top of page

Privacy Policy

Scope

This Privacy Policy explains what personal data we collect from participants, how and why we use it, how it is stored and protected, and the rights and choices of individuals. It applies to all clients of DANIEL NUTRITION LTD, visitors to our website, and any others whose personal information we process during our operations.

 

Data Collected

We only collect information necessary to deliver our nutrition and weight-management services. This includes:

  • Personal Identifiers: Name, date of birth, address, phone number, email – used for registration, communication, and recordkeeping.

  • Health and Lifestyle Information: This includes special category data such as medical history, medications, allergies, dietary habits, weight/measurements, and other lifestyle factors- collected securely via intake forms and used only to deliver safe and personalised services.

  • Referral Information: If referred by a GP or public health body, we may receive relevant clinical or contact info-only with the participant’s consent.

  • Payment Details: For self-funding clients, basic payment info is collected via secure third-party providers (e.g. Stripe, Wix Payments). We do not store full card numbers ourselves.

  • Website Usage Data: Our Wix-hosted website collects basic usage data (e.g. IP address, browser type) and uses cookies. Non-essential cookies (e.g. analytics) require consent. See our Cookie Policy.

 

We never sell or trade personal data. We also do not use fully automated decision-making.

 

Research and Evaluation

 

 

For community projects such as Bloom⁺, Daniel Nutrition Ltd collects additional data to evaluate the impact of our services on nutrition, activity, and wellbeing.
 

This may include demographic details, lifestyle information, optional health measures, and participant feedback.

 

Research is led by Daniel Nutrition Ltd, sometimes in collaboration with the University of Leeds or other partners.

Only anonymised or aggregated data is ever shared externally - no individual can be identified.

 

Participation in evaluation is part of the programme, but you may withdraw at any time by emailing info@danielnutrition.co.uk.

Once data is anonymised, it cannot be withdrawn.

 

Purposes of Processing

  • Service Delivery: To provide tailored nutrition programmes and support.

  • Safety & Clinical Risk: With consent, we may share health info with the client’s GP for medical clearance or if urgent concerns arise. In rare, life-threatening scenarios, this may be done without consent.

  • Programme Monitoring: For progress tracking, session notes, and internal evaluation. For funded clients, anonymised or minimal identifiable data may be shared with funders under formal agreements.

  • Payments: To issue invoices, process payments, and generate receipts.

  • Marketing (Opt-In Only): Individuals must give explicit permission to receive any newsletters or updates. We don’t send unsolicited communications.

  • Legal Obligations: For tax, insurance, safeguarding, or regulatory compliance.

 

Lawful Basis for Data Use

 

Our processing is primarily based on explicit consent, gained during onboarding.

 Other lawful bases include:

  • Contract necessity – e.g. payment or delivering agreed services

  • Legal obligation – e.g. keeping tax or safeguarding records

  • Vital interest – rare cases where life or safety is at immediate risk and serious safeguarding concerns.

  • Public interest/healthcare provision – for clients referred via local authority schemes

We have a full safeguarding policy and procedure and program-specific terms and conditions, which explain how we will share your personal data in the case of clinical risk or safeguarding; however, this is not publicly available for security reasons. All clients will be briefed on these procedures and additional terms and conditions during onboarding, where explicit consent to share personal details in such safeguarding cases will be clearly outlined.

 

We do not rely on “legitimate interest” for sensitive health data.

 

Data Sharing

 

Data is shared only when necessary and with safeguards in place:

  • Internally: Only Daniel Essom and authorised staff can access client files.

  • Website and Intake Forms: Wix and Microsoft act as secure, GDPR-compliant processors.

  • Payment Gateways: Stripe, PayPal, and similar providers handle transactions securely.

  • GPs/Healthcare Providers: With client consent, we may share updates or concerns.

  • Public Funders: For council-funded services, attendance and anonymised outcome reporting may be required.

  • Legal Compliance: We will comply with court orders or safeguarding duties where legally required.

 

Data Security

 

We take data protection seriously, using a combination of:

  • Encrypted cloud storage (e.g. Microsoft Workspace)

  • Password-protected, encrypted folders for local files

  • Two-factor authentication (2FA) for Wix CMS, Google, and any device or platform storing client data

  • Role-restricted access for safeguarding or sensitive records

  • Regular reviews and access control audits

 

Your Rights

 

You have the right to:

  • Be informed about how we use your data

  • Request access (a copy of your data)

  • Request corrections

  • Ask for deletion (where legally allowable)

  • Restrict processing

  • Object to certain uses

  • Receive your data in portable format (e.g. for transfer)

  • Be free from automated decisions that impact you (not used here)

 

To exercise any of these, email Daniel (details below).  He will respond within one month and verify your identity before proceeding.

 

Data Controller: Daniel Essom

Email: Daniel.essom@outlook.com
 

 

We also have a full complaints policy and procedure available on our website or by request.

We also have a full GDPR policy, better explaining how we follow these regulations, which isnot publicly available for security reasons.

 

If you have any concerns, please contact us first.
 

You also have the right to raise complaints with the Information Commissioner’s Office (ICO):

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF  0303 123 1113  www.ico.org.uk

 

Final Notes

 

By using our services, clients agree to this Privacy Policy. We aim to uphold the highest standards of privacy and data protection at all times.

 

Reviewed: September 2025

Next Review Due: September 2026 or sooner if required.

bottom of page