Privacy policy.

 

Effective Date: 04/03/2026
Business Name: Rooted Holistic Healing
Legal Status: Sole Trader
Contact Email: hello@rootedholistichealing.co.uk
Business Address: Available on request

1. Who We Are

Rooted Holistic Healing is a sole trader business offering Life Force Energy Healing sessions (sometimes referred to as Kundalini Activation), including online, in-person group, and one-to-one sessions.

For the purposes of UK data protection law, Rooted Holistic Healing is the data controller of your personal data.

2. What Personal Data We Collect

We may collect:

  • Name

  • Email address

  • Phone number

  • Billing details

  • Booking information (session type, date, time)

  • Any information you voluntarily provide when making a booking or enquiry

We do not intentionally collect special category health data through the website. Please do not submit sensitive medical information via website forms.

If sensitive information is voluntarily disclosed, it will be treated confidentially.

3. How We Collect Your Data

We collect data when you:

  • Make a booking through the website

  • Complete a contact form

  • Email us directly

  • Subscribe to any mailing list

The website is hosted on Squarespace, which processes technical data necessary to operate the website.

4. Lawful Basis for Processing

Under UK GDPR, we rely on:

  • Contractual necessity – to provide booked services

  • Legitimate interests – to respond to enquiries and manage the business

  • Consent – where you opt into marketing communications

5. How Your Data Is Used

We use your data to:

  • Process bookings

  • Deliver sessions

  • Communicate about appointments

  • Issue invoices or confirmations

  • Respond to enquiries

  • Maintain internal records

We do not sell or rent your personal data.

6. Payment Processing

Payments are processed via Acuity Scheduling. We do not store full payment card details.

Those providers act as independent data controllers and process your data according to their own privacy policies.

7. Data Sharing

We only share data when necessary to:

  • Process bookings

  • Take payments

  • Comply with legal obligations

This may include service providers such as:

  • Squarespace

  • Payment processors

8. Data Retention

We retain personal data only as long as necessary to:

  • Fulfil contractual obligations

  • Meet legal, tax, or insurance requirements

Booking and financial records are typically retained for 6 years in line with UK tax law.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction

  • Request deletion

  • Restrict processing

  • Object to processing

  • Withdraw consent (where applicable)

  • Lodge a complaint with the UK Information Commissioner’s Office

10. Data Security

We take reasonable technical and organisational measures to protect your personal data from loss, misuse, or unauthorised access.

11. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always appear on this website.