Prem Chandra

Menu
Begin here

Privacy Policy

This Privacy Policy explains how your personal information is collected, used, and protected when you use this website, contact me, or book a session.

Data Controller

I, Gaja Klapucka, trading as Prem Chandra, am the Data Controller for your personal data.

If you have any questions, you can contact me at: [INSERT EMAIL]

You may also contact the UK supervisory authority, the Information Commissioner’s Office (ICO): https://www.ico.org.uk/

ICO Registration Number: [INSERT ONCE RECEIVED]

Information I collect

I may collect the following information:

  • Name, email address, and messages you send via contact or email
  • Booking details for one-to-one sessions (arranged via Acuity Scheduling)
  • Email address if you join a mailing list ([SECURE EMAIL MARKETING PROVIDER – CONFIRM WITH WEB DESIGNER])
  • Payment information processed securely via a third-party provider (I do not store card details – processed by Stripe)
  • Health and personal information you choose to share during sessions (where relevant for safe practice)
  • Website analytics data (if enabled)

For clients under 18, a parent or guardian must provide consent and be present during sessions.

How your information is used

Your information is used only to:

  • Respond to enquiries
  • Arrange and manage sessions
  • Provide safe and appropriate care
  • Send updates if you have subscribed
  • Maintain basic website security and functionality

Your data is never sold or shared for marketing purposes or for third-party marketing purposes.

Lawful basis for processing

Your data is processed under:

  • Contract: to manage sessions and enquiries
  • Legal obligation: to retain records where required for insurance and professional standards
  • Consent: for newsletters and optional communications
  • Legitimate interest: to maintain safe, ongoing client care
  • Special category data (health information): processed with your explicit consent (UK GDPR Art. 9(2)(a))

You may withdraw consent at any time, though this may affect my ability to offer ongoing sessions safely.

Session information & confidentiality

Any health or personal information shared during sessions is treated as confidential and handled securely.

Session notes are kept only as long as necessary to provide safe and responsible care.

Data storage & security

Your information is stored securely using password-protected and encrypted systems.

Access is limited to me only, and appropriate security measures are in place to protect your data.


Booking data is stored via Acuity Scheduling.

Payment processing is handled via Stripe (no card details stored by me).

Data retention

  • Session records: kept for 7 years (or 7 years after age 18 for minors)
  • Mailing list data: kept until you unsubscribe
  • Email correspondence: kept only as long as necessary for administrative purposes.

Cookies

This site may use cookies and basic analytics to support functionality and understand usage. (what are we using?!!)

You can disable cookies in your browser settings at any time.

Your rights

You have the right to:

  • Access your personal data
  • Request corrections
  • Request deletion (where legally possible)
  • Withdraw consent at any time

I will respond to requests within one month (or up to three months for complex cases).

If you are not satisfied, you may contact the Information Commissioner’s Office (ICO).