Privacy Policy – Radiance Therapy

Last reviewed: July 2025
Next review: July 2026
Location: Theale, Berkshire, UK

​

At Radiance Therapy, your privacy and trust are important to me. This Privacy Policy explains how I collect, use and protect your personal information, in accordance with the UK General Data Protection Regulation (UK GDPR) and relevant health care guidelines.

​

1. Who I Am

My name is Sarah Bromham, a fully qualified holistic therapist based in Theale, Berkshire. I provide tailored treatments such as reflexology, aromatherapy massage and holistic facials, supporting clients with stress, menopause, hormonal balance and emotional wellbeing.

​

2. What Information I Collect

Depending on your interaction with me, I may collect:

• Your name, email address, phone number and home address

• Medical history, GP details and treatment preferences

• Notes from consultations or treatments

• Payment details (securely processed, never stored)

• Website usage information (see Cookie section below)

​

3. How and Why I Use Your Data

Your personal and health information is used:

• To provide safe, tailored treatments and monitor progress

• To contact you about appointments or relevant services

• For accounting and tax compliance (e.g. invoices)

• To respond to enquiries and feedback

​

4. Lawful Basis for Processing

I process your data under the following lawful bases:

• Consent – you provide clear permission to use your data for a specific purpose

• Contract – to provide a service you’ve requested (e.g. a booked treatment)

• Legal obligation – to comply with UK tax or health regulations

• Vital interests – in rare cases to protect your life or health (e.g. in a medical emergency)

​

5. Your Rights

Under UK GDPR, you have the right to:

• Access the data I hold about you

• Correct or update your data

• Request that I delete your data

• Restrict or object to how your data is used

• Request your data be transferred to another provider

To make a request, contact me at sarah@radiancetherapy.co.uk

​

6. Data Storage & Retention

• Client treatment records are stored securely and kept for 8 years after your last appointment (or until age 25 if you’re under 18), in line with professional insurance and healthcare regulations.

• Financial and booking data is stored for 6 years to comply with HMRC.

• Enquiries or email communications are stored for up to 2 years, or deleted upon request.

​

7. Third Parties & Sharing

I only share your information where necessary and with your consent, such as:

• Booking software (if used)

• Payment processors (e.g. Stripe, Square)

• HMRC for accounting purposes

• A GP or health professional — only with written consent or in an emergency

All third-party services used are GDPR-compliant and under contract to protect your data.

​

8. Cookies & Website Analytics

This website may use cookies and analytics tools like Google Analytics to understand visitor behaviour and improve site experience. These tools may collect:

• Your IP address

• Device and browser type

• Pages visited and time spent

This data is anonymised and not used to personally identify you. You can disable cookies through your browser settings.

​

9. Data Security

Your information is stored securely — digitally with password protection and/or encryption, and on paper in locked cabinets (where applicable). Only I have access to your full health records.

​

10. Data Breaches

If a personal data breach occurs that poses a risk to your rights or freedoms, I will notify the ICO (Information Commissioner's Office) within 72 hours and inform affected individuals where required.

​

11. Contact & Complaints

If you have any questions about this policy or how I use your data, please contact me:

Sarah Bromham
Email: sarah@radiancetherapy.co.uk
Location: Theale, Berkshire, UK

If you're unhappy with how your data is handled, you can complain to the ICO:
www.ico.org.uk | Tel: 0303 123 1113