GDPR Privacy Policy

Last updated: 19 June 2025

1. Who We Are

This Privacy Policy describes how we collect, use, and protect your personal data in accordance with the UK GDPR, the Data Protection Act 2018, and the PECR (Privacy and Electronic Communications Regulations).

PSY SOMA (Mind & Body Emotional Mastery)

Owned and operated by Suki Humby

Email: [email protected]

Phone: +44 (0)7547 247102

Website: https://www.psy-soma.com

2. What This Policy Covers

This policy applies when you:

  • Visit or interact with our website
  • Sign up for events or services
  • Contact us via forms, phone, or email
  • Join our mailing list
  • Engage with our Facebook/Instagram lead forms or ads

3. What Personal Data We Collect

We collect the following types of data:

a. Information you provide directly:

  • Name
  • Email address
  • Phone number
  • Health-related information (as part of booking/intake forms)
  • Preferences and interests (e.g. retreat interest, breathwork focus)

b. Information we collect automatically:

  • IP address and browser type
  • Pages visited and session length (via Google Analytics)
  • Device type and location data (approximate)

c. Data from third-party services:

  • Booking info from Acuity or Typeform
  • Lead forms via Facebook or Instagram
  • Mailing preferences via Mailchimp

4. How We Use Your Data

We only process your data when we have a lawful basis to do so:

Purpose

Lawful Basis (UK GDPR Article 6)

To respond to enquiries or provide services

Contract (Art. 6(1)(b))

To send newsletters or event updates

Consent (Art. 6(1)(a))

To improve website performance

Legitimate Interests (Art. 6(1)(f))

To process bookings or health intake forms

Consent / Contract

To comply with legal obligations

Legal Obligation (Art. 6(1)(c))
You can withdraw your consent at any time by emailing us at [email protected].

 

5. Marketing & Newsletter

If you opt in (e.g. via website form or ad), we may send you:

  • Newsletters and updates
  • Offers and event announcements
  • PSY SOMA-related content

All emails include an unsubscribe link. We use Mailchimp to manage this data.

 

6. Cookies and Tracking

Our website uses cookies to improve your experience and track usage data (e.g. Google Analytics).

We use a cookie banner that allows you to accept or decline non-essential cookies (such as analytics and Facebook Pixel tracking).

You can change your cookie preferences at any time in your browser settings. See Section 12 below for details.

 

7. Who We Share Your Data With

We may share your data with trusted third-party processors to help deliver our services. These include:

  • Acuity Scheduling (appointments and booking forms)
  • Mailchimp (mailing list management)
  • Meta (Facebook/Instagram ads and lead forms)
  • Typeform (intake forms)
  • Google Analytics (anonymous website usage data)
  • Our web hosting provider (secure UK/EU servers)

All data processors are GDPR-compliant. We do not sell or rent your data to anyone.

 

8. International Data Transfers

Some services (like Mailchimp and Meta) may store data outside the UK/EU. These providers use Standard Contractual Clauses or other lawful mechanisms to ensure your data is protected.

9. Data Retention

We retain your personal data for:

  • Up to 3 years after your last interaction or booking
  • Or until you ask us to delete it (if no legal reason prevents it)

You can request deletion or correction at any time.

 

10. Your Rights

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Withdraw consent
  • Request data portability
  • File a complaint with the Information Commissioner’s Office (ICO)

To exercise any of these rights, contact [email protected].

 

11. Data Security

We use secure servers, encryption (HTTPS), and data minimisation principles to protect your data. We also limit access to your personal data to only those who need it.

If there’s ever a data breach, we’ll notify affected users and the ICO within 72 hours as required by law.

 

12. Cookies (More Detail)

a. What are cookies?

Cookies are small files stored on your device. They help websites function, remember preferences, and understand user behaviour.

b. Types we use:

  • Essential: Required for basic site functionality
  • Analytics: Google Analytics
  • Advertising: Meta Pixel (if consented)

c. Managing cookies:

You can manage cookies via your browser or change preferences using our cookie banner.

See:

 

13. Complaints

If you’re unhappy with how we’ve handled your data, please contact us first at [email protected]. If unresolved, you may complain to:

Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Phone: 0303 123 1113

www.ico.org.uk