PRIVACY POLICY & GDPR

GDPR provides new legal protection for personal information from May 2018.  Ruki Sidhwa, Naturopathic Health Coach, trading as Sidhwa Health, holds information about you. This document outlines how that information is collected, used, who we might share that information with and how we keep it secure.  

Changes to this policy  

Sidhwa Health has the discretion to update this privacy policy at any time. When we do, we will post a notification on the main page of this website. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.  This policy was last reviewed in September 2024.  

 What we do  

Ruki Sidhwa (Sidhwa Health) – is a naturopathic Health Coach – and provides services to clients to help them to improve their health, set & achieve Health Goals, primarily through nutrition and lifestyle modifications. I also offer other services such as corporate Healthy Living workshops and educational talks. 

 

  1. How We Obtain Your Personal Data

Information provided by you 

You may provide us with personal data in the following ways: 

  • By completing a Health History questionnaire 
  • By signing a Terms of Engagement & Consent Form 
  • During a Health Coaching consultation 
  • Through email, over the telephone or by post or by filling in a Contact Me Form 
  • By making an online payment  / Bank Transfer 

 

This may include the following information: 

  • Basic details such as name, address, telephone number, Gender, contact details for next of kin, Date of Birth and age, GP contact details 
  • Details of contact we have had with you such as referrals and appointment requests 
  • Health information including your previous medical history, dietary, lifestyle, supplement and prescription medicine details, other clinician notes  
  • Payment/Bank details 
  • Records of our meetings and decisions including Coaching Plans 

 

We use this information to provide you with direct healthcare.  This means that the legal basis of our holding your personal data is for legitimate interest.   

Following completion of your healthcare we retain your personal data for the period of seven years from the date of the last consultation (for children, until & 7 years after they reach 18), as legally required for this profession. 

 

Information we get from other sources 

Sidhwa Health may obtain sensitive information from other healthcare providers and therapists to assist with direct healthcare to you.  The provision of this information is subject to you giving us your express consent.  

  1. How we use your personal data

We act as a data controller for use of your personal data to provide direct healthcare.  We also act as a controller and processor regarding the processing of your data from third parties such as other healthcare providers.  We act as a data controller and processor regarding the processing of online payment transactions. 

We always undertake to protect your personal data, including any health and contact details, in a manner which is consistent with our duty of professional confidence and the requirements of the General Data Protection Regulation (GDPR) concerning data protection.  We will also take reasonable security measures to protect your personal data storage. 

We may use your personal data where there is an overriding public interest in using the information e.g. to safeguard an individual, or to prevent a serious crime.  Also where there is a legal requirement such as a formal court order. We may use your data for marketing purposes such as newsletters and updates about our services, unless you expressly tell us you don’t want to receive this information. 

 

  1. Do we share your information with other organisations?

We will keep information about you confidential.  We will only disclose your information with other third parties with your express consent except for the following categories of third parties: 

  • Our registrant body, ANP, for the processing of a complaint made by you. 
  • Any legal or crime prevention agencies and/or to satisfy any regulatory request (eg, ANP ) if we have a duty to do so or if the law allows us to do so. 
  •  We will seek your express consent before sharing your information with your GP or other healthcare providers.  However, if we believe that your life is in danger then we may pass your information onto an appropriate authority (such as the police, social services in the case of a child or vulnerable adult, or GP in case of self-harm) using the legal basis of vital interests. 

We may share your case history in an anonymised form with our peers for the purpose of professional development.  This may be at clinical supervision meetings, conferences, online forums, and through publishing in medical journals, or online professional sites.  We will seek your explicit consent before processing your data in this way. 

  1. What are your rights?

Every individual has the right to see, amend, delete or have a copy, of data held that can identify you, with some exceptions. You do not need to give a reason to see your data. 

If you want to access your data you must make a subject access request in writing to sidhwahealth@outlook.com.  Under special circumstances, some information may be withheld.   We shall respond within 20 working days from the point of receiving the request and all necessary information from you. Our response will include the details of the personal data we hold for you including: 

  • Sources from which we acquired the information 
  • The purposes of processing the information 
  • Persons or entities with whom we are sharing the information 

You have the right, subject to exemptions, to ask to: 

  • To have your information deleted 
  • Have your information corrected or updated where it is no longer accurate 
  • Ask us to stop processing information about you where we are not required to do so by law or in accordance with our professional guidelines. 
  • Receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller, without hindrance from us. 
  • Object at any time to the processing of personal data concerning you. 

If you would like to invoke any of the above rights then please email sidhwahealth@outlook.com 

  1. What safeguards are in place to ensure data that identifies me is secure?

We only use information that may identify you in accordance with GDPR. This requires us to process personal data only if there is a legitimate basis for doing so and that any processing must be fair and lawful. 

Within the health sector, we must also follow the common law duty of confidence, which means that where identifiable information about you has been given in confidence, it should be treated as confidential and only shared for the purpose of providing direct healthcare. We will protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared. 

We also ensure the information we hold is kept in secure locations, restrict access to information to authorised personnel only, protect personal and confidential information held on equipment such as laptops with password protection.  

  1. How long do you hold confidential information for?

All records held by Ruki Sidhwa (Sidhwa Health) will be kept for the duration specified by law for Health Coach professionals as noted above in the How We Obtain section.  

If you do not agree for me to retain your information and any notes I take during consultation/s or you do not allow me to use the information to carry out Healthcare provision this could mean that I may not be able to provide any Healthcare provision. 

You agree that I can move your information from one device to another device if this is done in a confidential way. 

 

  1. Website technical details

Cookies 

Iookies are small blocks of data which are downloaded onto your device when you access a website.  The sidhwahealth website uses cookies and provides a consent box for you to agree or decline to the use of cookies. If you agree the data collected from the cookies is used to analyse website traffic and optimise website experience. 

  

  1. Complaints

If you have a complaint regarding the use of your personal data then please contact Sidhwa Heath and we will do our best to help you. 

If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO), you can contact them on 01625 545745 or 0303 1231113.  

Website: https://www.ico.org.uk/make-a-complaint