Privacy & GDPR Policy

This Privacy & GDPR Policy explains how personal information is collected, used, stored, and protected by Nowco (“we”, “us”, or “our”) in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using this website or contacting us through our services, you acknowledge the practices described in this policy.

1. Who We Are

Nowco provides integrative wellbeing and therapeutic services, which may include approaches such as hypnotherapy, solution-focused work, Integral Eye Movement Technique (IEMT), yoga-informed practices, and holistic wellbeing support.

For privacy or data protection enquiries, you may contact us through the contact form available on this website.

Legal business details may be provided to clients where required for contractual or regulatory purposes.

2. Information We May Collect

Depending on how you interact with the website or services, we may collect the following information:

• Name

• Email address

• Telephone number

• Billing or correspondence address (where applicable)

• Appointment or enquiry details

• Payment information processed through secure third-party providers

• Technical website data, including IP address, browser type, device information, and website usage patterns

We only collect information that is reasonably necessary for the provision and administration of our services.

3. How Information Is Collected

Personal information may be collected through:

• Website contact forms

• Consultation or booking forms

• Email or direct communication

• Newsletter or mailing list subscriptions

• Session bookings or purchases

• Cookies and website analytics tools

4. How Your Information Is Used

Your information may be used for the following purposes:

• Responding to enquiries and communications

• Managing appointments, bookings, or client administration

• Processing payments

• Providing requested services

• Sending service-related updates or newsletters where consent has been given

• Maintaining website security and improving website functionality

• Meeting legal, ethical, or professional obligations

Your data will not be sold to third parties.

5. Lawful Basis for Processing

Under UK GDPR, personal data is processed on one or more of the following lawful bases:

• Consent — where you have voluntarily agreed to receive communications or provide information

• Contractual necessity — where processing is required to provide a requested service

• Legal obligation — where records must be maintained in accordance with legal or regulatory requirements

• Legitimate interests — where processing supports the safe and effective operation of the practice and website

6. Third-Party Services

We may use carefully selected third-party providers to support the operation of the website and services. These may include:

• Secure payment processors

• Website hosting providers

• Scheduling or booking systems

• Email or newsletter platforms

• Analytics and website performance tools

These providers are expected to handle data securely and in accordance with applicable data protection laws.

7. Data Security

Reasonable technical and organisational safeguards are used to help protect personal information from unauthorised access, misuse, loss, disclosure, or alteration.

While every effort is made to maintain secure systems, no internet-based transmission or storage method can be guaranteed to be completely secure.

8. Data Retention

Personal data is retained only for as long as reasonably necessary for the purposes for which it was collected, including legal, insurance, safeguarding, or administrative requirements.

When information is no longer required, it will be securely deleted, anonymised, or disposed of appropriately.

9. Your Rights

Under UK GDPR, you may have the right to:

• Request access to your personal data

• Request correction of inaccurate information

• Request deletion of personal information where appropriate

• Restrict or object to certain types of processing

• Withdraw consent at any time where consent is relied upon

• Request transfer of your information to another provider where applicable

• Lodge a complaint with the UK Information Commissioner’s Office (ICO)

10. Cookies

This website may use cookies and similar technologies to improve website functionality, analyse traffic, and enhance user experience.

You may choose to accept or decline cookies through your browser settings or cookie preferences.

11. Policy Updates

This policy may be updated periodically to reflect changes in legal requirements, technology, or business practices. The most recent version will always be published on this page.

12. Contact

For questions relating to this Privacy & GDPR Policy or the handling of personal information, please contact us via the website contact form.