Privacy Policy


This policy sets out the different areas where user privacy is concerned and outlines the obligations and requirements of the users, the website and website owners. Furthermore, the way this website processes, stores and protects user data and information will also be detailed within this policy.

In this Privacy Policy, "We", "Us" and "Our" means Joanna Taylor & Associates. 

Our Data Controller is Joanna Taylor ([email protected]), PO Box 551, Scarborough, North Yorkshire, UK, YO11 9JG.

In this Privacy Policy, “our websites” mean “” or "".

We are committed to protecting your privacy and aim to be clear when we collect your information and use it only as you would reasonably expect.

This practice complies with the Data Protection Act (1998) and General Data Protection Regulation (GDPR) 2018. This means that we will ensure that your information is processed fairly and lawfully.

Courses and Training

How We Use Personal Information

We will not use your personal information unless we have first told you how we will use it or it is obvious how we will use it.

We will never sell or rent your personally identifiable information to anyone.

Our Websites

Our websites are created by Joanna Taylor and hosted by WordPress. We take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of our website users throughout their visiting experience.

Personally Identifiable Information (PII)

Whilst requesting information via our websites, you may be required to provide personal information (name, email, etc.). We will use this information to send you the specific items you have requested (for example our monthly newsletter or a course prospectus etc) and for no other purpose.

We will ensure that all personal information supplied is held securely in accordance with the General Data Protection Regulation (EU) 2016/679, as adopted into law of the United Kingdom in the Data Protection Act 2018. Further, by providing your name and any contact details, you consent to us contacting you using these methods.

You have the right at any time to request a copy of the personal information we hold on you. Should you wish to receive a copy of this, or would like to be removed from our database, please contact us at [email protected] . Subscribers to our monthly newsletter may unsubscribe at any time using the link on the newsletter email.

As a training organisation we need to collect and use your personal information in the following circumstances:

  • Course applications, registrations and associated administration, including both live and online courses.
  • Delivering our monthly newsletter to subscribers who have opted in.
  • During a research project or survey, for which participants have specifically opted in.
  • Understanding the use of our website including details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data as monitored by our website host.
  • Monitoring course feedback.

Our lawful basis for the purposes that we process personal information is for the performance of our contract with you to provide our training services.

The law allows us to collect and use personal data if it is necessary for our legitimate business interest and so long as its use is fair, balanced and does not unduly impact your rights. In many situations, the best approach is to process personal data because of our contract with you and our legitimate interests as a professional organisation, rather than consent. However, we will ask for your consent to send you marketing emails regarding our future courses. You can withdraw consent for this at any time.

Because of the therapeutic nature of our trainings, we may sometimes be informed of sensitive personal data by our students. This would only be recorded in writing by the tutor where considered contextually appropriate, and only for the purposes of assisting the your ongoing learning and development within the specific course. Sensitive information of this nature is stored in a locked filing cabinet, and destroyed following the your completion of the course.

In an emergency situation, we may share your personal details with the emergency services if we believe it is in your ‘vital interests’ to do so. For example, if someone is taken ill during one of our courses.

We may also share your personal information where we are compelled by law to do so.

How do we Collect Information?

We collect information in two possible ways:

When you directly give it to us (“Directly Provided Data”)

When you book courses, sign up for our newsletter or communicate directly with us, you may choose to give us certain information – for example, by filling in text boxes, completing booking forms and submitting coursework. All this information requires a direct action by you at that time in order for us to receive it and process it.

When you give us permission to obtain from other accounts (“User Authorised Data”)

Depending on your settings or the privacy policies for other online services, you may give us permission to obtain information from your account with those other services. For example, this can be via the payment method you use (PayPal, GoCardless, Stripe etc.) or by choosing to send us your location data when accessing our website from your smartphone.

We collect personal information from you directly through our website, by online forms, over the phone, through surveys and through paper booking forms.

Our website may collect information about the software on your computer or device (your browser version etc.) and your IP address (your connection with the internet) to improve your interaction with our websites. This may happen automatically without your being aware of it.

