PRIVACY POLICY

This policy outlines how information collected by Shalini Dham is used, who it may be shared and how it is kept secure. This notice does not provide an exhaustive list, and we are happy to provide any additional information or explanation needed. Please contact us should you require this.

This Privacy Notice is regularly under regular review and was last reviewed in April 2024.

1. WHAT WE DO

Shalini Dham provides nutritional therapy services to clients to improve their health through diet and lifestyle, placing focus on preventative healthcare, and optimisation of physical and mental health. Consultations, diet/lifestyle review and functional testing help to focus attention on trying to understand the root cause of your health issues. A personalised plan of action, supplements and lifestyle advice will then be utilised to try and address.

2. WHAT INFORMATION IS HELD?

The personal information includes the following:

Contact details: Name, address, date of birth, landline telephone number, mobile telephone number, email address, and preferred method of contact.

Health Information: Personal and family health history, lifestyle and social circumstances, physical and mental health details, and GP contact details.

Financial details: Invoices for goods and services provided, payments made, any outstanding debt, and merchant copies of credit card receipts for accounting records.

Other information: Referrals and appointment records.

Diagnostic information: Diagnosis of the condition, recommended treatments, and test results.

3. PURPOSE OF YOUR DATA

Obtaining personal information from you, including contact details, personal and family health histories, and lifestyle choices, is necessary to provide the advice and guidance you request.

Financial information is necessary for processing payments for the services provided.

All personal information is processed lawfully, fairly, and transparently. Your personal data is held by Shalini Dham with your express consent. Our lawful basis for processing personal information is legitimate interests. Information may be collected via a questionnaire completed by you, during a personal consultation, through email, via our website, over the telephone or by post, and by taking card and online payments. Shalini Dham acts as both a data processor and controller for the personal data it processes. No decisions are made by automated means.

We may utilise your personal data in cases of overriding public interest, such as safeguarding individuals or preventing serious crimes, as well as in instances of legal obligation, such as compliance with a formal court order. Additionally, we may use your data for marketing purposes, including newsletters, but this would be subject to you provided your express consent.

4. IS MY INFORMATION SHARED WITH OTHER ORGANISATIONS?

Personal contact information and financial details provided by the client are accessible to the nutritional therapist. The therapist views health and other pertinent information required for consultations, adhering to the common law duty of confidence: Any information shared in confidence by the client is treated as confidential and safeguarded accordingly. Express consent is obtained from the client before sharing information with their General Practitioner.

However, none of the information is disclosed to other third parties, except in the following cases:

• Contact details with product suppliers and health testing organisations with client permission.

• In cases of public interest or legal requirement

• Any contractors and advisors that provide a service to us or act as our agents on the understanding that they keep the information confidential

• Anyone to whom we may transfer our rights and duties under any agreement we have with you

• Any legal or crime prevention agencies and/or to satisfy any regulatory request where we have a duty to do so or if the law allows us to do so (e.g., CNHC)

5. HOW IS THE INFORMATION STORED AND SECURED

We process personal data only when there is a legitimate basis and ensuring fair and lawful processing. Additionally, in line with the common law duty of confidence in healthcare, any identifiable information shared with us is treated confidentially and used solely for direct healthcare purposes. We prioritise the protection of your information, provide transparency regarding its usage, and respect your preferences regarding information sharing.

The personal data held by Shalini Dham is stored securely in various forms:

Notes may be made by the nutritional therapist using a laptop, with the data stored in encrypted cloud storage.

Online: Personal information is stored on digital software programs for diary/calendar, invoicing, and accountancy processing. When you become a client and sign up to Practice Better, our appointed practice management software which is GDPR compliant. Please refer to their website for their Privacy Policy.

Information may also be held in email format, provided by the client and stored within an online emailing system.

All online and cloud storage of data is encrypted and protected by logins and passwords. Additionally, all external data processors that support us, such as Paypal and our booking and financial software providers, are legally and contractually bound to operate and prove security arrangements to protect personal information.

6. LINKS TO THIRD PARTY WEBSITES

Users should be aware that if they access other websites, using the links provided, these are outside our control. If they provide personal data to other companies, the privacy policies of those companies determine the uses to which that information is put, and Shalini Dham’s Privacy Policy will no longer apply.

7. HOW LONG IS INFORMATION KEPT?

Your information will be kept for 7 years from the date of your appointment.

8. WEBSITE TECHNICAL DETAILS

Forms

Electronic forms are utilised on our website making use of an available ‘forms module’ which has several built-in features to help ensure privacy. We also aim to use secure forms where appropriate.

Cookies

Cookies are small text files that aid the technical functioning of our website. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyse what works and where it needs improvement. We do not use cookies to collect private or personally identifiable information. The cookies used contain random strings of characters and minimal session information, without collecting personal data. Some areas of the site may use cookies to store presentation preferences in a purely technical manner, without identifying individuals.

Note that analytics software also uses cookies, but we do not collect personal information through this. Most web browsers allow control over cookies through settings. Visit www.allaboutcookies.org for more information on managing and deleting cookies. To opt out of Google Analytics tracking, visit http://tools.google.com/dlpage/gaoptout.

Analytics

Like many websites, we utilise analytics software to gauge the popularity trends of our website and its various sections. We do not utilise any personally identifiable information in our statistical reports. Our analytics package, Google Analytics, provides details of its privacy policy on the Google website.

9. CONSENT

By providing personal data to Shalini Dham, users consent to the processing of such data by Shalini Dham as described in this Privacy Policy.

10. NOTIFICATION OF CHANGES

Shalini Dham will notify all users of any changes it makes to its Privacy Policy. If Shalini Dham decides to change its Privacy Policy, it will post such changes on this page so that you are always aware of how Shalini Dham uses your personal data.

Users have the right to ask Shalini Dham, in writing, for a copy of all the personal data held about them upon payment of a fee (“subject access request”) and to request that Shalini Dham correct any inaccuracies in that information.

11. WHAT ARE YOUR RIGHTS CONCERNING YOUR DATA

Under data protection law, you have various rights regarding your personal information: You have the right to rectify, amend, correct or erase your data except where there is a legal basis for refusal.

Right to access: You can request copies of your personal information.

Right to rectification: You can ask us to correct any inaccurate or incomplete information.

Right to erasure: You can ask us to delete your personal information in certain circumstances, although this may affect our ability to continue the business relationship.

Right to restrict processing: You can ask us to limit the processing of your personal information in certain circumstances.

Right to object: You can object to the processing of your personal information in certain circumstances.

Right to data portability: You can request that we transfer your personal information to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. Requests for access must be made in writing, by email. We have one month to respond to your request. Access to examine the records is provided free of charge. If you would like to exercise any of these rights, please email us at hello@shalinidham.com.