top of page



Nordic Rehab Ltd takes your privacy seriously and has a Data Protection Policy that complies with the General Data Protection Regulations (2018). The company collects personal data from its clients (patients & suppliers) that is specific, relevant & essential to maintain accurate clinical and administrative records.

Nordic Rehab Ltd has a practice management system that stores your personal data securely.


Data written at time of assessment is transferred to electronic format using GDPR compliant software within 24 hours. Electronic patient clinical records are stored securely using GDPR compliant software.

Nordic Rehab Ltd utilises a GDPR compliant invoicing software system to invoice our clients electronically.


Any paper documentation is stored securely in a locked filing cabinet in a lockable room at the business address.


All electronic communication is carried out through a 2-way encrypted email using GDPR compliant software.

Data will not be shared with third parties, without your consent (see Data Protection Policy for legal exclusions). You have the right to know, and to access the data that is kept about you. The company is legally required to maintain patient clinical records for a period of 8 years following your last episode of care. After which time, clinical records will be destroyed.

Nordic Rehab Ltd uses telephone, email or post to communicate with patients, you will be asked how you wish us to communicate with you during your episode of care.

Nordic Rehab Ltd utilises cookies to facilitate website navigation on

If you wish to see our Cookie Policy or our Data Protection Policy, please contact us.


Lasse Flosand

Nominated Data Processor

(Updated February 2021)

bottom of page