Privacy Policy for Guided Healing Ltd.
Last Updated: May 28, 2025
1. Introduction * Guided Healing Ltd. (‘we’, ‘us’, ‘our’) is dedicated to providing professional spiritual healing and hypnosis services to support your well-being. This privacy policy explains how we collect, use, and protect your personal information when you use our services or visit our websites, guidedhealing.ltd and spiritualhealing.cloud (collectively, ‘our Sites’).
2. Who We Are (Data Controller) * Company Name: Guided Healing Ltd. * Registered Office Address: The Healing Cloud, Dover Road, Southport, Merseyside, PR8 4TH. * Company Registration Number: 11474773. * Contact for Data Protection Enquiries: * FAO: Legal Department * Email: * Postal Address: The Healing Cloud, Dover Road, Southport, Merseyside, PR8 4TH.
3. What Personal Data We Collect * We collect personal data from you when you engage with our services (including introductory calls and sessions) or interact with our Sites. All client data related to sessions is treated with strict confidentiality in line with UK GDPR principles. * Types of Data Collected may include: * Identity Data: Full name, date of birth. * Contact Data: Email address, phone number, postal address. * Service Data: Information discussed during introductory calls and spiritual healing/hypnosis sessions, including notes and, where applicable, recordings. This may include Special Category Data such as information about your physical or mental health and well-being, and potentially religious or philosophical beliefs if disclosed by you and relevant to the services. * Recordings: We may record Zoom and phone call sessions. This is done for the purposes of liability protection and for the practicalities of transcription to support service delivery. We will always inform you if a session is being recorded and obtain your consent where required. * Financial Data: Payment details (processed securely by our third-party payment processors). * Technical Data (from our Sites): IP address, browser type and version, operating system, device information, page views, navigation paths, and information about your use of our Sites collected via cookies and similar technologies. * Marketing and Communications Data: Your preferences in receiving marketing from us (e.g., for our mailing list) and your communication preferences. * How Data is Collected: * Directly from you (e.g., when you fill in forms on our Sites, during consultations, via email or phone). * Automatically (e.g., technical data from your use of our Sites, including through cookies).
4. How We Use Your Personal Data * We use your personal data for the following purposes: * To provide and deliver our spiritual healing and hypnosis services, including introductory calls and ongoing sessions. * To manage your client account, appointments, and our therapeutic relationship. * To communicate with you regarding your sessions, our services, respond to your enquiries, and provide follow-up care. * To process payments for our services. * For internal record keeping and administrative purposes, including transcription of recorded sessions where applicable. * To deliver content via our Sites (including spiritualhealing.cloud). * To send you marketing communications, such as newsletters and information about our services via our mailing list, where you have consented to receive such communications. * To improve our Sites and services (e.g., by analysing usage patterns). * To comply with our legal and professional obligations (e.g., financial regulations, adherence to professional body guidelines if applicable). * To ensure the security of our Sites and IT systems, and for liability protection.
5. Our Lawful Basis for Processing Your Personal Data * We will only process your personal data where we have a lawful basis to do so under UK GDPR. The lawful bases for processing your data include: * Performance of a Contract: Where processing is necessary to provide the services you have requested from us. * Explicit Consent: For processing Special Category Data (e.g., health information), for making and storing recordings of your sessions, and for sending you direct marketing communications. You can withdraw your consent at any time (for marketing, by using the unsubscribe link in emails or contacting us; for other consent-based processing, by contacting us directly). * Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject. * Legitimate Interests: Where processing is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests. This may include for liability protection, internal administration, service improvement (often using anonymised/aggregated data), and ensuring the security of our systems. * (Martin, as stressed before, this section in particular requires careful review with your legal counsel to ensure the identified bases are appropriate for all your specific processing activities).
6. Who We Share Your Personal Data With (Data Sharing and Third Parties) * We do not sell or lease your personal data. We do not share your personal data with third parties for their own marketing purposes. * We use third-party service providers (data processors) to help us operate our business and deliver services. These providers are contractually bound to protect your data and only use it in accordance with our instructions. These include: * Payment Processors: Stripe and PayPal. * Email/Newsletter Services: MailerLite. * Cloud Data Storage: Google Drive. * Website Hosting: Hostinger. * International Data Transfers: Some of these third-party providers may be based outside the UK or European Economic Area (EEA). Where we transfer your data to such providers, we rely on UK Adequacy Regulations where applicable, which means the UK government has determined that the country in question provides an adequate level of data protection. You should ensure that such adequacy decisions cover the specific locations where these providers process your data or that other appropriate safeguards are in place.
7. Data Security * We are committed to ensuring that your personal data is secure. We have put in place appropriate technical and organisational measures to safeguard and secure the information we collect, including: * Encryption of data where appropriate (e.g., for sensitive data stored on Google Drive, both at rest and in transit). * Two-factor authentication for access to systems holding personal data. * Strong password policies and access controls. * Data minimisation (collecting only what is necessary). * Regular security reviews of our IT systems and data handling practices. * Staff training on data protection and confidentiality. * Secure methods for any data download or transfer. * While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure.
8. Data Retention * We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. * Specific retention periods include: * Client session notes and recordings: 5 years after your last session. * Financial records: 7 years as required by law. * Mailing list data: Until you withdraw your consent (unsubscribe). * For other types of data, we will retain it in line with its purpose and any applicable legal requirements. Once data is no longer needed, it will be securely deleted or anonymised.
9. Your Data Protection Rights * Under UK data protection law, you have rights including: * Your right of access – You have the right to ask us for copies of your personal information. * Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. * Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances. * Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances. * Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances (e.g., for direct marketing). * Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances. * You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. * Please contact us at or by post at The Healing Cloud, Dover Road, Southport, Merseyside, PR8 4TH (FAO: Legal Department) if you wish to make a request.
10. Cookies and Tracking Technologies * Our Sites (guidedhealing.ltd and spiritualhealing.cloud) use cookies. Cookies are small text files placed on your device to collect standard Internet log information and visitor behaviour information. * We use cookies primarily for analytics purposes – to help us understand how visitors use our Sites, which allows us to improve website functionality and user experience. We do not use cookies for targeted advertising beyond this analytical understanding of site usage. * You can set your browser not to accept cookies, and the websites aboutcookies.org or allaboutcookies.org tell you how to remove cookies from your browser. However, some of our website features may not function as a result. * We recommend you use a cookie consent banner on your Sites to allow users to manage their cookie preferences for non-essential cookies. If your use of analytics cookies becomes more extensive, or you introduce other types of cookies, a more detailed separate Cookie Policy may be advisable.
11. Children’s Privacy * Our services and Sites are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and you are aware that your child has provided us with personal data without your consent, please contact us. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.
12. Links to Other Websites * Our Sites may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
13. Changes to This Privacy Policy * We keep our privacy policy under regular review. Any updates will be posted on this page, and the “Last Updated” date at the top of this policy will be amended. We encourage you to review this policy periodically to stay informed about how we are protecting your information.
14. How to Contact Us and Complaints * If you have any questions about this privacy policy or our data protection practices, or if you wish to exercise any of your rights, please contact us: * Email: * Post: FAO: Legal Department, Guided Healing Ltd., The Healing Cloud, Dover Road, Southport, Merseyside, PR8 4TH. * You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