We may use cookies to remember personal settings you have chosen at our website. In no other context do we use cookies to collect information that identifies you personally. Most of these cookies are automatically deleted from your computer when you leave our website or shortly afterwards.

Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features. If you log into one of our online courses as a registered user, your session cookie will also contain your user ID so that we can monitor your progress within the course.

Our websites use tracking software to monitor their visitors. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.

Should users wish to deny the use and saving of cookies from this website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.

The Personal Information that We Collect

For event applications, registrations and administration we may collect:

  • Name and contact details of the person or organisation making the booking.
  • Name and contact details of the person attending the event (if different from the person making the booking).
  • Method of payment (we do not directly collect payment information details; payments are made securely via third party payment processing services such as BACS, SumUp, Stripe or PayPal).
  • Specific information such as relevant dietary and access requirements to facilitate event attendance.
  • Tutor notes to assist with ongoing student assessment.
  • Required student course work such as essays etc.
  • Feedback information from students following an event.
  • For sending our newsletter and informing people about our events we may collect:
  • Names and email contact details.
  • For managing applications for products and services with third-party providers (for example our online courses, accounts software and online feedback) we may collect:
  • Details of which of our products and services were purchased or used by you on those sites, including transaction details (date of transaction, cost and product or service purchased).
  • In the case of online courses, details of your progress through the course, and any interactions you choose to make within the online community of that specific course.
  • NOTE: Our affiliate partners process your personal information in their own right as a data controller, please refer to their privacy policy for more information about how your data is managed by them.

For administration of complaints and feedback:

  • A written summary of your complaint or feedback about our products or services or those of relevant partners, including the complainant’s PII.
  • A written summary regarding an alleged breach of the code of ethics by you, received by us from a third party including related PII.
  • A written record of any relevant actions, decisions and correspondence we may have taken.

Where we Store Your Personal Information

The data that you provide us with will typically be stored and processed within the European Economic Area ("EEA"). However, some of the services we use will mean that your data may be transferred to, and stored at, a destination outside the EEA. In these cases, we ensure that the provider is able to operate under the EU Binding Corporate Rules arrangement. Binding Corporate Rules (“BCRs”) are company-wide data protection policies approved by European data protection authorities to facilitate intra-group transfers of personal data from the European Economic Area (“EEA”) to countries outside the EEA. BCRs are based on strict privacy principles established by European Union data protection authorities and require intensive consultation with those authorities.

By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored securely; either electronically on password-protected devices or, in the case of written sensitive data, in locked filing cabinets.

Any payment transactions are encrypted by the third-party payment processing service, such as SumUp, Stripe, PayPal or BACS.

Where you have chosen a password which enables you to access our online courses, we do not have access to this and you are responsible for keeping this password confidential. We ask that you do not share your password with anyone.

Unfortunately, the transmission of information via the internet is never completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How we may Share Personal Information

We do not sell or share personal information with third parties for the purposes of marketing. If we run an event in partnership with another named organisation, your details may need to be shared with them. We will be very clear what will happen to your personal information if you register for such an event.

We will not sell personal information other than as part of a sale of a substantial part of our assets. We may disclose summary data only to a prospective purchaser, but only for use in connection with that sale.

We may, however, need to disclose your details, if required, to the police, other emergency services, regulatory bodies or legal advisors. We will only ever share your data in other circumstances if we have your explicit and informed consent.

How we Protect Personal Information

We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by those authorised to do so.

We undertake regular data protection training to ensure our compliance.

We ensure that there are appropriate technical controls in place to protect your personal details. For example, our computers are password protected and have appropriate virus and malware protection.

We store all PII that you supply us with on secured cloud servers or in secured paper files.

Unfortunately, the transmission of information over the internet can never be completely secure. Although we will do our best to ensure that your personal information is protected, we cannot guarantee the security of your data transmitted to the website or via email. Any transmission of your personal information by you is therefore at your own risk. Once we have received your information, we will use strict procedures and security features to try and prevent unauthorised access.

How Long we Keep Personal Information

We will not retain your personal information longer than necessary. We will retain the information you provide in order to provide our services to you, for as long as is necessary to provide those services.

If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse or to enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after it is no longer needed to provide the services to you.

