Privacy Policy

Last updated: February 2026

This privacy policy explains how personal information is collected, used, and protected in relation to hypnotherapy services and this website.

Who I am

Adam Pearson, Solution-Focused Hypnotherapist
Newquay Hypnotherapy / adampearson.com

adam@newquayhypnotherapy.com

I am the data controller for the purposes of UK GDPR.

What information may be collected

Information you provide may include:

  • name and contact details

  • appointment information

  • information relevant to sessions

  • brief confidential session notes

  • email subscription details

  • correspondence

Website systems may also collect limited technical data such as analytics information.

Lawful basis for processing personal data

Personal data is processed in accordance with UK GDPR on the following lawful bases:

Contract
Personal information is processed where necessary to provide hypnotherapy services, manage appointments, and communicate with clients.

Legitimate interests
Brief confidential notes may be kept to support continuity of care, professional reflection, and safe delivery of services.

Consent
Where you subscribe to newsletters or marketing communications, your data is processed based on your consent. You may withdraw this consent at any time.

Special category data
Information relating to wellbeing or mental health is processed only where necessary for the provision of therapeutic services and is handled with appropriate confidentiality and security.

How your information is used

Your information is used only to:

  • provide hypnotherapy services

  • manage appointments

  • communicate with you

  • maintain confidential client records

  • send newsletters you have requested

Personal data is never sold or shared for marketing purposes.

Confidentiality

All client information is treated as confidential.

Information will only be shared where legally required, such as where there is a serious risk of harm to yourself or others, safeguarding concerns, or disclosure required by law.

Data storage and security

Reasonable steps are taken to store personal information securely using password-protected systems and trusted service providers.

Only necessary information is retained.

Data retention

Client records are typically retained for 7 years after the end of therapy, in line with common professional practice.

Email subscription data is retained until you unsubscribe.

You may request deletion of personal data where appropriate.

Third-party services

Some data may be processed through secure third-party providers used to run this practice, such as:

  • website hosting (Squarespace)

  • appointment scheduling (Squarespace)

  • email communications (ConvertKit)

  • secure email providers (Microsoft)

These services process data only as necessary to deliver their functions.

Your rights

Under UK GDPR, you have the right to:

  • request access to your personal data

  • request correction of inaccurate data

  • request erasure where appropriate

  • object to processing

  • withdraw consent for marketing communications

Requests can be made by email.

You also have the right to complain to the Information Commissioner’s Office (ICO):
https://ico.org.uk

Changes to this policy

This policy may be updated from time to time. The latest version will always appear on this page.