Well Necessities -

Privacy Policy

The following privacy policy has been drafted to comply with the GDPR regulations which come into effect on the 25th May 2018. Here you will find how your data is collected, for what purpose and how it is utilised. For a comprehensive outline of your privacy rights, please read the information available on the ICO website. https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Data controller​ Sam Marshall Davies, Mob 07775 954478 [email protected] 

What data is collected?

Here is a list of what data is most commonly collected. This list is not exclusive:

  • Name
  • Date of Birth
  • Email address
  • Contact phone number
  • Address (for mobile client visits only)
  • Occupation
  • Lifestyle, to include what exercise you do, stress levels, how well you sleep
  • Illnesses or diagnosed medical conditions (past and present)
  • Accidents or injuries you have had or have
  • Operations you have had
  • Allergies
  • Current medication
  • If you are pregnant
  • Any other medically relevant information you may wish to disclose
  • Where you are currently experiencing physical and emotional issues that may be linked to diet.  
  • If you have any mobility issues or restrictions
  • Following a session, feedback on diet changes, supplementation and lifestyle. 
  • Following a session, notes on any identified problem foods, vitamin & mineral deficiencies, test results and recommendations.
  • doTERRA sign up documentation only - bank details (not relevant to food intolerance/nutrition testing appointments).  

How is it collected?
  • Directly from you as part of the consultation process, entering your details on a client consultation form and transferred to a client database, or through the contact forms embedded on the website.  
  • In clinical notes post treatment, detailing what happened.

Why is this data collected?
  • To create an appropriate treatment session or plan which addresses your needs safely without causing further harm.
  • To contact you in relation to your appointment.
  • For insurance purposes.
  • In case of an emergency, where passing relevant medical information to the emergency services could save time.
  • For my own security.
  • For tax purposes.
  • To inform those who have explicitly requested to be on the mailing list of promotions.
  • For business intelligence.

Who is your data shared with?
I may share your data with: 
  • My accountant and HMRC in submitting my accounts and tax records. No sensitive data is shared, only your name is issued.
  • Balens Insurance Ltd; my insurance company in the incidence of a claim.
  • My husband. As part of my security process access to your contact details is available in case of a breach of my personal safety. No access has been given to your sensitive data (medical information or preferences).

Your rights under the GDPR
  • The right to be informed about the use of your personal data and its collection.
  • The right of access, namely to see what data is held about you.
  • The right to have your personal information corrected if it is inaccurate or completed if information is missing.
  • The right to have your personal information erased.
  • The right to restrict processing of your personal data.
  • The right to move, copy or transfer your personal data.
  • The right to object to processing of your personal data.

Third party websites

This privacy policy applies only to personal data collected and processed by Well Necessities. I am not responsible for the privacy set by any third party websites or services. For those wishing to understand how their information is held on card transactions, please view Sum Up’s Privacy Policy (item 6) https://sumup.co.uk/privacy/. Sum Up are my card payment gateway provider.

Data Retention

Well Necessities will retain your personal data for 7 years from your last treatment. This period satisfies the legal and policy requirements which need to be met for HMRC and the insurance company (Balens).
For doTERRA bank records - these will be retained until the registration or order has been processed and then destroyed immediately.  No financial data will be stored electronically.  

Data Storage

All data is held on cloud storage, encrypted and requires a password or fingerprint to gain access. No data is stored outside of the UK.  Paper based consultation forms are stored in a locked metal filling cabinet and will only be removed from this location during a consultation.  

Updating my privacy policy

This privacy policy will be updated as necessary and published here, to be in-line with the law and will be effective immediately.

Exercising your rights

If you wish to exercise your GDPR rights or in the event that you wish to make a complaint about how your data is handled by Well Necessities please contact Sam Marshall Davies at s[email protected] or 07775954478. You can also raise concerns if you believe that your data protection rights have been mistreated with the ICO, an independent body, on 0303 123 1113, to which Well Necessities is registered.

Existing Clients & New Clients

Clients who have seen me prior to the 25th May 2018 will need to sign their consent for me to continue holding their data in accordance to these regulations. You will need to do this at your next appointment, where the forms will be provided or you can download the pdf to print and sign. This can then be scanned and sent to me or brought with you.
New clients will cover this as part of their consultation on their first visit and do not need to prepare anything in advance.

Website Builder provided by  Vistaprint