up (Gift Voucher Platform)

We use Gift Up to manage the sale and redemption of gift vouchers. When you purchase a gift voucher, your name, email address, and payment details are processed by Gift Up on our behalf. Payments are processed securely via Stripe. For more information, see Gift Up's Privacy Policy.

6.3 Realta Labs (Orthotic Manufacturing)

Our sister company Realta Labs receives 3D foot scan data and prescription information for the purpose of manufacturing custom orthotic devices. Realta Labs processes this data solely for the fulfilment of your orthotic prescription and is bound by a data processing agreement.

6.4 Other Processors

We may also use processors for email communications, website hosting, analytics, and payment processing. All processors are vetted for UK GDPR compliance and are bound by appropriate data processing agreements. A full list of sub-processors is available on request.

7. Data Storage & Security

We implement appropriate technical and organisational measures to protect your personal data in accordance with Article 32 of UK GDPR, including:

Encrypted storage of all clinical records within Cliniko (AES-256 encryption at rest)
Secure access controls — only authorised clinicians can access your health data, with role-based permissions
Regular security audits and staff training on data protection
Secure disposal of physical records in accordance with NHS and HCPC guidelines
SSL/TLS encryption on all website communications
Multi-factor authentication for clinical system access
Regular review of access logs and security incidents

8. Use of Artificial Intelligence (AI)

We use AI-assisted technology during clinical assessments to support accurate and efficient note-keeping. It is important to understand:

AI is used as a clinical support tool only — all clinical decisions are made by our qualified, HCPC-registered podiatrists
AI may transcribe and summarise assessment conversations to create clinical notes
All AI-generated notes are reviewed, verified, and approved by the treating clinician before being added to your record
AI-processed data is subject to the same strict confidentiality, security, and retention policies as all other clinical data
No AI-generated data is shared with third parties for marketing, training, or any purpose unrelated to your care
You have the right to request that AI is not used during your appointment — please inform your clinician at the start of your consultation. Opting out will not affect the quality of your care

9. Automated Decision-Making & Profiling

We do not use your personal data for automated decision-making or profiling that produces legal effects or similarly significant effects on you, as defined under Article 22 of UK GDPR. All clinical decisions are made by qualified human clinicians. AI tools (as described in Section 8) assist with administrative tasks only and do not make or influence clinical decisions.

10. Confidentiality

All personal and health information you share with us is treated as strictly confidential. We adhere to:

The Health and Care Professions Council (HCPC) Standards of Conduct, Performance and Ethics
The Royal College of Podiatry guidance on clinical record-keeping and best practice
The Caldicott Principles for handling patient-identifiable information
The NHS Code of Practice on Confidentiality
The common law duty of confidence

We will never share your personal or health data with third parties for marketing purposes. Information may only be disclosed:

With your explicit and informed consent
Where required by law or court order
For safeguarding purposes (child protection, prevention of serious harm)
Where disclosure is required by a regulatory body (e.g., HCPC, ICO)
To other healthcare professionals involved in your direct care (with your knowledge)

11. Data Retention

We retain your data for the following periods, in line with professional, legal, and regulatory requirements:

Adult clinical records: 8 years after the last appointment, or longer if clinically relevant (in accordance with Royal College of Podiatry record retention guidance)
Children's clinical records: Until the patient's 25th birthday, or 8 years after the last appointment — whichever is longer
Nail surgery and invasive procedure records: 15 years (in line with NHS Litigation Authority guidance)
Financial records: 7 years (as required by HMRC)
Gift voucher records: 2 years after expiry or redemption
Website analytics: 26 months
Marketing consent records: Duration of consent plus 1 year

When retention periods expire, data is securely deleted or anonymised. Clinical records are disposed of in accordance with NHS confidential waste procedures.

12. Cookies & Electronic Communications (PECR)

Our website uses cookies in accordance with the Privacy and Electronic Communications Regulations 2003 (PECR). We use:

Strictly necessary cookies — required for the website to function. These do not require consent under PECR
Analytics cookies — to understand how visitors use our site (e.g., Google Analytics). These are placed only with your consent
Third-party cookies — set by services such as Cliniko (online booking) and Gift Up (gift vouchers). These are subject to the third party's own cookie policies

You can manage cookie preferences through your browser settings or through the cookie consent mechanism on our website. Disabling certain cookies may affect website functionality. For more details on the specific cookies we use, please contact us.

We will only send you marketing emails with your prior explicit consent, in accordance with PECR. You can withdraw consent at any time by clicking "unsubscribe" in any marketing email or by contacting us directly.

13. International Data Transfers

Some of our third-party processors may store or process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place in accordance with Chapter V of UK GDPR, including:

UK adequacy regulations — transfers to countries recognised as providing adequate data protection
Standard Contractual Clauses (SCCs) — as approved by the UK Secretary of State
UK International Data Transfer Agreement (IDTA) — where applicable

Details of the specific safeguards in place for each international transfer are available on request.

14. Children's Data

We treat children under 16 with our Children's Foot Assessment service. In relation to children's data:

Consent for processing is obtained from the parent or person with parental responsibility
Clinical records for children are retained until the patient's 25th birthday or 8 years after last appointment (whichever is longer)
We apply enhanced safeguards to children's data in accordance with the ICO's Children's Code (Age Appropriate Design Code) where applicable to our online services
We do not knowingly collect personal data from children through our website without parental consent

15. Data Breach Procedures

In the event of a personal data breach, we will:

Assess the breach in accordance with our internal data breach response procedure
Where required under Article 33 of UK GDPR, report the breach to the ICO within 72 hours of becoming aware of it
Where the breach is likely to result in a high risk to your rights and freedoms, notify you directly in accordance with Article 34 of UK GDPR, without undue delay
Document all breaches, including those not reported to the ICO, in our internal breach register

16. Your Rights

Under UK GDPR, you have the following rights:

Right of access (Art. 15) — request a copy of your personal data (Subject Access Request)
Right to rectification (Art. 16) — request correction of inaccurate or incomplete data
Right to erasure (Art. 17) — request deletion of your data (subject to legal and professional retention requirements)
Right to restrict processing (Art. 18) — request limitation of how we use your data
Right to data portability (Art. 20) — receive your data in a structured, commonly used, machine-readable format
Right to object (Art. 21) — object to processing based on legitimate interests or direct marketing
Right to withdraw consent (Art. 7) — where processing is based on consent, without affecting the lawfulness of processing before withdrawal
Rights related to automated decision-making (Art. 22) — the right not to be subject to decisions based solely on automated processing (see Section 9)

To exercise any of these rights, contact us at hello@lower-limb.com marked "FAO Data Protection". We will respond within one calendar month. This period may be extended by up to two further months for complex or numerous requests, in accordance with Article 12(3) of UK GDPR. We will inform you of any extension within one month of receiving your request.

We may ask you to verify your identity before processing your request. There is no fee for exercising your rights, unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request.

17. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: ico.org.uk/make-a-complaint
Phone: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

We would appreciate the opportunity to address your concerns before you contact the ICO. Please reach out to us at hello@lower-limb.com.

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Any changes will be posted on this page with an updated revision date. Where changes are material, we will take reasonable steps to notify affected individuals. We encourage you to review this policy periodically.