We keep personal information about:

  • Course applications, registrations and administration.
  • Analytics information from our websites.
  • Feedback and complaints.

Your Rights

  • You have a right to know what personal data we hold, who we acquired it from, how we process it, the logic involved in any automatic processing, and who we disclose it to.
  • You have a right to ask us not to process your personal information in a way that is likely to cause unwarranted and substantial damage or distress.
  • You have a right to ask us to erase your personal information.

To exercise any of these rights, please contact us at [email protected] or on the telephone numbers or address below. You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy.

Therapy & Coaching

What personal information do we need to hold? 

  • Your past and current medical and conditions; personal details such as your age, address, telephone number, your medical practitioner and any other therapists you have seen. 
  • Information about the therapy we have suggested, and its cost. 
  • Notes of your therapy sessions. 
  • Any correspondence relating to you with other health care professionals, for example your doctor. 

Why do we hold this information? 

We need to keep accurate personal data about our clients in order to provide you with safe and appropriate care. 

What is the Lawful Basis for processing Personal Data? 

We hold a client’s data because it is our Legitimate Interest to do so. Without holding the data we cannot work effectively. 

Retaining information 

We will retain your client records during the duration of your therapy, and for a further seven years following the end of your therapy, after which they will be destroyed securely. 


Your information is held in a secure manual filing system. Any digital communication (e-mail, text/SMS etc) is held on password-protected devices accessible only to myself. All sessions, including telephone conversations, e-mail and text/SMS correspondence, will be conducted in confidence. This confidence will be maintained and applied to any and all records in accordance with the General Data Protection Regulation (GDPR) and Data Protection Bill (2018). 

When we may need to disclose your information 

We will not disclose your information, except in the following instances: 

  • Where the Client gives written consent for the confidence to be broken (for example if we need to write to your Doctor or Consultant). 
  • Where the Therapist is compelled by a Court of Law. 
  • Where the information is of such gravity that confidentiality cannot be maintained; for example where there is a possibility of harm to self or others, in cases of fraud or crime, or where minors (under 18) are concerned.
  • During the Therapist’s mandatory supervision of clinical caseload, in which instance Client identity will be protected. 
  • Where a locum has a need to know. This will normally be discussed with the Client. 
  • Where a referring GP or agency requires a report. A copy of the report will be available to the Client. Where disclosure is required under the above circumstances, this will be on a ‘need to know’ basis, so that only those individuals or organisations who need to know in order to provide care to you, and for the proper administration of Government (whose personnel are covered by strict confidentiality rules) will be given the information. Only information that the recipient needs to know will be disclosed. 

Access to your information and other rights 

You have a right to access the information that we hold about you and to receive a copy. You should submit your request to the practice in writing or by email. We do not usually charge you for copies of your information; if we pass on a charge, we will explain the reasons. 

You can also request us to: 

  • Correct any information that you believe is inaccurate or incomplete. If we have disclosed that information to a third party, we will let them know about the change. 
  • Erase information we hold, although you should be aware that, for legal reasons, we may be unable to erase certain information. 

If you do not agree If you do not wish us to use your personal information as described, you should discuss the matter with your therapist. If you object to the way that we collect and use your information, we may not be able to continue to provide your therapy. 

 If you have any concerns about how we use your information and you do not feel able to discuss it with your therapist or anyone at the practice, you should contact The Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF (0303 123 1113 or 01625 545745).   

Changes to This Policy 

We may change this Privacy Policy from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by contacting you directly.


Contact Joanna

You are welcome to contact me if you have any questions about our courses and workshops, or if you would like to discuss Wellbeing Coaching or Clinical Supervision.

[email protected]  |  +44 7968 738117

Joanna Taylor & Associates

PO Box 551, Scarborough, North Yorkshire, UK  YO11 9JG

Email: [email protected]

+44 7968 738119

© Copyright 2024 Joanna Taylor & Associates | All Rights Reserved

Start Your 7 Day Free Trial

Enter your details below to get instant access

We process your personal data as stated in our Privacy Policy. You may withdraw your consent at any time by clicking the unsubscribe link at the bottom of any of our emails.