Privacy Policy

Louise Bhabra Hypnotherapy

Effective date: 26.05.2026
Website: Louise Bhabra Hypnotherapy
Contact email: hypnotherapy@louisebhabra.com

1. Introduction

Louise Bhabra Hypnotherapy is committed to protecting the privacy, confidentiality, and security of personal information in accordance with applicable UK data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data (Use and Access) Act 2025.

This Privacy Policy explains how personal information may be collected, used, stored, and protected when using this website or engaging with hypnotherapy services.

2. Who Is Responsible for Your Information

Louise Bhabra Hypnotherapy acts as the data controller for personal information collected and processed through this website and in connection with hypnotherapy services.

Contact email: hypnotherapy@louisebhabra.com

3. Information That May Be Collected

Personal information collected may include:

• Name
• Email address
• Telephone number
• Information submitted through website contact forms
• Appointment and scheduling information
• Information relevant to hypnotherapy services
• Health-related information voluntarily disclosed where relevant to therapeutic support
• Communications by email or other agreed methods

Some information processed in connection with hypnotherapy services may constitute special category health-related data under UK GDPR.

4. How Personal Information Is Used

Personal information may be used for purposes including:

• Responding to enquiries
• Arranging consultations or appointments
• Providing hypnotherapy services
• Maintaining appropriate client records
• Communicating regarding appointments or services
• Meeting professional, ethical, legal, or regulatory obligations

Personal information is only collected and processed where reasonably necessary and proportionate for these purposes.

5. Lawful Basis for Processing

Personal information is processed in accordance with lawful bases under UK GDPR, including:

• Legitimate interests relating to the provision and administration of hypnotherapy services
• Compliance with legal and professional obligations
• Explicit consent where required for special category health-related information

Processing is limited to information reasonably necessary for therapeutic and administrative purposes and is carried out with appropriate regard for privacy and confidentiality.

6. Confidentiality and Security

Appropriate technical and organisational measures are taken to help protect personal information against unauthorised access, misuse, loss, or disclosure.

Reasonable steps are taken to ensure that:

• Access to personal information is appropriately limited where necessary
• Password-protected systems and secure platforms are used where reasonably appropriate
• Information is handled professionally and confidentially
• Reasonable care is taken when using electronic communications and online platforms

While reasonable precautions are taken, no method of electronic transmission or storage can be guaranteed to be completely secure.

7. Sharing of Information

Personal information will not normally be shared with third parties unless:

• required by law;
• necessary for safeguarding or public safety reasons;
• necessary for professional or regulatory obligations; or
• explicit permission has been provided where appropriate.

Where third-party service providers are used (for example email, website hosting, scheduling, or video communication platforms), reasonable care is taken to use reputable providers appropriate for professional practice purposes.

8. Retention of Information

Personal information and client records will only be retained for as long as reasonably necessary for therapeutic, legal, regulatory, insurance, safeguarding, or administrative purposes.

Client records may be retained for up to seven years following the end of therapy, in accordance with professional and insurance requirements.

Information that is no longer required will be securely deleted or disposed of where appropriate.

9. Your Rights

Under UK data protection law, individuals may have rights including:

• The right to access personal information
• The right to request correction of inaccurate information
• The right to request erasure where applicable
• The right to restrict or object to certain processing activities
• The right to withdraw consent where consent is relied upon
• The right to lodge a complaint with the Information Commissioner’s Office (ICO)

Requests will be handled in accordance with applicable legal obligations and reasonable and proportionate procedures.

10. Cookies and Website Data

This website may use basic cookies or technical website data necessary for website functionality, security, analytics, or performance monitoring.

Website visitors may manage cookie preferences through their browser settings where applicable.

11. Data Protection Concerns

If you have concerns regarding how personal information has been handled, please contact:

hypnotherapy@louisebhabra.com

Further information is available within the Data Protection Complaints Procedure.

