Our Privacy Policy

Privacy Policy

Privacy Policy

1. Introduction

This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, including in-person consultations and virtual consultations via Zoom, you agree to the terms of this Privacy Policy.

2. Data We Collect

We may collect and process the following types of personal data:

a) Personal Information

  • Full name
  • Date of birth
  • Address
  • Email address
  • Phone number

b) Health Information (Special Category Data)

  • Medical history
  • Dietary habits
  • Lifestyle information
  • GP or healthcare provider details
  • Any other relevant health data you provide

c) Technical Data (for virtual consultations)

  • IP address
  • Zoom username/display name
  • Session metadata (e.g., duration, attendance)

3. How We Use Your Data

We use your information to:

  • Provide dietetic assessment, advice, and treatment
  • Communicate with you regarding appointments and care
  • Maintain accurate health records
  • Process payments and invoices
  • Conduct virtual consultations via Zoom
  • Comply with legal and professional obligations

4. Legal Basis for Processing

We rely on the following legal bases:

  • Consent – for collecting and processing health data
  • Contract – to provide agreed services
  • Legal obligation – for record-keeping and regulatory compliance
  • Legitimate interests – for managing and improving services

5. Sharing Your Data

We will only share your data when necessary and appropriate:

  • With your GP or other healthcare professionals (with your consent)
  • With service providers (e.g., secure practice management systems, payment processors)
  • With Zoom for the purpose of virtual consultations
  • When required by law or regulatory bodies

We ensure all third parties handle your data securely and in compliance with data protection laws.

6. Data Storage and Security

Your data is stored securely using:

  • Encrypted digital systems
  • Password-protected devices
  • Secure cloud storage providers compliant with UK GDPR

We take appropriate measures to prevent unauthorised access, loss, or misuse of your data.

7. Data Retention

We retain your records for:

8 years after your last consultation

After this period, your data will be securely deleted or destroyed.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure of your data (where applicable)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

To exercise your rights, contact us at sunnynutritiondietitian@gmail.com

9. Virtual Consultations (Zoom)

When attending virtual consultations:

  • Sessions may be conducted via Zoom
  • We do not record sessions without your explicit consent
  • You are responsible for ensuring your own environment is private and secure

10. Complaints

If you have concerns about how your data is handled, please contact us first.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk

11. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available upon request or on our website.

12. Contact

If you have any questions about this Privacy Policy or your data, please contact:

Rebecca Gillespie 

sunnynutritiondietitian@gmail.com

©Copyright. All rights reserved.

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.