Be More Vibrant Hypnotherapy is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how I collect, use and disclose personal information when you use the website or engage in hypnotherapy services.
I am based in the UK and governed by English law. The company is registered under Data Protection Act and I am listed on ICO’s (Information Commissioner’s Office) register. ICO is the UK's independent regulator for data protection and privacy, overseeing compliance with data protection laws such as the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Be More Vibrant Hypnotherapy complies with required obligations under the General Data Protection Regulation (GDPR) by keeping personal data up to date, by storing and destroying it securely, by not collecting or retaining excessive amounts of data, by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
Information I Collect
When you engage with Be More Vibrant Hypnotherapy website, contact me by email, phone (phone call, text, WhatsApp) or request my services, you acknowledge and give consent for me to process and store your personal data. This processing is based on the lawful basis of clear consent for a specific purpose, as well as the necessity for both your legitimate interests as a client and my legitimate interests as a service provider.
I will collect personal information from you when you fill out forms, communicate with me via email, phone or in-person. The types of personal information I will collect include:
Name
Contact information (email address, phone number)
Demographic information (date of birth, gender)
Health information (medical history, treatments received from other providers)
Wellbeing Assessment (various aspects of a client's health, lifestyle, personal history)
Client Intake & Consent Form
Consent to receive treatment
Client Questionnaire
Description of therapy and treatment provided during the sessions
Payment information (bank card details, PayPal details, billing address)
How I Use Your Information
I use the personal information I collect for the following purposes:
Deliver the services that clients have requested
Providing hypnotherapy services and scheduling appointments
Personalizing your experience and tailoring my services to your needs
Communicating with you about your treatment and appointments
Responding to your inquiries and providing customer support
To maintain my own accounts and records
Client data management
Processing payments for services rendered
Sending you promotional materials (with your consent)
To contact clients via surveys to ascertain their opinions on the service they received from me
Complying with legal obligations and protecting my rights
Data Security
I implement appropriate measures to safeguard your personal information and prevent unauthorized access, disclosure, alteration or destruction. I store personal information securely with restricted access to it.
In accordance with my need to maintain the possibility of access to client data as a result of returning clients or those who may wish to lodge a complaint in respect of professional service received to either my professional body or my insurers (i.e. in all cases perhaps after a long period of time has elapsed), I retain client data for a minimum period of 7 years.
Lawful Basis for processing client personal data
This is based on the client giving me clear consent to process their personal data for a specific purpose. Further, the processing is necessary for both my client’s and my own legitimate interests.
Third-Party Sharing
With your consent or at your direction
To comply with legal obligations or respond to lawful requests from authorities
To protect your safety, safety of your family members or other members of the public
To protect my rights, my safety, my property, my business or safety or that of others
I do not sell or rent your personal information to third parties for marketing purposes.
Your Rights
You have certain rights regarding your personal information, including the right to:
Access and receive a copy of your personal information
Rectify any inaccurate or incomplete personal information
The right to be informed about how information collected about you is used
Delete your personal information under certain conditions
The right to request your personal data is erased where it is no longer necessary for data controller to retain such data
Object to the processing of your personal information
Withdraw consent for processing personal information (where applicable)
The right to request that I provide you with your personal data and where possible, to transmit that data directly to another data controller, known as the right to data portability(where applicable). [N.B. This only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case the data controller processes the data by automated means.
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing.
The right to object to the processing of personal data: Individuals can object to the processing of their personal data in certain circumstances. This right applies when the processing is based on legitimate interests, the performance of a task in the public interest, or the exercise of official authority. It also applies to direct marketing and processing for the purposes of scientific or historical research and statistics.
Emergency Recording Protocol
To ensure the safety and security of both clients, me and my property, an emergency recording protocol is in place. This section explains how the protocol works and how any recordings are processed.
Recording Activation
In the event of an imminent threat or danger of any kind, a recording system will be activated to ensure the safety and security of all parties present. This system is designed to activate only under emergency circumstances and will not be used during regular sessions.
Data Processing and Storage
All recordings are securely stored using encrypted cloud storage provided by a trusted service. Access to these recordings is strictly limited to authorized personnel and is protected by robust security measures. Recordings will be kept for a limited time period, typically not exceeding 30 days, unless required longer for investigation purposes or by law enforcement authorities. Recordings will only be accessed if necessary to address the emergency situation or if requested by law enforcement.
Data Protection
Confidentiality
All recorded data is treated with the utmost confidentiality. The recordings are protected under data protection laws and are only used in accordance with the stated purpose.
Right to Access
Clients have the right to access their personal data, including any recordings that pertain to them, in accordance with GDPR. Requests for access should be made in writing.
Secure Deletion
Once the recordings are no longer needed, they will be securely deleted from the storage system. This ensures that no unnecessary data is kept beyond its useful life.
Entrance Security and Recording
For the safety and security of both clients and me, I use a Ring doorbell camera at the entrance of my home/therapy practice. This section explains how this security measure works and how any recordings are processed. The Ring doorbell camera is used to enhance security and ensure the safety of everyone entering the premises.
Recording Activation
The camera records video and audio of anyone approaching the entrance. These recordings are triggered by motion and stored securely in encrypted cloud storage.
Data Processing and Storage
All recordings are securely stored using Ring’s encrypted cloud storage. Access to these recordings is strictly limited to authorized personnel and is protected by robust security measures. Recordings will be kept for a limited time period, typically not exceeding 30 days, unless required longer for security or legal purposes. Recordings will only be accessed if necessary for security purposes or if requested by law enforcement. Unauthorized access to these recordings is strictly prohibited. All recorded data is treated with the utmost confidentiality and is protected under data protection laws.
Right to Access
Clients have the right to access their personal data, including any recordings that pertain to them, in accordance with GDPR. Requests for access should be made in writing.
Disposal of Data
Once the recordings are no longer needed, they will be securely deleted from the storage system.
Cookies and Tracking Technologies
I use cookies and similar tracking technologies on my website to enhance your experience and analyse usage patterns. You can manage cookie preferences through your browser settings.
Complaints Notice
The client has the right to complain to the Independent Commissioner’s Office (ICO) if they think there is a problem with the way I am handling their data: https://ico.org.uk/concerns/handling/
Changes to This Privacy Policy
I may update this Privacy Policy from time to time to reflect changes in my practices or legal requirements. I will notify you of any material changes by posting the updated policy on my website.
Contact Me
If you have any questions, concerns, or requests regarding this Privacy Policy or my handling of your personal information, please contact me at bemorevibrant.hypnotherapy@gmail.com
Be More Vibrant Hypnotherapy