top of page

Mind-Body Healthcare Privacy Policy

Introduction​​

Welcome to Mind-Body Healthcare’s Privacy Policy.

Mind-Body Healthcare takes the privacy and confidentiality of clients and website users seriously. This policy explains how personal data is collected, used, stored, and protected when you visit this website or engage with Mind-Body Healthcare services.

The aim is to ensure transparency and to help you understand how your information is handled in line with data protection law.

​​

​

1. Important Information and Who We Are​

​

Purpose of This Privacy Policy

This privacy policy explains how Mind-Body Healthcare collects and processes personal data through your use of this website. This includes any data you provide when you:

  • contact us via the website

  • complete online forms

  • book services

  • download free or paid resources

  • sign up to newsletters or communications

​

This website is not intended for children, and Mind-Body Healthcare does not knowingly collect data relating to children through this website.​

This privacy policy should be read alongside any other privacy notices or consent information provided when collecting personal or sensitive data. It supplements those notices and does not override them.

​

Data Controller

Dr Sarah Hadfield, trading as Mind-Body Healthcare, is the data controller and is responsible for your personal data.

If you have any questions about this privacy policy or wish to exercise your data protection rights, please contact:

Email: drsarahhadfield@proton.me

Mind-Body Healthcare is registered with the Information Commissioner’s Office (ICO) for data protection purposes.

You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection (www.ico.org.uk). We encourage you to contact us first so we can address any concerns directly.

​

Changes to This Privacy Policy

This privacy policy is reviewed periodically and may be updated from time to time.
The most recent version will always be available on this website.

Please ensure that the personal data we hold about you is accurate and up to date, and inform us if your details change.

​

Third-Party Links

This website may include links to third-party websites, plug-ins, or applications. Mind-Body Healthcare does not control these third-party sites and is not responsible for their privacy practices. When you leave this website, you are encouraged to read the privacy policy of any site you visit.

​

​

2. The Data We Collect About You

​

Personal Data

Personal data means any information that can identify an individual. It does not include anonymised data.

Mind-Body Healthcare may collect, use, store, and transfer the following categories of personal data:

  • Identity Data: name, title, date of birth, gender

  • Contact Data: email address, telephone number, postal address

  • Financial Data: bank details or payment information

  • Transaction Data: details of payments and services purchased

  • Technical Data: IP address, browser type, device information, operating system

  • Usage Data: information about how you use this website

  • Profile Data: preferences, feedback, survey responses

  • Marketing and Communications Data: communication preferences

We may also use Aggregated Data (such as statistical data), which does not identify individuals.

​

Sensitive (Special Category) Data

Sensitive data may include health-related information such as symptoms, medical history, medication details, psychological history, or other relevant information necessary to support services provided.

This data is collected only where necessary and processed with your explicit consent.

Mind-Body Healthcare does not collect data relating to criminal convictions or offences.

​

If You Fail to Provide Personal Data

Where personal data is required to provide services or comply with legal obligations and you do not provide it, Mind-Body Healthcare may be unable to offer services. You will be informed if this is the case.

​

​

3. How Your Personal Data Is Collected

​

Personal data may be collected through:

  • Direct interactions: contact forms, booking systems, email, phone, video calls, completed forms

  • Automated technologies: cookies and similar tracking technologies

  • Third-party services: website analytics, booking platforms, payment processors

Please refer to the Cookie Policy for further information.

​

​

4. How Personal Data Is Used

​

Personal data is used only where permitted by law. Lawful bases include:

  • Contract: providing agreed services

  • Legal obligation: record keeping, tax, safeguarding

  • Consent: processing sensitive health data or sending marketing communications

  • Legitimate interests: running the practice safely and efficiently

​

Purposes Include:

  • managing enquiries and bookings

  • providing services

  • maintaining records

  • processing payments

  • communicating with clients

  • improving website performance

  • complying with legal obligations

Mind-Body Healthcare does not use automated decision-making or profiling in relation to personal data.

​

​

5. Marketing Communications

​

You may receive marketing communications only where you have opted in or where permitted by law.
You can opt out of marketing communications at any time by contacting us or using unsubscribe links where provided.

Personal data is never shared with third parties for marketing purposes without explicit consent.

​

​

6. Disclosure of Personal Data

​

Personal data may be shared only where necessary, including with:

  • secure practice management and IT service providers

  • professional advisers such as accountants or insurers

  • regulatory or legal authorities where required

All third-party providers are required to handle data securely and in accordance with data protection law.

​

7. International Transfers

​

Some third-party service providers may process data outside the UK or EEA. Where this occurs, appropriate safeguards are in place to ensure data is protected in accordance with UK GDPR standards.

​

​

8. Data Security

​

Appropriate technical and organisational measures are in place to protect personal data from unauthorised access, loss, misuse, or disclosure. Access is restricted to authorised systems and service providers only.

 

 

9. Data Retention

​

Personal data is retained only for as long as necessary.

  • Health-related records are retained for seven years after services end

  • Financial and basic client records are retained for six years for tax purposes

Data is securely deleted or destroyed once retention periods expire, unless legal or regulatory reasons require otherwise.

​

​

10. Your Legal Rights

​

Under data protection law, you have the right to:

  • request access to your personal data

  • request correction of inaccurate data

  • request erasure of data (where applicable)

  • object to processing

  • request restriction of processing

  • request data portability

  • withdraw consent at any time

Requests can be made by contacting drsarahhadfield@proton.me.
We aim to respond within one calendar month.

​

Contact

For any questions about this privacy policy or how your data is handled, please contact Mind-Body Healthcare.
Email: drsarahhadfield@proton.me

bottom of page