Privacy Notice

Data Protection

I am registered with the Information Commissioner’s Office and fully comply with UK GDPR requirements, including the secure handling of sensitive personal and health information.

Robust systems are in place to ensure your information remains confidential, protected and used only where necessary to support your work.

1. The Name and Contact Details of Our Organisation

Leanora BB Hypnotherapy Services
27 Monks Orchard Road, Beckenham, Kent BR3 3BH
leanorabbhypnotherapy@gmail.com
07949 487938

I am the data controller responsible for your personal data.

2. The Name and Contact Details of Our Representative

Not applicable.

3. The Contact Details of Our Data Protection Officer

Not applicable. As a sole practitioner, I handle all data protection queries directly.

4. The Purposes of the Processing

Your personal data is processed to:

  • Deliver safe, effective and tailored hypnotherapy sessions

  • Assess your suitability for hypnotherapy

  • Maintain confidential client notes and treatment plans

  • Manage bookings, appointments and communication

  • Process payments

  • Meet professional, insurance and legal obligations

  • Provide ongoing support where appropriate

5. The Lawful Basis for the Processing

I rely on the following lawful bases:

  • Consent – for processing sensitive information such as health and well-being data

  • Contract – to provide hypnotherapy services you have requested

  • Legal obligation – for record keeping and compliance

  • Legitimate interests – to run and improve the practice safely and effectively

6. Legitimate Interests

These include:

  • Keeping appropriate clinical records to support your progress

  • Ensuring continuity and quality of care

  • Managing the business effectively (e.g. scheduling, administration)

  • Protecting against legal or professional risk

Your rights and interests are always carefully balanced against these.

7. Categories of Personal Data Obtained

Most data is collected directly from you. This includes:

  • Contact details (name, email, phone number)

  • Personal background information

  • Health and well-being information relevant to your sessions

  • Session notes and progress records

Occasionally, with your consent, information may come from:

  • Referring professionals

  • Information you choose to share via third parties

8. Recipients of Personal Data

Your data is treated with strict confidentiality. It may be shared only where necessary with:

  • Secure payment providers

  • Professional supervisors (anonymised where possible)

  • Accountants or legal advisers

  • IT providers (e.g. booking or email systems)

  • Legal or regulatory authorities (if required)

9. International Transfers

Some systems used (e.g. email or booking platforms) may store data outside the UK.

Where this happens, appropriate safeguards are in place, such as UK-approved contractual protections.

10. Retention Periods

  • Client notes and records: 7 years after your final session

  • Financial records: 6 years

  • Enquiries without booking: up to 12 months

Data is securely deleted once no longer required.

11. Your Rights

You have the right to:

  • Access your personal data - You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you believe that any information we are holding on you is incorrect or incomplete, please write or email as soon as possible and any information found to be incorrect will be corrected

  • Request corrections

  • Request deletion (where appropriate)

  • Restrict or object to processing

  • Request transfer of your data

12. The Right to Withdraw Consent

You can withdraw your consent at any time, particularly regarding health-related information.

Please note: withdrawing consent may mean I am unable to continue providing hypnotherapy safely.

13. The Right to Lodge a Complaint

You can raise concerns directly with me in the first instance.

You also have the right to contact the UK regulator:

Information Commissioner’s Office (ICO)
https://www.ico.org.uk

14. Source of Personal Data

Primarily obtained directly from you, or from third parties with your consent.

15. Requirement to Provide Data

You are not legally required to provide your data.

However, relevant personal and health information is necessary for safe and effective hypnotherapy. Without it, I may not be able to work with you.

16. Automated Decision-Making

No automated decision-making or profiling is used.

17. Updates

This notice may be updated periodically. The latest version is always available on request or via the website.

18. Acknowledgement

By proceeding with sessions, you confirm you have read and understood this Privacy Notice.

19. Cookies

This website was created using, and is hosted by, Squarespace. Squarespace uses cookies to help this website run effectively and provide you with the best visitor experience.

Cookies are small pieces of data that websites store on a device. Cookies can improve a visitor’s browsing experience because they help websites remember preferences and understand how people use different features.

For more information on the cookies used by Squarespace, please visit support.squarespace.com/hc/en-us/articles/360001264507

This website uses a cookie notification bar to inform you about the site's cookies and ask you to accept or decline them.

20. Google Analytics

This website uses Google Analytics, a third party service which collects standard internet log information and details of visitor behaviour patterns such as visitor numbers and pages viewed. This information is processed in a way which does not reveal your identity.