Privacy Policy 

PRIVACY NOTICE

1. Who We Are

Karen Williamson is a qualified medical herbalist and a Member of the National Institute of Medical Herbalists. Karen Williamson is the data controller responsible for personal information collected through www.kwmh.co.uk and is committed to preserving your privacy Please read the following privacy policy to understand how we use and protect the information you provide to us.

This Privacy Policy applies to our patient data, marketing activities as well as to other products and services sold by Karen Williamson from time to time. 

We have tried to keep this Privacy Policy as simple as possible. If you have any questions after reading this document, please email karen@kwmh.co.uk

You are not obligated to provide us with your personal information; however, if you choose not to, we may be unable to offer you our products and services or respond to any inquiries you’ve made.

2. Types of Data We Collect

a) Personal Data

This is data that identifies you or can be used to identify or contact you, such as your name, address, email address, phone number and payment details. Any other information you choose to submit through contact forms on the site (which may include health information Medical data is never shared with third parties. Exceptions are outlined in clause f Other Cases. Such information is only collected from you when you voluntarily submit it to us. 

We may also use this data to contact you via our newsletter. On these occasions, you’ll have the option to unsubscribe from these communications if you prefer.

b) Digital Information

Digital information data collected when you visit our website, including IP-addresses, browser data, traffic data, social media behaviour, and user patterns. If you subscribe to our newsletter, we may collect data regarding which newsletters you open, your location when opening them and whether you access any links inserted in the newsletters.

c) Non-Personal Data

Like most websites we may gather statistical and other analytical information on an aggregate basis of all visitors to our website.  This non-personal data comprises information that cannot be used to identify or contact you such as demographic information.

d) Sensitive Information

Sensitive information falls into a special category of personal information. This includes information relating to your health and medical history.

We only collect sensitive information in limited circumstances which include:

• When you register as a patient

• During a consultation with Karen Williamson

• When you give us your personal details on our premises or by telephone or other electronic media
  For more information about sensitive data please visit  https://ico.org.uk

e) Cookies

Our website employs cookies and similar technologies to enhance your browsing experience. These include:

• Essential cookies – Necessary for the site’s proper operation and personalise your experience

• Analytics cookies – Used to track how visitors interact with the site, allowing us to improve the design and content. These are optional and only activated with your consent.

You can control or delete cookies at any time through your browser settings. Keep in mind that disabling essential cookies may impact the functionality of the site.

f) Other Cases – Occasionally it maybe necessary to reach out to your GP, but this will only be done with your explicit consent. In certain situations, we may contact your GP without your consent if it is necessary for your health and safety, the safety of others, or if required by law.

3. Purpose For Which We Hold Your Data

 a) Non-Personal Data: We may use the non-personal, anonymised data gathered from our website to get a better understanding of how the   website is used and which pages are of most interest to visitors.

b) Personal Data: When contacting us, we may store your full name, email and phone number for the purpose of communicating with you.

C) Digital Information Data- 

1. To improve the Site –Tracking website usage to make it more user-friendly and easier to navigate. 

2. For analytics – Analyzing general usage patterns (without identifying specific users) to refine our products and services.

4.Sharing Your Personal Information 

We do not sell your personal information to any third party.

We only share it in specific situations, such as:

• With service providers who assist with our business operations (e.g., website hosting, payment processing, or email services), and only as necessary.

• With professional regulators or insurers when required for compliance.

• We may share your Personal Information to comply with applicable laws and regulations; to respond to any legal obligation, search warrant or other lawful request for information we receive, or to otherwise protect our statutory rights.

All third parties are obligated to protect your data securely and comply with UK GDPR standards.

5. Storage of Information 

The information provided by you to us can be either manually provided or electronically. In the case of manually provided information, this will be kept in a locked, secure location. Any electronic information provided by you is held on secure services. The nature of the internet is such that we cannot guarantee or warrant the security of any information transmit to us via the internet.  No data transmission over the internet can be guaranteed to be 100% secure.  Any transmission of data is therefore at your own risk.

6. Security 

How We Protect Your Personal Data  

While no system can be guaranteed 100% secure, we take appropriate measures to ensure that any personal data is kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. To ensure your data is protected where possible we pseudonymise, or anonymise your personal information.

7. Data Retention  

Personal identifiable data collected from this website is only kept as long as necessary for the purpose for which it was collected including adhering to legal, accounting, or reporting obligations. Specifically:                                                                                                                                                                                                                

• Orders and payments – kept for 6 years for tax and accounting purposes.

• Consultation records – kept for 7 years to meet professional standards and insurance requirements.

• Cancelled bookings – removed within 1 month if the consultation is cancelled.

• General enquiries – removed within 12 months of the issue being resolved.

• Newsletter sign-ups – retained until you unsubscribe.

Data is securely deleted after these retention periods.

8. Your Rights

You have the following rights:

• View, correct, delete or request a copy of the personal data which we hold.

• Opt out of marketing communications

• Require us to correct any mistakes in your information which we hold;

• Withdraw consent at any time

• The right to object or restrict the processing of your personal data, under certain conditions

• Please email your request to Karen Williamson at karen@kwmh.co.uk To ensure your privacy and security, we will take appropriate measures to verify your identity before providing access or making any changes.
  
  Your first request will be free of charge but any further requests will incur an administration fee of £25. We will acknowledge and reply within 30 days.

9. Complaints

If you are unhappy with how we handle your personal data please contact us first so that we can quickly try to resolve the issue. Please email your request to our data controller Karen Williamson at karen@kwmh.co.uk.

If you are still unhappy, you have the right to file a complaint with the Information Commissioner’s Office (ICO).

• Online: https://ico.org.uk/concerns

• Telephone: 0303 123 1113

10. Changes to this notice

We may update this notice to reflect legal or operational changes. The “Effective date” will change and significant updates will be highlighted on the site.

Effective date: 16th January 2026