Privacy Policy

Effective date: 1 August 2025

Holly Simpson Nutrition is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains what information is collected, why it is collected, how it is used, stored and protected, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Details of the Data Controller responsible for your personal information is below:

Name: Holly Simpson

Email: hollysimpson.nutrition@gmail.com

What information is collected?

Depending on how you interact with the website or services, I may collect:

Information you provide

  • Name

  • Email address

  • Telephone number

  • Information submitted through the website contact form

  • Information provided during enquiries

  • Information submitted through online forms, including consent forms, pre-assessment questionnaires, health questionnaires and other documents relating to your care.

  • Medical and nutritional information relevant to your care

  • Information shared during consultations

  • Reports received from other healthcare professionals where you have given permission

Information collected automatically

When you visit the website, certain information may be collected automatically, including:

  • IP address

  • Browser type

  • Device information

  • Pages visited

  • Time spent on pages

  • Referring websites

This information is collected using cookies and website analytics.

Why is your information collected?

Your information may be used to:

  • Respond to enquiries

  • Arrange appointments

  • Deliver dietetic assessment and treatment

  • Maintain accurate clinical records

  • Communicate regarding appointments or follow-up care

  • Liaise with your GP or other healthcare professionals where appropriate and with your consent (unless disclosure is required by law)

  • Improve the website and services through anonymous analytics

  • Comply with professional, legal and regulatory obligations

Legal basis for processing

Under UK GDPR, I process your information using one or more of the following legal bases:

  • Performance of a contract (providing dietetic services)

  • Legal obligation (maintaining healthcare records)

  • Legitimate interests (running and improving the practice)

  • Consent (for marketing communications or sharing information where required)

Health information is classed as special category data and is processed for the provision of health care and compliance with professional obligations.

How your information is stored

All personal information will be kept safe and secure. This is in accordance with the British Dietetic Association (BDA) and HCPC (Health & Care Professions Council), which ensures client confidentiality is preserved and individual autonomy respected. 

Your information is stored securely using password-protected systems and appropriate technical and organisational security measures. Clinical records and practice documents are stored using secure cloud-based services. Access is restricted to authorised individuals only.

How long is information kept?

Clinical records are retained in accordance with professional guidance. Adult client records are generally retained for 8 years following your last appointment, unless a longer period is required by law or professional guidance. For children, records are generally retained until the individual's 25th birthday (or longer where required). Once the retention period has expired, records are securely destroyed.

Sharing your information

Personal information will only be shared where you have given your consent, where it is necessary for your care, where required by law, or where there is a serious concern about your safety or the safety of others. Where appropriate, information may be shared with healthcare professionals involved in your care, including your GP or Consultant.

Third-party services

I use trusted third-party service providers to help operate my practice and deliver my services. These providers may process your personal information on my behalf and are required to handle your information securely.

These services include:

  • Squarespace – website hosting.

  • Google Workspace (including Gmail, Google Forms, Google Docs and Google Calendar) – communication, appointment management, questionnaires and secure document storage.

  • Google Analytics – to understand how visitors use the website.

  • Google Search Console – to monitor website performance in search results.

  • Quikbooks – for invoicing and financial record keeping.

  • Heidi – to assist with clinical note-taking and documentation during consultations.

Some third-party service providers may store or process data outside the UK. Where this occurs, appropriate safeguards are in place to ensure your information remains protected in accordance with UK GDPR.

Cookies

This website uses cookies. Cookies are small text files placed on your device to help the website function properly and to improve user experience. Cookies may be used for:

  • website functionality

  • website security

  • analysing website traffic

  • measuring website performance

You can manage or disable cookies through your browser settings.

Marketing

If you subscribe to newsletters or marketing communications, your information will only be used with your consent. You may unsubscribe at any time using the unsubscribe link or by contacting Holly Simpson Nutrition.

Your rights

Under UK GDPR you have the right to:

  • Access your personal information

  • Request correction of inaccurate information

  • Request erasure of your information where appropriate

  • Restrict processing

  • Object to processing

  • Request transfer of your information where applicable

  • Withdraw consent where processing relies on consent

Please note that some requests (such as deletion of clinical records) may not be possible where there is a legal or professional obligation to retain records.

To exercise any of these rights, please contact hollysimpson.nutrition@gmail.com

Complaints

If you are unhappy with how your information has been handled, please contact Holly Simpson Nutrition in the first instance. You also have the right to lodge a complaint with the Information Commissioner's Office.

Changes to this policy

This Privacy Policy may be updated from time to time. The latest version will always be available on this website.