Privacy Policy

Introduction

We are committed to safeguarding your privacy. This Privacy Policy explains how we collect, use, and protect personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and other applicable laws.

Please read this policy carefully to understand how we manage your personal data. By using our website, atouchofwellness.co.uk, you accept and consent to the practices described below.

Data Controller

For the purposes of UK GDPR, the data controller is Violeta Puebla, operating as A Touch of Wellness (sole trader).

You can contact our Data Protection Officer by emailing violeta@atouchofwellness.co.uk

Who We Are

References to "we," "our," and "us" in this policy refer to A Touch of Wellness, operated by Violeta Puebla as a sole trader.

The Information We Collect

This policy applies to the information you provide directly to us or that we collect as you interact with our website and services.

Data You Provide:

• Your name and contact details
• Your email address
• Account registration information
• Booking and appointment details
• Payment information (processed securely through Stripe)
• Communication preferences
• Any other information you choose to provide through contact forms or customer support

Data We Collect Automatically:

• Your IP address and location data
• Browser type, version, and operating system
• Device information and screen resolution
• Information about your visit, including pages viewed, visit duration, and interactions with our site
• Referral source and search terms used
• Error logs and performance data (collected through Sentry monitoring)
• Cookies and similar tracking technologies

How We Use Your Information

We use your data in accordance with UK GDPR and other applicable laws for the following purposes:

Service Provision:

• Process and manage your bookings and appointments
• Provide access to your personal dashboard with booking and payment history
• Manage your account and subscription status
• Process payments securely through Stripe
• Send booking confirmations and appointment reminders
• Provide customer support and respond to inquiries

Communication:

• Send service-related notifications and updates
• Send marketing communications (only with your consent)
• Respond to your inquiries and support requests

Website Improvement:

• Analyse website usage through Google Analytics
• Monitor website performance and errors through Sentry
• Improve user experience and website functionality
• Ensure website security and prevent fraud

Legal Compliance:

• Comply with legal obligations and regulatory requirements
• Protect our rights and interests
• Resolve disputes and enforce our terms

Legal Basis for Processing

We process your personal data under the following legal bases:

• Contract Performance: To provide our services and fulfill our contractual obligations to you
• Legitimate Interests: To improve our services, ensure website security, and analyse usage patterns
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Secure payment processing through Stripe
• Regular backups and disaster recovery procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

Disclosure of Your Information

We may share your data with trusted third parties in the following circumstances:

Service Providers:

• Stripe: Payment processing and fraud prevention
• Google Analytics: Website analytics and performance monitoring
• Sentry: Error monitoring and performance tracking
• Resend: Email delivery services
• Google reCAPTCHA: Spam protection and security
• Hosting and infrastructure providers

Legal Requirements:

• When required by law or legal process
• To protect our rights, property, or safety
• To prevent fraud or other illegal activities
• In connection with a business transfer or acquisition

We ensure that any third parties handling your data comply with strict confidentiality and data protection standards and only process your data for the purposes we have specified.

Data Retention

We retain your personal data for as long as necessary to provide our services and support your account functionality. Specifically:

• Account Data: Retained while your account is active and for a reasonable period after closure
• Booking Records: Retained for business and legal purposes
• Payment Information: Retained as required by financial regulations and for accounting purposes
• Communication Records: Retained for customer service and legal purposes
• Analytics Data: Retained in accordance with Google Analytics policies

You may request deletion of your data at any time, and we will comply unless we have a legal obligation to retain it.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve your experience and analyse website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

Your Rights Under UK GDPR

Under UK GDPR, you have the following rights regarding your personal data:

To exercise any of these rights, please contact our Data Protection Officer at violeta@atouchofwellness.co.uk. We will respond to your request within one month.

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

• Notify the Information Commissioner's Office (ICO) within 72 hours
• Inform affected individuals without undue delay if the breach poses a high risk
• Take immediate steps to contain and investigate the breach
• Implement measures to prevent similar incidents

Complaints

If you have concerns about how we handle your personal data, please contact us first at violeta@atouchofwellness.co.uk. We will investigate and respond to your concerns promptly.

Updates to This Policy

This policy was last updated in September 2025. We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

We will notify you of any significant changes by email or through our website. We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us: