Privacy Policy

1. Introduction

This Privacy Policy explains how your personal data is collected, used, and protected in accordance with UK GDPR and other applicable data protection laws.

Francesca (Franki) Salter, Registered Dietitian, is the data controller responsible for your personal information.

If you have any questions about this policy, please contact:
Email: franki@dietitianfranki.com

2. What Information Is Collected

I may collect and process the following information:

Personal Data

  • Name

  • Email address

  • Phone number

Health Information (Special Category Data)

  • Information about your health, eating behaviours, and medical history

  • Information shared during consultations

  • Information provided in pre-appointment questionnaires and consent forms

  • Relevant information shared by other healthcare professionals (with your consent)

Technical Data

  • IP address

  • Browser type

  • Website usage data

3. How Your Information Is Collected

Your information may be collected when you:

  • Complete a contact form on this website (hosted by Squarespace)

  • Contact me via email

  • Book or attend appointments

  • Complete pre-appointment forms or questionnaires

  • Use this website

4. Lawful Basis for Processing

Your personal data is processed under the following lawful bases:

  • Consent – where you provide information voluntarily

  • Contract – where processing is necessary to provide services you have requested

  • Legitimate interests – to operate and improve services

Health Data

Health data is classified as “special category data” and is processed under:

  • Provision of health care and treatment

  • Your explicit consent where required

5. How Your Information Is Used

Your information is used to:

  • Provide dietetic services

  • Communicate with you

  • Maintain professional clinical records

  • Liaise with other healthcare professionals (with your consent)

  • Improve services

  • Comply with legal and professional obligations

6. Third-Party Services

Your data may be processed by trusted third-party providers. These providers act as data processors on our behalf and handle your data in accordance with our instructions and their respective privacy policies:

  • Squarespace: Used for website hosting and managing contact forms.

  • Google Meet: Used for the digital delivery of consultations.

  • Google Workspace: Used for secure email communications, receiving referrals, and digital file storage.

Data Security & Processing
Data is stored within our managed Google Workspace account and is protected by Google’s standard security features, including encryption at rest and in transit. We use this data to provide tailored nutritional advice, schedule appointments, and maintain client health records.

Special Category Data & Transfers
Where we process sensitive health information (referrals or medical notes), we do so based on your explicit consent or for the purposes of providing health and social care. Because these providers operate globally, your data may be transferred to and stored in countries outside the UK/EEA (such as the United States). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or reliance on adequacy frameworks.

7. Data Storage and Security

Your data is stored securely using appropriate technical and organisational measures to protect against unauthorised access, loss, or misuse.

Where possible, data is stored within the UK or European Economic Area (EEA). Where third-party providers process data outside these areas, appropriate safeguards are in place.

8. Data Retention

Your data will be retained only as long as necessary to:

  • Provide services

  • Meet legal, regulatory, and professional requirements

Healthcare records are typically retained in line with professional guidance (for example, for a minimum of 8 years after last contact, or longer where required).

9. Sharing Your Information

Your personal data will not be shared without your consent unless:

  • Required by law

  • There is a risk to your safety or the safety of others

  • It is necessary to provide your care (e.g. communication with your GP, with your consent)

10. Your Rights

Under UK data protection law, you have the right to:

  • Access your personal data

  • Request correction of inaccurate or incomplete data

  • Request erasure (where applicable)

  • Restrict processing

  • Object to processing

  • Request data portability

  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, please contact:
Email: franki@dietitianfranki.com

You also have the right to lodge a complaint with the Information Commissioner's Office.

11. Cookies

This website uses cookies to improve your experience and understand how the site is used.

Cookies are small files stored on your device. You can control or disable cookies through your browser settings.

For more information, please refer to guidance from the Information Commissioner's Office.

12. Changes to This Policy

This Privacy Policy may be updated from time to time.

Any changes will be published on this page.

13. Contact

If you have any questions about this Privacy Policy or how your data is handled, please contact:

Email: franki@dietitianfranki.com