Privacy policy

This Privacy Notice sets out how I, Kate Turnbull of Healing at The Farm (the Data Controller), collect and use your personal data. References to “I,” “me,” or “controller” in this Privacy Notice refer to Kate Turnbull of Healing at The Farm.

When I refer to:

  • UK GDPR – I mean the UK General Data Protection Regulation;

  • DPA18 – I mean the Data Protection Act 2018; and

  • PECR – I mean the Privacy and Electronic Communications Regulations 2003.

This Privacy Notice is structured to help you easily understand what I do with your personal data.

My Contact Details

For any questions about your personal data, you can contact me by:

  • Email: kate@healingatthefarm.co.uk

  • Phone: (+44) 07876 120027

  • Website Contact Form: Click Here

How I Collect Your Personal Data

I may collect personal data from you in the following situations:

  • When you make an enquiry about my services;

  • When you book or attend an appointment;

  • When you sign up for updates or marketing from me; and

  • When you visit my website, where I may collect data such as your IP address via cookies.

If I meet you at an event or receive your contact information through a referral, I may use this data to reach out to you.

Why I Collect Your Data and How I Use It

I use your personal data to:

  • Schedule and manage your appointments and treatments;

  • Respond to your enquiries about my services;

  • Send you updates and promotional information if you consent to receive these;

  • Ensure accurate record-keeping for business and legal purposes.

Lawful Grounds for Processing:
I rely on the following lawful grounds under UK GDPR to process your data:

  1. Consent: For marketing and promotional communication, you can withdraw consent at any time.

  2. Contractual Obligation: To respond to your service inquiries, manage bookings, and process payments.

  3. Legal Obligation: To comply with tax, finance, or other regulatory requirements.

Data Sharing and Third-Party Processors

I do not share, sell, or rent your data to other businesses for marketing. However, there may be situations where I need to use third-party services (data processors) to help manage my business and deliver services to you. These parties will only process your data as instructed by me and will hold it securely.

In cases where I must share data (e.g., with law enforcement), I ensure compliance with legal requirements and document the lawful grounds for sharing.

Data Transfers Outside the UK

If your personal data must be transferred outside the UK, I ensure it’s protected through an “adequacy regulation” or other safeguards as required by UK GDPR. Transfers are only made where a lawful basis applies.

Your Rights

Under data protection laws, you have the right to:

  • Access your personal data and receive information about its processing.

  • Rectify inaccurate data.

  • Request Deletion of your data in specific situations.

  • Restrict Processing where certain conditions apply.

  • Object if you believe your rights outweigh my legitimate interests.

  • Data Portability in some cases.

If you’d like to exercise any of these rights, please get in touch using my contact details above. I’ll respond to valid requests within one month.

Making a Complaint

If you’re dissatisfied with how I process your data, you may contact the Information Commissioner’s Office (ICO) at https://ico.org.uk/make-a-complaint/.

Links to Other Websites

My website may contain links to third-party websites. Please review their privacy policies, as I’m not responsible for their data practices.

Last Updated: October, 2024