top of page


The Data Protection Act 2018 achieved Royal Assent on 23 May 2018. It implements the government's manifesto commitment to update the UK’s data protection laws. The Data Protection Act 1998 served us well and placed the UK at the front of global data protection standards. The 2018 Act modernises data protection laws in the UK to make them fit-for-purpose for our increasingly digital economy and society. As part of this the 2018 Act applies the EU’s GDPR standards. By having strong data protection laws and appropriate safeguards, businesses will be able to ensure that modern, innovative uses of data can continue while at the same time strengthening the control and protection individuals have over their data.

At Sirocco Therapy, accessible from one of our main priorities is the privacy of our visitors and clients. This Privacy Policy document contains types of information that is collected and recorded by Sirocco Therapy and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.


General Data Protection Regulation (GDPR)

We are a Data Controller of your information.

The company, Sirocco Therapy, is registered with the Information Commissioner’s Office (ICO). As I am the only person who works for the company I am both the Data Controller and the Data Protection Officer. My contact details are:


In most cases, the information I collect about you comes from you, via an email, phone call, online form, social media contact or during face-to-face sessions in person or via video link.       

  • If you are under 18, I may get some information from your parents or school

  • If you are referred by someone else (e.g. an employer) I may get some information from them


Sirocco Therapy legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Information we collect, the specific context in which we collect the information, and the use of the data:

  •  Sirocco Therapy needs to perform a contract with you, and to maintain contact and appropriate records

  • To enable appropriate advice or therapies to be delivered

  • You have given Sirocco Therapy permission to do so

  •  Processing your personal information is in Sirocco Therapy’s legitimate interests and allows maintenance of records and accounts accordingly

  • Sirocco Therapy needs to comply with the law and current regulations  

Sirocco Therapy will retain your personal information for seven years – as required by the regulations, the professional body and/or insurance company. We will retain and use your information to the extent necessary to comply with our legal obligations. After this time it is shredded and/or digitally disposed of securely. 

Please note, there is no legal requirement for you to share any information with me, but if you do not do so I may not be able to work with you. 


If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:


  • The right to access, update or to delete your personal information (you can request the information held by making a request in writing allowing up to 30 days’ notice, and rectify or restrict the data held)

  • The right of rectification (if you think my records are incorrect you can ask me to change them)

  • The right to object (you can object to the way I process your information, e.g. for marketing use, and you can ask me to stop using it in that way) 

  •  The right of restriction (in certain circumstances you can request that I stop processing your information)

  • The right to data portability (you can ask me to send your information to someone else)

  • The right to withdraw consent (in certain circumstances you can ask me to remove your details from my records – also known as the right to be forgotten)

  • About automated decision-making processes (without human involvement)


The data and information held and required for Hypnotherapy services will involve collecting and processing information about you including name, contact details, medical history, family related information, nature of employment, lifestyle information, details of support networks and information regarding the problem you would like me to help you with. This will be necessary to provide you with safe and effective therapy.

As a client of the Sirocco Therapy you consent to my holding and using your information when you submit an online form through the website or email or social media. If you undertake therapy with me you will sign my terms and conditions, which creates a contract. If you email, phone or contact me via social media with enquiries it is a legitimate interest of my business to use your contact details to reply to you.


Sharing Information


I am the only person who has access to the information shared with me by a third-party, or supplied to me by yourself unless

  • there is a legal requirement for me to share the information (e.g. a court order or warrant is issued)

  • you ask me in writing to share your own personal information with someone else

  • the Duty of Care Provision from my Code of Ethics applies - see the notes about this further down

  • I am working with you as part of a care team, or you have been referred to me by someone else (e.g. an employer), in which case pre-arranged levels of information will be shared with these relevant parties 


Log Files

Sirocco Therapy follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users' movement on the website, and gathering demographic information.


Cookies and Web Beacons

Like any other website, uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.


Privacy Policies

You may consult this list to find the Privacy Policy for each of the advertising partners of

Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.

Note that has no access to or control over these cookies that are used by any third-party advertisers.


Third Party Privacy Policies's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options. 

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites. 


Children's Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

Please note, if you are under 18 I will need permission from a parent or guardian before working with you, and if you are under 13 I will need to verify your date of birth. does not knowingly collect any Personal Identifiable Information directly from children under the age of 13. If you think that your child provided this kind of information on our website or by email, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.



By using our website, and making on-line contacts through our social media or email addresses, you hereby consent to our Privacy Policy and agree to its terms.

You can learn more about your rights from the Information Commissioner’s Office at

bottom of page