Privacy Policy
Privacy Policy – Radiance Therapy
Last reviewed: July 2025
Next review: July 2026
Location: Theale, Berkshire, UK
At Radiance Therapy, your privacy and trust are important to me. This Privacy Policy explains how I collect, use and protect your personal information, in accordance with the UK General Data Protection Regulation (UK GDPR) and relevant health care guidelines.
1. Who I Am
My name is Sarah Bromham, a fully qualified holistic therapist based in Theale, Berkshire. I provide tailored treatments such as reflexology, aromatherapy massage and holistic facials, supporting clients with stress, menopause, hormonal balance and emotional wellbeing.
2. What Information I Collect
Depending on your interaction with me, I may collect:
-
Your name, email address, phone number and home address
-
Medical history, GP details and treatment preferences
-
Notes from consultations or treatments
-
Payment details (securely processed, never stored)
-
Website usage information (see Cookie section below)
3. How and Why I Use Your Data
Your personal and health information is used:
-
To provide safe, tailored treatments and monitor progress
-
To contact you about appointments or relevant services
-
For accounting and tax compliance (e.g. invoices)
-
To respond to enquiries and feedback
4. Lawful Basis for Processing
I process your data under the following lawful bases:
-
Consent – you provide clear permission to use your data for a specific purpose
-
Contract – to provide a service you’ve requested (e.g. a booked treatment)
-
Legal obligation – to comply with UK tax or health regulations
-
Vital interests – in rare cases to protect your life or health (e.g. in a medical emergency)
5. Your Rights
Under UK GDPR, you have the right to:
-
Access the data I hold about you
-
Correct or update your data
-
Request that I delete your data
-
Restrict or object to how your data is used
-
Request your data be transferred to another provider
To make a request, contact me at sarah@radiancetherapy.co.uk
6. Data Storage & Retention
-
Client treatment records are stored securely and kept for 8 years after your last appointment (or until age 25 if you’re under 18), in line with professional insurance and healthcare regulations.
-
Financial and booking data is stored for 6 years to comply with HMRC.
-
Enquiries or email communications are stored for up to 2 years, or deleted upon request.
7. Third Parties & Sharing
I only share your information where necessary and with your consent, such as:
-
Booking software (if used)
-
Payment processors (e.g. Stripe, Square)
-
HMRC for accounting purposes
-
A GP or health professional — only with written consent or in an emergency
All third-party services used are GDPR-compliant and under contract to protect your data.
8. Cookies & Website Analytics
This website may use cookies and analytics tools like Google Analytics to understand visitor behaviour and improve site experience. These tools may collect:
-
Your IP address
-
Device and browser type
-
Pages visited and time spent
This data is anonymised and not used to personally identify you. You can disable cookies through your browser settings.
9. Data Security
Your information is stored securely — digitally with password protection and/or encryption, and on paper in locked cabinets (where applicable). Only I have access to your full health records.
10. Data Breaches
If a personal data breach occurs that poses a risk to your rights or freedoms, I will notify the ICO (Information Commissioner's Office) within 72 hours and inform affected individuals where required.
11. Contact & Complaints
If you have any questions about this policy or how I use your data, please contact me:
Sarah Bromham
Email: sarah@radiancetherapy.co.uk
Location: Theale, Berkshire, UK
If you're unhappy with how your data is handled, you can complain to the ICO:
www.ico.org.uk | Tel: 0303 123 1113
