Connected Reflexology
Privacy Policy​

​Denise Reflexology – Privacy Policy

THE GENERAL DATA PROTECTION REGULATION (GDPR) AND YOUR PERSONAL INFORMATION

The General Data Protection Regulation (GDPR) provides a legal framework for keeping your personal data safe.

Organisation name: Denise Reflexology
Therapist: Denise Cameron (MAR)

TYPE OF INFORMATION COLLECTED AND WHY

In order to provide professional and informed reflexology treatments with the best possible outcomes, support and advice, I need to ask for and record certain personal and health-related information, including:

• Your contact details

• Medical history and other relevant health information

• Treatment details and related notes

Informed consent will be obtained via a signed declaration at your first session, enabling me to collect and use your personal information. Your information will never be shared with a third party unless legally required. Where possible, your consent will be sought before any such disclosure.

You may withdraw your consent at any time; however, this may affect the quality or suitability of the treatment I am able to provide.

HOW LONG WILL RECORDS BE KEPT?

Legally, treatment records will be kept for 7 years.
For children, records will be kept until the child reaches 25 years of age (or 26 if they were 17 at the time of treatment). After this period, records will be securely destroyed.

LAWFUL BASIS FOR HOLDING AND USING CLIENT INFORMATION

Under the UK General Data Protection Regulation (UK GDPR), the lawful basis I rely on for processing your personal information is legitimate interest, as I am required to retain relevant information in order to provide safe, appropriate and effective treatments and advice.

I also hold and use this information to fulfil my professional responsibilities as a healthcare practitioner and in accordance with the Association of Reflexologists (AoR) Code of Practice and Ethics.

You may withdraw consent at any time by contacting Denise Reflexology directly, but this may affect the treatment services I am able to offer.

PROTECTING YOUR PERSONAL DATA

I am committed to ensuring that your personal data is kept secure. Appropriate technical, physical and managerial measures are in place to prevent unauthorised access, loss or disclosure.

I will only contact you using the contact preferences you have provided.

YOUR DATA PROTECTION RIGHTS

Under data protection law, you have rights including:

• Right of access – to request copies of your personal data

• Right to rectification – to request correction of inaccurate or incomplete data

• Right to erasure – to request deletion of your personal data in certain circumstances

• Right to restriction of processing – to request limits on how your data is used

• Right to object – to object to certain types of processing

• Right to data portability – to request transfer of your data to another organisation or to yourself

You do not have to pay a fee to exercise your rights. If you make a request, I have one month to respond.

Please contact Denise Reflexology directly if you wish to exercise any of these rights.

DENISE REFLEXOLOGY’S RIGHTS

• If you do not agree to records being kept or used as required for treatment, I may be unable to provide reflexology services.

• I am legally required to retain treatment records for the period stated above, even if you request erasure.

• Records may be transferred between secure IT systems, provided appropriate protections remain in place.

FURTHER INFORMATION

If you are unhappy with how your data has been handled, please contact:

Denise Reflexology
📧 denisecameron08@gmail.com
📞 07887 645 098

You may also contact the Information Commissioner’s Office (ICO):
Helpline: 0303 123 1113