Privacy Policy for Hannah Small Hypnotherapy.
Effective Date: 05/04/25
At Hannah Small Hypnotherapy, we are committed to protecting and respecting your privacy. This privacy policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR).
1. Who We Are
Hannah Small Hypnotherapy is a solution-focused hypnotherapy service dedicated to helping individuals overcome challenges and improve their well-being. Our contact details are:
2. What Information We Collect
We collect the following types of personal data:
- Personal Identification Information: This includes your name, address, DOB, email address, phone number, GP, and any other details you provide when making an appointment or contacting us.
- Health Information: For the purposes of providing hypnotherapy services, we collect relevant health information, including but not limited to any medical conditions, symptoms, or concerns that you share during consultations.
- Payment Information: If you make a payment for our services online, your payment information (e.g., credit card details) may be processed through a third-party payment provider. We do not store your payment information directly.
3. How We Use Your Data
We use the personal data we collect for the following purposes:
- To provide you with hypnotherapy services and individualised treatment plans.
- To communicate with you regarding your appointments, bookings, and follow-ups.
- To process payments for services rendered.
- To comply with legal obligations, such as keeping client records for a certain period.
4. Legal Basis for Processing Your Data
Under GDPR, we process your personal data based on the following legal grounds:
- Consent: By submitting your personal data through our website or during consultations, you consent to us processing your data for the purpose of providing our hypnotherapy services.
- Contractual Necessity: We need to process your data to fulfill our contract with you, such as making appointments or delivering the services you have requested.
- Legal Obligation: We may need to retain certain personal data to comply with legal or regulatory requirements, including record-keeping for healthcare services.
5. How We Protect Your Data
We take the protection of your personal data seriously. We implement appropriate technical and organisational measures to safeguard your information against unauthorised access, loss, or alteration.
- Data Storage: We store your data securely and retain it only for as long as necessary to fulfill our legal obligations or for business purposes.
- Electronic Data: Requires password protection.
- Hand written notes: Are locked in a secure filing cabinet, with only Hannah Small able to gain access.
- Access Control: Only Hannah Small has access to your personal data.
6. Sharing Your Data
We will not share your personal data with third parties except in the following cases:
- With other healthcare providers/Child Social Care/Police: If there is a concern over your safety or that of a child/others.
- When Required by Law: We may disclose your data if required to do so by law or in response to legal requests.
7. Your Rights Under GDPR
As a data subject, you have the following rights under the GDPR:
- Right to Access: You have the right to request a copy of the personal data we hold about you.
- Right to Rectification: You have the right to request corrections to any inaccurate or incomplete personal data.
- Right to Restrict Processing: You have the right to request that we limit the processing of your data in certain circumstances.
- Right to Object: You have the right to object to the processing of your personal data in certain situations.
- Right to Withdraw Consent: If we are processing your data based on your consent, you have the right to withdraw that consent at any time.
If you wish to exercise any of these rights, please contact us using the contact details provided at the top of this policy.
8. Retention of Data
Written records are stored securely for 8 years after the last interaction with an adult client and up to the age of 25 for a child under 16 when last seen or 26 yrs for 17-18 year old.
9. Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page with the updated "Effective Date." We encourage you to review this privacy policy periodically to stay informed about how we are protecting your information.
10. Contact Us
If you have any questions or concerns about how we process your personal data or about this privacy policy, please contact us at: