Legal Information - Terms and Compliance for Nutritional Therapy Services

Legal Notice

Data Protection Policy

Amy‑Jane Higgins Nutrition is committed to protecting your personal information and respecting your privacy. I follow UK GDPR and the Data Protection Act to ensure your data is handled lawfully, securely, and transparently.

Who I Am

I am Amy‑Jane Higgins, a sole‑trader nutritional therapist working from my home practice in the UK. I am the Data Controller for all personal data you share with me.

What Information I Collect

To provide nutritional therapy services, I may collect:

Contact details (name, email, phone number)

Health history and case‑taking notes

Clinical test results

Nutrition and lifestyle information

Payment information (processed securely by PayPal/Stripe)

Email correspondence

How Your Data Is Used

Your information is used to:

Provide personalised nutritional therapy

Communicate with you about appointments and care

Maintain accurate clinical records

Meet legal and professional obligations

I only collect information that is relevant and necessary for your care.

How Your Data Is Stored

Digital files are stored securely on encrypted systems

Paper notes (if used) are kept in a locked cabinet

Access is restricted to me alone

Payment data is processed externally by secure providers (e.g., PayPal, Stripe)

How Long Your Data Is Kept

Health records are kept for 7 years, as required for health‑related services. After this period, they are securely destroyed.

Sharing Your Data

Your data is never shared without your consent, unless required by law (e.g., safeguarding concerns). Payment processors and laboratory services have their own data protection policies.

Your Rights

You have the right to:

Access your data

Correct inaccurate information

Request deletion (where legally possible)

Withdraw consent

Request data portability

To make a request, email: amy@ajhnutrition.co.uk

Data Breaches

If a data breach occurs, I will notify affected individuals and the ICO within the required timeframes.

ICO Registration

I am registered with the Information Commissioner’s Office (ICO) as a Data Controller.

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.