Skip to main content
Join now

Privacy policy

We take your privacy seriously.

When you receive treatment or engage with our services, we collect and process certain personal data to ensure professional care, safety, and proper administration.

1. What information we collect

When you are treated at our clinic, we record information about your health as part of the medical documentation required under Danish healthcare law (Authorisation Act, Chapter 6, and Journal Order no. 1090 of 28 July 2016).

In addition to the information we collect during treatment, we may receive relevant health data from other healthcare professionals (such as your doctor) according to the Health Act, Chapter 9.

These records ensure you receive safe and effective treatment.

We are legally required to store your information securely and confidentially.

We may also record basic administrative or billing data, based on GDPR Article 6(1)(b) and (f).

If you have given explicit consent, we may use your contact information to send newsletters or marketing materials in accordance with GDPR Article 6(1)(a).

2. How we share your information

All employees at Nørrebro Fysioterapi are bound by professional confidentiality.

Your information is only shared internally when necessary to provide your treatment.

Outside the clinic, we only share data with your consent — except in specific situations allowed by Danish law (for example, with your doctor or other healthcare professionals involved in your care).

Information used for billing may be shared with payment providers when required.

If your treatment is paid for by a third party (such as your region or an insurance company), we will share the necessary details with that payer.

3. How long we store your data

Your medical record is stored for five years from the last entry in your file, as required by the Danish Patient Safety Authority (Journal Order §15(2)).

In special cases, records may be stored longer.

Data used for billing or bookkeeping is kept only as long as necessary for accounting and administrative purposes.

4. Your rights

You have the right to access the personal data we hold about you.

Under §24 of the Authorisation Act, we cannot delete information from your medical record, but if you believe something is incorrect, you can request that a note or correction be added.

For data not included in your medical record, you may request correction or deletion of inaccurate information — or ask us to stop processing it altogether.

5. Video surveillance

We use video surveillance in selected common areas (the waiting room and rear entrance courtyard) to ensure a safe and welcoming environment for patients, staff, and residents.

Data controller

Nørrebro Fysioterapi ApS
Thorsgade 59, 2200 Copenhagen N
+45 35 81 48 00
info@nbfys.dk

Why we record

The purpose of our cameras is solely to prevent crime, ensure safety, and document incidents such as accidents or conflicts.

Recordings are not used to monitor performance or behaviour.

Legal basis

Recordings are made under our legitimate interest in protecting people and property (GDPR Article 6(1)(f)).

Where employees are included, surveillance complies with §12 of the Danish Data Protection Act on workplace monitoring.

What is recorded and how long it’s stored

Cameras record continuously. Footage is stored securely on an encrypted hard drive for up to 16 days, after which it is automatically deleted — unless an incident requires us to retain it longer (e.g. a police investigation, insurance claim, or legal dispute).

Backups follow the same deletion schedule.

Who has access

Only designated staff (management or operations) can access recordings, always via secure personal logins with access logs.

Footage may be shared with the police, insurance companies, or authorities when required by law.

No data is transferred outside the EU/EEA.

Registration with the police

All cameras are registered in POLCAM (the Danish Police Camera Register) in compliance with the Danish Video Surveillance Act.

We update our registration whenever cameras are moved or changed.

Your rights regarding recordings

You may request:

  • Access – to check if you appear in footage

  • Copy – of any sequence where you are clearly identifiable

  • Deletion or restriction – if the footage is no longer necessary

  • Objection – if you believe our legitimate interest does not outweigh your privacy rights

Send your request to info@nbfys.dk. We’ll respond within one month.

If you’re not satisfied with our response, you can contact the Danish Data Protection Agency (dt@datatilsynet.dk, +45 33 19 32 00).

How we protect recordings

We use encryption, strict access control, and automatic deletion to ensure recordings are secure.

If a data breach occurs, we follow official reporting procedures and notify affected individuals as soon as possible.

6. Complaints

If you wish to complain about our handling of your personal data, please contact:

The Danish Data Protection Agency
Borgergade 28, 5th floor
1300 Copenhagen K
www.datatilsynet.dk

Supervision of healthcare-related recordkeeping is carried out by:

The Danish Patient Safety Authoritywww.stps.dk