top of page

Privacy Policy

Effective Date: 30th June 2025
 

At Tara Day Hypnotherapy, your privacy is important to me. This Privacy Policy outlines how I collect, use, store, and protect your personal data, whether you are a client or a visitor to my website. By using my services or accessing my website, you agree to the terms of this policy.


1. What Personal Data I Collect

I may collect and process the following information:
 

From Therapy Clients:

  • Full name

  • Email address / Telephone number

  • Date of birth

  • Emergency contact details

  • Medical history and health information

  • GP contact details (if relevant)

  • Session notes 
     

From Website Visitors:

  • IP address

  • Browser type and version

  • Pages visited and interaction data (via cookies and analytics tools)

  • Contact form messages or newsletter sign-up details
     

2. How I Use Your Data

Your data is used for the following purposes:

  • To provide hypnotherapy services

  • To assess your suitability for treatment

  • To manage appointments and communication

  • To respond to enquiries and follow-up after sessions

  • To comply with legal, ethical, and professional obligations

  • For internal record keeping

  • For occasional marketing or service updates (if you opt in)
     

3. Legal Basis for Processing

Data is collected and processed under the following lawful bases (per UK GDPR):

  • Consent – for website forms, marketing, and communications

  • Contract – to provide hypnotherapy services

  • Legal obligation – for tax, insurance, or safeguarding compliance

  • Vital interests – in case of emergency or risk of harm

  • Legitimate interests – to run and improve my practice
     

4. How Your Data is Stored

  • Client records and session notes are stored securely, in either password-protected digital files or locked physical storage.

  • Any online client forms are encrypted and stored securely in compliance with GDPR.

  • Payment information is handled by third-party processors (e.g. Stripe, PayPal) and not stored by me directly.

  • Website data (e.g., cookies, analytics) is stored via secure third-party platforms like Wix, Google, or others.
     

5. Data Retention

  • Client records are retained for 7 years after your final session (or until age 25 if you are under 18), in line with professional insurance requirements.

  • Website data is retained for as long as necessary to fulfil the purpose for which it was collected.

You can request deletion of your non-clinical data at any time unless legal or professional obligations prevent it.

​

6. Sharing Your Data

I will never sell or share your personal data with third parties for marketing purposes.

Your data may be shared only in the following situations:

  • With your explicit consent

  • If required by law or court order

  • To prevent serious harm to yourself or others

  • With your GP or healthcare provider (with consent or in an emergency)

  • In supervision, for professional development and client support (shared anonymously)
     

7. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data I hold about you

  • Request correction or deletion of your data

  • Withdraw consent at any time (where applicable)

  • Object to or restrict processing

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise these rights, contact: hi.taraday@gmail.com

​

8. Cookies and Website Tracking

My website may use cookies to:

  • Improve your browsing experience

  • Collect anonymous usage statistics via tools like Google Analytics

You can disable cookies in your browser settings at any time.
 

9. Links to Other Websites

My website may contain links to other websites. I am not responsible for their privacy practices. Please review the privacy policies of any external sites you visit.

​

If you have any questions about this Privacy Policy or how your data is handled, please contact me

bottom of page