Privacy Policy

Last updated: 16th April 2025

Introduction

Welcome to Heavenly Treatments. I respect your privacy and am committed to protecting your personal information. This privacy policy explains how I collect, use, and safeguard your information when you use my services or visit my website.

As a small business operating in the UK, I comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who I Am

I am Hayley, the sole therapist and owner of Heavenly Treatments, operating from my treatment room in Kelso in the Scottish Borders. For privacy matters, I am both the data controller and processor of the personal information I collect.

Contact details:
Email: hayley@heavenlytreatments.co.uk
Phone: 0796 031 5337
Address: 6 Easter Softlaw Farm Cottage, TD5 8BJ Kelso

Information I Collect

Client Information

When you book a treatment, I collect personal information that may include:

  • Name and contact details (phone number, email address)
  • Health information necessary for safe treatment (via consultation forms)
  • Appointment history and treatment notes
  • Payment information (though I don't store full payment card details)

Website Visitor Information

When you visit my website, with your consent, I may collect:

  • IP address and browser information
  • Pages viewed and time spent on my website
  • Referral source (how you found my website)
  • Device information

I use Google Analytics to collect this information, which is detailed in my Cookie Policy.

Contact Form Submissions

When you contact me through my website form, I collect:

  • Your name and email address
  • Your phone number (if provided)
  • The content of your message
  • Treatment interests (if specified)

How I Use Your Information

I use your information for the following purposes:

  • To provide treatments: Your health information helps me deliver safe, effective treatments.
  • To manage appointments: Including sending reminders and follow-ups.
  • To process payments: For services rendered.
  • To improve my services: Understanding how clients use my website helps me make it better.
  • To communicate with you: Responding to your inquiries or sending relevant information about my services.
  • To meet legal obligations: Including tax and accounting requirements.

Legal Basis for Processing

Under the UK GDPR, I process your data based on the following legal grounds:

  • Contract: Processing necessary to fulfill my contractual obligations to you when providing treatments.
  • Legitimate interests: To improve my services and communicate with clients in ways they would reasonably expect.
  • Consent: For marketing communications and website analytics.
  • Legal obligation: To comply with legal requirements such as tax regulations.
  • Special category data: Health information is processed with your explicit consent to ensure safe treatment.

How Long I Keep Your Information

I keep your information for as long as necessary to provide my services and comply with legal obligations:

  • Client records with health information: 7 years after your last appointment (as recommended by insurers and healthcare guidelines)
  • Financial records: 6 years (to comply with tax regulations)
  • Contact form submissions: 1 year from submission
  • Marketing preferences: Until you withdraw consent or unsubscribe

Information Sharing

I respect your privacy and keep your information confidential. I do not sell your data to third parties. I may share your information in limited circumstances:

  • Service providers: Third parties who help me operate my business (such as appointment scheduling software, email provider, accounting software)
  • Legal requirements: If required by law, court order, or regulatory authority
  • Professional advisors: Such as accountants, where necessary for my business operations
  • With your consent: In other cases, I will ask for your explicit permission

All service providers I use have appropriate data protection measures in place.

Information Security

I take appropriate measures to protect your information:

  • Physical records are kept in a locked cabinet when not in use
  • Electronic records are password protected and encrypted where possible
  • My website uses HTTPS encryption
  • I regularly update software and security measures
  • I limit access to your information to only those who need it

Your Rights

Under the UK GDPR, you have rights regarding your personal information:

  • Access: You can request a copy of the information I hold about you.
  • Correction: You can ask me to correct inaccurate information.
  • Erasure: In certain circumstances, you can ask me to delete your information.
  • Restriction: You can ask me to limit how I use your information.
  • Data portability: You can request a copy of your information in a structured, digital format.
  • Objection: You can object to certain types of processing, such as direct marketing.

To exercise any of these rights, please contact me using the details provided above. I will respond to your request within one month.

Cookies and Analytics

My website uses cookies and similar technologies. For detailed information about how I use these, please see my Cookie Policy.

Links to Other Websites

My website may contain links to other websites. This privacy policy only applies to my website, so if you click on a link to another website, you should read their privacy policy.

Changes to This Privacy Policy

I may update this privacy policy from time to time. I will notify you of significant changes by posting the new policy on this page and updating the “Last updated” date.

Making a Complaint

If you have concerns about how I handle your data, please contact me first so I can address your concerns.

If you are not satisfied with my response, you have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. Visit ico.org.uk/make-a-complaint/ or call 0303 123 1113.

Contact Me

If you have any questions about this privacy policy or how I handle your information, please contact me:

  • By email: hayley@heavenlytreatments.co.uk
  • By phone: 0796 031 5337
  • By post: 6 Easter Softlaw Farm Cottage, TD5 8BJ Kelso