YOUR PERSONAL INFORMATION - GENERAL DATA PROTECTION REGULATION (GDPR
This Privacy Policy explains what personal information is collected, why it is collected, how it is used, and your rights under UK data protection law.
UK GDPR is the legal framework for data protection in the United Kingdom and continues to apply following its introduction in May 2018.
⸻
Therapist Details
Name: Charlotte Curtis-Brown
Business: CCB Therapies
Telephone: 07855 957192
Email: charlottecb@hotmail.co.uk
Address: 10 Princess Drive, Wistaston, Crewe, CW2 8HP
⸻
PURPOSE OF PROCESSING YOUR DATA
In order to provide safe and effective holistic therapy treatments, I collect and hold relevant personal and health information.
This allows me to:
- Assess suitability for treatment
- Tailor treatments to your individual needs
- Record treatment details and progress
- Contact you regarding appointments or treatment updates
- Maintain professional standards and insurance requirements
⸻
WHAT INFORMATION I COLLECT
I may collect and store:
- Contact details (name, address, email, phone number)
- Date of birth
- Emergency contact details
- Relevant medical history and health information
- Treatment notes and session records
- Communication relating to appointments and treatment
⸻
LAWFUL BASIS FOR PROCESSING YOUR INFORMATION
Under UK GDPR, I process your data on the following bases:
- Legitimate interests – to provide safe, effective treatment and maintain appropriate client records
- Consent – where you agree to provide personal and health information for treatment purposes
- Legal obligations – where required for insurance, accounting, or safeguarding purposes
⸻
SPECIAL CATEGORY (HEALTH) DATA
As a holistic therapist, I may collect sensitive health-related information.
This is processed under UK GDPR conditions for healthcare provision and is strictly confidential. It is used solely for the purpose of safe and appropriate treatment.
⸻
HOW YOUR DATA IS STORED
Your personal information is stored securely using password-protected systems and/or secure paper records.
Access is strictly limited to the therapist. Appropriate technical and organisational measures are in place to protect your data from loss, misuse, or unauthorised access.
⸻
DATA RETENTION
Client records are retained for 7–8 years after your last treatment, in line with insurance requirements, professional body guidance, and legal obligations relating to healthcare records.
After this time, your data is securely deleted or destroyed.
⸻
DATA SHARING
Your personal data is never sold or shared for marketing purposes.
Your information will only be shared if:
- You give explicit consent
- It is required by law
- There is a safeguarding concern
- It is required by professional insurance or legal request
⸻
THIRD-PARTY SERVICE PROVIDERS
My website is provided through PhD Interactive and their WebHealer platform.
They act as a data processor for website functionality. Any information submitted through website forms is processed securely in accordance with their privacy and data protection policies.
⸻
YOUR RIGHTS UNDER UK GDPR
You have the right to:
- Be informed about how your data is used
- Access the personal data I hold about you
- Request correction of inaccurate or incomplete data
- Request deletion of your data (where legally permitted)
- Restrict or object to processing of your data
- Withdraw consent at any time (this may affect treatment)
- Request a copy of your data in certain circumstances
- Lodge a complaint with the Information Commissioner’s Office (ICO)
ICO website: https://ico.org.uk
⸻
DATA SECURITY
I take data security seriously and use appropriate measures to protect your information, including secure storage systems, password protection, and restricted access.
⸻
COMPLAINTS
If you have any concerns about how your personal data is handled, please contact me in the first instance so I can resolve the issue.
I will acknowledge your complaint and aim to respond within 30 days.
If you are not satisfied with my response, you may contact the Information Commissioner’s Office (ICO) at https://ico.org.uk
⸻
CHANGES TO THIS POLICY
This Privacy Policy may be updated from time to time to reflect changes in law or business practice. The most recent version will always be available on this website.
⸻
DECLARATION
By using this website or booking a treatment, you acknowledge that you have read and understood this Privacy Policy and how your personal information is used.
A full copy will also be provided at your first appointment for signature.
