Introduction
Quantum Goddess Healing is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, use, store and protect your personal information when you visit our website, contact us, attend sessions, participate in our programmes, workshops or events, subscribe to our newsletter, or otherwise engage with our services.
We process personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.
2 Who We Are
Quantum Goddess Healing provides wellbeing, personal development and mind-body support services through one-to-one sessions, programmes, workshops and events.
Data Controllers:
Stef Sale
Niamh Goodyer
ICO Registration: ZA752479
Email: contact@quantumgoddess.co.uk
Website: https://www.quantumgoddess.co.uk/
For any questions regarding this Privacy Policy or your personal information, please contact us using the details above.
3 Information We Collect
We may collect and process the following information:
Identity Information
• Name
• Date of birth (where relevant)
• Emergency contact details (where appropriate)
Contact Information
• Email address
• Telephone number
• Postal address (if provided)
Service Information
• Information you provide when enquiring about or using our services
• Information shared during consultations, sessions, workshops or programmes
• Information contained within questionnaires, intake forms, consent forms or assessments
• Session notes and records relating to the services we provide
Technical Information
• IP address
• Browser type and version
• Device information
• Website usage information
Marketing Information
• Preferences regarding receiving communications from us
• Responses to surveys, questionnaires or feedback requests
• Newsletter subscription information
4 Special Category Data
Some information you choose to share with us may relate to your physical health, emotional wellbeing, personal circumstances, family circumstances or other sensitive information.
Under UK GDPR this may be considered Special Category Data.
We will only collect and process such information when:
• You have provided explicit consent
• It is necessary for the provision of our services
• We are legally permitted or required to do so
5 Safeguarding and Confidentiality
We respect the confidentiality of all information shared with us.
However, there may be exceptional circumstances where we are required to share information without consent if we believe there is a risk of serious harm to a child, young person, vulnerable adult or another person, or where disclosure is required by law.
Where possible and appropriate, we will seek to discuss any necessary disclosure with the individual concerned before sharing information.
Any safeguarding concerns will be handled in accordance with relevant legal, ethical and professional responsibilities.
6 How We Use Your Information
We may use your information to:
• Respond to enquiries
• Provide our services and programmes
• Manage appointments and bookings
• Maintain client records
• Send service-related communications
• Deliver purchased products, courses or resources
• Process payments and invoices
• Improve our website and services
• Comply with legal obligations
• Meet safeguarding, insurance and professional requirements
• Send newsletters or marketing communications where you have consented
7 Legal Basis for Processing
We process personal information under one or more of the following legal bases:
• Consent
• Performance of a contract
• Legitimate interests
• Compliance with legal obligations
Where we rely on consent, you may withdraw that consent at any time.
8 Marketing Communications
If you subscribe to our newsletter, free resources or updates, we may send occasional emails about our services, programmes, events and related content.
You may unsubscribe at any time by:
• Clicking the unsubscribe link in any email
• Contacting us directly
We will never sell your personal information to third parties.
9 Sharing Your Information
We will only share personal information where necessary and appropriate.
This may include trusted service providers such as:
• Website hosting providers
• Form providers, including Jotform
• Email marketing platforms
• Secure practice management systems, including WriteUpp
• Payment processors, including Stripe
• Online booking and scheduling systems
• Professional advisers, insurers or supervisors where appropriate
• Legal, safeguarding or regulatory authorities where required by law
All third-party providers are expected to protect your information appropriately and process it only for authorised purposes.
We do not sell or rent your personal information to third parties.
10 International Data Transfers
Some of our service providers may store or process information outside the United Kingdom.
Where this occurs, we will ensure appropriate safeguards are in place to protect your information in accordance with UK GDPR requirements.
11 Data Retention
We retain personal information only for as long as necessary for the purposes for which it was collected, including legal, accounting, safeguarding, insurance and professional obligations.
The length of time we retain information may vary depending on the type of service provided and any applicable legal or regulatory requirements.
Client records, session notes, assessment forms, correspondence and related documentation may be securely stored within our practice management system and retained for up to seven years following the end of our work together, or longer where required by law, safeguarding responsibilities, insurance requirements or professional obligations.information collected for marketing purposes, such as newsletter subscriptions, will be retained until you unsubscribe or request its deletion.
When information is no longer required, it will be securely deleted or destroyed.
12 Data Security
We take appropriate technical and organisational measures to protect personal information from unauthorised access, loss, misuse, alteration or disclosure.
While no method of transmission over the internet can be guaranteed as completely secure, we strive to use commercially acceptable means to protect your information.
13 Cookies and Website Analytics
\
Our website uses cookies and similar technologies to improve website functionality, analyse website traffic and enhance user experience.
When you first visit our website, you will be presented with a cookie consent banner allowing you to accept or manage your cookie preferences.
Cookies may be used to:
• Ensure the website functions correctly
• Remember your preferences
• Improve website performance and user experience
• Analyse website usage and visitor behaviour
• Support security and fraud prevention measures
You can change or withdraw your cookie preferences at any time through your browser settings or our cookie management tool.
Where legally required, non-essential cookies will only be activated after you have provided consent.
Further information may be provided in our Cookie Policy.
14 Your Rights
Under UK GDPR, you may have the right to:
• Access your personal information
• Correct inaccurate information
• Request deletion of information
• Restrict processing
• Object to processing
• Request transfer of your information
• Withdraw consent where applicable
To exercise any of these rights, please contact us using the details provided above.
We aim to respond within one month of receiving a valid request.
15 Complaints
If you have concerns about how we handle your information, please contact us first so we can try to resolve the matter.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).
Website: https://www.ico.org.uk
Telephone: 0303 123 1113
16 Children and Young People
Some of our services may be provided to or involve children and young people under the age of 18.
Where personal information relating to a child is collected, we will do so in accordance with UK GDPR, the Data Protection Act 2018 and any relevant safeguarding obligations. For children who are not legally able to provide their own consent, we will seek consent from a parent, legal guardian or person with parental responsibility where required. We take particular care when handling information relating to children and young people and only collect information that is necessary for the provision of our services, safeguarding responsibilities and legal obligations. Parents, guardians and young people may contact us at any time regarding the collection, use or deletion of personal information.
17 Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements, technology or our services.
Any updates will be published on this page and become effective immediately upon publication.