Privacy Policy (GDPR-Compliant – UK)

1. Introduction

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or engage with our holistic wellness and life transitions coaching, coaching programmes and wellness plans.

We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

Holistic Wellness Transitions is the data controller responsible for your personal data. 
Contact email: info@holisticwellnesstransitions.com
Location: United Kingdom.

3. Information We Collect

We may collect:

  • Name and contact details 
  • Emergency contact information (where appropriate) 
  • Payment and billing information 
  • Personal reflections shared during coaching
  • Lifestyle, wellbeing, and (where voluntarily shared) health-related information 
  • Coaching session notes and progress records 
  • Website usage data (cookies, analytics)

4. Lawful Basis for Processing

We process your data under the following lawful bases:

  • Consent (e.g. marketing, health disclosures)
  • Contract (to deliver services)
  • Legitimate interests (service improvement, administration)
  • Legal obligations

5. How We Use Your Data

We use your data to:

  • Deliver coaching, coaching programmes, and plans
  • Communicate and manage bookings
  • Process payments
  • Improve services and user experience
  • Send marketing communications (only with consent)

6. Special Category Data (Health Information)

Where you voluntarily provide health or wellbeing information:

  • It is processed only with your explicit consent
  • It is used solely to tailor coaching support
  • You may withdraw consent at any time

7. Data Sharing

We do not sell your data. We may share it with:

  • Payment providers
  • Secure IT and platform providers
  • Professional advisors (legal/accounting)
  • Authorities where legally required

8. International Transfers

If data is transferred outside the UK, we ensure appropriate safeguards are in place.

9. Data Security

We implement appropriate technical and organisational measures to safeguard your data. However, no system is completely secure.

10. Data Retention

We retain personal data only as long as necessary, including for legal, tax, and insurance purposes.

11. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Correct inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

12. Confidentiality

All personal information shared within coaching sessions is treated as confidential.

However, confidentiality may be broken where:

  • There is risk of harm to yourself or others 
  • Disclosure is required by law

13. Cookies

We use cookies to enhance functionality and analyse usage. You can manage preferences via your browser.

14. Updates

We may update this policy at any time. Continued use of the website constitutes acceptance.