It is important to me that you feel comfortable with the way I handle your personal information. Please let me know if you have any questions about this Privacy Notice - I will be happy to discuss it with you.

How I use your personal data

By entering your details into the contact form on my website, emailing me, or contacting me in any other way, you explicitly consent to your data, including any sensitive data you provide (for example, in relation to your physical or mental health, sexual orientation, religious or philosophical beliefs, political opinion or ethnic origin) being processed by me for the purpose of responding to your enquiry. By contacting me you explicitly consent to me processing your data in this way.

I may have to share your personal data with (i) service providers who provide IT and system administration support; (ii) professional advisors including lawyers, bankers, auditors and insurers and other regulatory authorities.  I require third parties to whom I transfer your data to respect the security of your personal data and to treat it in accordance with the law.  

Website cookies

Cookies are small pieces of data that websites store on a device. Cookies can improve your visitors’ browsing experience because they help websites remember preferences and understand how people use different features. I use analytics and performance cookies to collect information about how visitors interact with my website.

Data retention and security

I will only keep your personal data for as long as necessary to fulfill the purposes for which I collected it. After this time, it will be deleted.  If you contact me via my submission form or e-mail but do not become a client, I will delete your message within two weeks. 

I have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. All of my third-party providers are businesses based within the UK or if outside the UK, provide certain safeguards to ensure a similar degree of security for your personal data such as: (i) where UK regulatory authorities have approved countries as providing adequate level of protection; (ii) in the US, being part of a UK regulator approved privacy framework, or, (iii) where specific contracts, codes of conduct or certification mechanisms approved by the European Commission are in place.  Clinical management systems to which I subscribe meet UK data protection requirements.   Electronic information not uploaded to a clinical management system is stored on my password-protected computer on an encrypted disk.  Voicemails left on my mobile phone are protected by a passcode.  

Your rights

You may request that I inform you of the data I hold about you and how I process it (a Subject Access Request). I will not charge a fee for this (unless the request is repeated in which case, I may charge a reasonable fee or decline to respond).  In most cases, I will reply within one month.  I will notify you of any delay and will in any case reply within 3 months.  If you wish to make a Subject Access Request, please send the request by email to vanessa@vanessahalliwell.co.uk.  You can exercise certain rights concerning your personal data and in some circumstances can ask for data to be deleted. These are set out in more detail at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.  If you are not happy for some reason with any aspect of how I collect and use your data, you have the right to complain to the Information Commissioner’s Office (www.ico.org.uk).  I would be grateful if you would contact me first if you have a complaint so I can try to resolve it for you.