top of page

Privacy Policy

www.lornahawthorne.com

Privacy Policy for Lorna Hawthorne

Effective Date: 01.09.2025

1. Introduction

This Privacy Policy explains how I collect, use, store and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who I Am

I am Lorna Hawthorne, a registered homeopath trading as lornahawthorne.com.
I am the data controller for the personal information I hold.

Contact details: 
Email: lornafbhawthorne@gmail.com
Telephone: 07863 209814

3. The Personal Data I Collect

I may collect and store the following information:

  • Name, address, date of birth and contact details.

  • Medical history and health information.

  • Notes taken during consultations.

  • Appointment records.

  • Payment and invoicing information.

  • Any correspondence you have with me (email, text, etc.).

4. Special Category Data

Health information is classed as special category data under UK GDPR. I only collect this information where necessary for providing homeopathic treatment and with your explicit consent.

5. How I Use Your Data

I use your personal data to:

  • Provide homeopathic consultations and treatment.

  • Maintain accurate clinical records.

  • Communicate with you about appointments or treatment.

  • Process payments and keep financial records.

  • Comply with legal and professional obligations.

6. Lawful Basis for Processing

I process your data under the following lawful bases:

  • Consent – you have given clear consent for me to process your personal data.

  • Contract – processing is necessary to provide my services to you.

  • Legal obligation – where required by law.

7. How Your Data Is Stored

Your data is stored securely:

  • Paper records are kept in locked storage.

  • Digital records are password-protected and encrypted where possible.

  • Only I have access to your records unless legally required otherwise.

8. How Long I Keep Your Data

I retain client records for [e.g. 7 years after the last consultation], in line with professional guidance and legal requirements. After this time, records are securely destroyed.

9. Sharing Your Data

I do not share your personal data with third parties unless:

  • You have given explicit consent.

  • I am legally required to do so.

  • It is necessary for professional supervision or insurance purposes (with confidentiality maintained).

10. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data I hold about you.

  • Request correction of inaccurate data.

  • Request deletion of your data (where legally possible).

  • Withdraw consent at any time.

  • Object to or restrict processing.

  • Lodge a complaint with the Information Commissioner’s Office (ICO).

11. Data Breaches

In the unlikely event of a data breach that risks your rights or freedoms, I will notify you and the ICO where required.

12. Cookies and Website Data (if applicable)

If you have a website, it may use basic cookies for functionality. No unnecessary tracking cookies are used without consent.

13. Changes to This Policy

This Privacy Policy may be updated from time to time. The latest version will always be available on request or on my website.

14. Contact

If you have any questions about this Privacy Policy or how your data is handled, please contact me using the details in Section 2.

Thank you for trusting me with your personal information.

bottom of page