top of page

Privacy Policy

Last updated: 26th August 2025

At Amy Evans Holistic, I take your privacy seriously. This policy explains what personal information I collect, how it is used, and how it is kept safe. It also sets out your rights under the UK GDPR and the Data Protection Act 2018.

By using my website, booking a session, or purchasing a product, you agree to the terms of this Privacy Policy.

 

Who I Am

Amy Evans Holistic is the trading name of my sole trader coaching and kinesiology business. I provide 1:1 coaching and holistic therapy, both face to face and online, as well as group courses, events, and digital products.

 

Business address:
Amy Evans
The Hollies
Roe Downs Road
Medstead
Alton
Email: amy@amyevansholistic.com

I am the data controller for the personal information you provide.

What Personal Data Is

Personal data is information that identifies you as an individual, such as your name, email address, or phone number.

Some types of data are considered special category data, such as information relating to health, race or ethnicity, or religious beliefs. I may also hold health-related data provided during kinesiology or coaching sessions.

What Information I Collect

I may collect the following information:

  • Contact details (name, email address, phone number).

  • Booking information (sessions, courses, or products purchased).

  • Health and wellbeing information (as required for kinesiology or coaching).

  • Date of birth (where relevant to sessions).

  • Payment information (processed securely via third-party providers; I do not store card details).

  • Course and event registration details.

  • Technical information such as cookies and analytics when you use my website.

How I Collect Data

  • Through forms on my website (bookings, newsletters, downloads).

  • During client sessions (face to face or online).

  • Through course or event sign-ups.

  • Through email correspondence.

  • When purchasing digital or physical products.

  • Via cookies and Google Analytics when you browse my website.

How I Use Your Data

Your data is used to:

  • Provide the services or products you have purchased.

  • Contact you about bookings, resources, or session follow-ups.

  • Maintain client records in line with professional and insurance requirements.

  • Send marketing emails, where you have given consent.

  • Promote new products, services, or events (with opt-in only).

  • Maintain business and financial records as required by law.

  • Improve my website and services.

Lawful Basis for Processing

Under UK GDPR, I rely on the following lawful bases:

  • Contract – to deliver the services or products you have purchased.

  • Consent – for marketing emails and optional communications.

  • Legal obligation – to keep financial and insurance records.

  • Legitimate interest – to run my business effectively and respond to enquiries.

How I Protect Your Data

  • Client records are stored securely in password-protected systems and secure cloud storage.

  • Any paper records are stored in a locked filing system.

  • Access to data is restricted to me only.

  • I do not share or sell your personal data to third parties.

Data Sharing with Third Parties

I may use trusted third-party providers to support my business, including:

  • Payment processors (Stripe, PayPal, Wix Payments).

  • Email marketing services (MailerLite).

  • Website and booking platforms (Wix).

These providers are GDPR-compliant and only process your data as necessary to provide their services.

 

Data Retention

  • Client records (adults): kept for at least 7 years after your last session, in line with insurance requirements.

  • Client records (minors): kept for at least 7 years after the child turns 18.

  • Financial records: kept for 7 years as required by HMRC.

  • Email marketing data: retained until you unsubscribe or request deletion.

Your Rights

Under UK GDPR, you have the following rights:

  • The right to be informed about how your data is used.

  • The right of access to the personal data I hold about you.

  • The right to rectification if your data is inaccurate or incomplete.

  • The right to erasure of your data (except where I am legally required to retain it).

  • The right to restrict processing of your data.

  • The right to data portability.

  • The right to object to the processing of your data.

  • The right not to be subject to automated decision-making or profiling.

You can withdraw your consent for marketing at any time by clicking “unsubscribe” in emails or by contacting me directly.

If you have concerns about how your data is handled, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

Cookies

My website uses cookies to improve your browsing experience and gather anonymous analytics. This includes Google Analytics to understand how the website is used.

You can disable cookies in your browser at any time. For more information, visit www.aboutcookies.org.

 

Legal Jurisdiction

For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is the named territory where the processing of personal data takes place.

Any dispute or claim arising from this Privacy Policy will be governed by English law, and the courts of England and Wales shall have exclusive jurisdiction.

Updates to This Policy

This policy may be updated occasionally. The latest version will always be published on my website, and any significant changes will be highlighted at the top of this page.

Contact Me

If you have any questions about this Privacy Policy, or if you would like to exercise your data rights, please contact me at:

amy@amyevansholistic.com

bottom of page