If concerns cannot be resolved directly, you may contact the Information Commissioner’s Office (ICO):

Information Commissioner’s Office (ICO)

Telephone: 0303 123 1113

12. Policy Review

This Privacy Policy may be reviewed and updated periodically to reflect legal, operational, regulatory, or professional changes.

Last reviewed: 26.05.2026

Data Protection Complaints Procedure

Louise Bhabra Hypnotherapy

Effective date: 26.05.2026
Contact email: hypnotherapy@louisebhabra.com
Data Protection Contact: Louise Bhabra

1. Purpose

Louise Bhabra Hypnotherapy is committed to protecting the privacy, confidentiality, and security of personal data in accordance with applicable UK data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data (Use and Access) Act 2025.

This procedure explains how individuals may raise concerns regarding the collection, storage, handling, processing, disclosure, or security of their personal data, and how such concerns will be managed fairly, confidentially, and without undue delay.

This procedure relates specifically to concerns regarding the handling and processing of personal data and does not replace any separate professional or clinical complaints procedures that may apply through professional membership bodies or regulatory organisations.

2. How to Raise a Data Protection Concern

If you have concerns regarding how your personal data has been collected, stored, processed, or handled, please contact:

Email: hypnotherapy@louisebhabra.com

Concerns may be raised electronically by email or submitted in writing. Individuals are not required to complete a specific form in order to make a complaint.

Where possible, please include:

• Your full name and contact details
• A description of your concern
• Relevant dates, communications, or circumstances
• Any supporting information that may assist the review or investigation

Complaints may relate to matters including, but not limited to:

• Confidentiality concerns
• Access to personal information
• Accuracy of records
• Data retention
• Email communications
• Website contact forms
• Security or unauthorised disclosure of information

3. Acknowledgement and Investigation

All data protection concerns will be taken seriously and handled sensitively.

• Complaints will normally be acknowledged within 30 days.
• Appropriate enquiries and investigation steps will be undertaken where necessary
• Additional clarification or information may be requested where reasonably required
• Where appropriate, updates may be provided regarding the progress of the review or investigation

A full response will be provided without undue delay and in accordance with applicable data protection obligations.

Where a matter is particularly complex, additional time may occasionally be required. If so, appropriate updates will be provided.

4. Outcomes

Following investigation, Louise Bhabra Hypnotherapy will, where appropriate:

• Explain the findings of the review
• Clarify how personal data has been handled
• Correct identified inaccuracies
• Take reasonable and proportionate steps to address identified issues
• Explain any actions taken in response to the concern

5. Escalation to the Information Commissioner’s Office (ICO)

Individuals are encouraged to raise concerns directly with Louise Bhabra Hypnotherapy in the first instance so that an opportunity is provided to resolve the matter.

If you remain dissatisfied following completion of the internal process, you may contact the Information Commissioner’s Office (ICO):

Information Commissioner’s Office (ICO)

Telephone: 0303 123 1113

6. Confidentiality

All complaints and related communications will be handled confidentially and only shared where reasonably necessary for investigation, legal compliance, or resolution of the matter.

As a hypnotherapy practice, some information processed may constitute special category health-related data under UK GDPR. Appropriate care is taken to protect such information.

7. Record Keeping

A secure record of data protection concerns may be retained for legitimate administrative, legal, regulatory, and practice management purposes.

Records will be stored securely and retained only for as long as reasonably necessary in accordance with applicable legal and professional obligations.

8. Related Rights

Under UK data protection law, individuals may have rights including:

• The right to access personal data
• The right to request correction of inaccurate information
• The right to request erasure where applicable
• The right to restrict or object to certain processing activities
• The right to lodge a complaint with the ICO

Further information is available within the Privacy Policy.

9. Policy Review

This procedure will be reviewed periodically and updated where necessary to reflect legal, regulatory, operational, or professional changes.

Last reviewed: 26.05.2026