Wellness by Anja Privacy Policy

This privacy policy sets out how Wellness by Anja uses and protects any personal information that you provide us.

Wellness by Anja is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our services, you can be assured that it will only be used in accordance with this privacy policy.

This policy is effective as from 6th March 2023.

The type of personal information we collect:

We currently collect and process the following information:

• Personal information and contact details.
• Further clinical information such as medical history related to your clinical care.
• Treatment/session records.

How we get the personal information and why we collect it:

Most of the personal information we process is provided to us directly by you for one of the following reasons:

• Personal information includes handwritten and electronic notes, completed patient registration forms, questionnaires and homework records given to us. It also includes letters and emails.
• We collect your personal data because you give us consent to do so to provide wellness services to you.

What we do with the information we gather:

We require this information for the purpose of:

• Providing you with a relevant and individualised service.
• Professional clinical record keeping of client information.
• Sharing information with relevant health professionals.
• Contacting you with regards to your clinical care.

Controlling your personal information 

We will not distribute, sell or lease your personal information to third parties unless we have your explicit permission or are required by law to do so.

Under the General Data Protection Regulation (GDPR), we rely on your consent as the lawful bases for processing this information. You can remove your consent at any time. You can do this by emailing [email protected].    

If you believe that any information we hold for you is incorrect or incomplete, please email us as soon as possible. We will promptly correct any information found to be incorrect.

How we store your personal information

We are committed to ensuring that your information is kept secure. We have utilised encrypted electronic systems to prevent unauthorised access.

Your information is stored on password-protected files on Google Forms and Google Docs, on a password-protected computer.

Any emails with patient identifiable information will be encrypted using encryption software.

Sharing your personal information

We are committed to ensuring that your privacy is protected. We will always use private, confidential, and encrypted methods of communication. In the unlikely event this is not possible, your full name will not be used to identify you. With your consent, information may be shared about you:

• By post.
• By secure email (using encryption software).
• Over the phone in a private environment.
• Depending on your preferences we may communicate through email, video calling or email. If we have sessions over Zoom, this also counts as a method of sharing information.

Your information will only ever be shared with appropriate parties on a need-to-know basis. Where this is necessary, we are required to comply with all aspects of the GDPR and the British Dietetic Association code of ethics.

Where necessary or required, and with your consent, I may share information with:

• Other healthcare professionals.
• Social or welfare organisations.
• Your family, friends, or other representatives.
• Insurance companies.

Your data protection rights

Under data protection law, you have rights including:

• Your right of access - You have the right to ask us for copies of your personal information.
• Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
• Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
• Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
• Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
• You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at [email protected] if you wish to make a request.

How you can withdraw your data and request for your data to be deleted from our files 

Under the GDPR, you have the right to be forgotten, which means that you can ask for your information held about you to be deleted. However, this must be balanced against the requirements of the Department of Health’s legal and statutory requirement that information is kept for eight years. After that time your information will be deleted.

Should you wish to put in a request to have your information forgotten please contact our Data Controller.

Please find the contact details of our Data Controller below should you have any queries in relation to GDPR:

Name: Anja Horberg

Email: [email protected]