Privacy & Cookie Policy

At Bluestone Management Limited, trading as The Holistic Psychiatry Clinic, we are committed to protecting your personal information and upholding your rights under the UK General Data Protection Regulation (UK GDPR) and the Privacy and Electronic Communications Regulations (PECR).

Our website is accessible worldwide, but we are a UK-based company and operate in compliance with UK data protection laws.

We may collect the following personal information:

• Name
• Email address
• Phone number
• Postal address
• Date of birth
• Health and medical history (where provided)
• IP address and browser/device details
• Website usage data (via cookies and analytics tools)
• Any other data you voluntarily provide through forms or communication

We collect your data through the following channels:

1. Website contact forms
2. Appointment booking and enquiry processes
3. Newsletter sign-ups and lead magnets (e.g. downloadable resources and quizzes)
4. Cookies and analytics tools
5. Third-party platforms, including Stripe, Xero, Google Analytics, Google Fonts, Cloudflare, Kit, and Google Workspace

We use your personal data for the following purposes:

• To provide psychiatric and coaching services
• To communicate with you regarding your enquiries or appointments
• To deliver newsletters and relevant marketing communications (where consent has been given)
• To analyse website usage and improve user experience
• To fulfil legal, financial, and regulatory obligations

We process personal data under one or more of the following lawful bases:

• Consent — e.g. newsletter sign-up, cookies
• Contractual necessity — e.g. booking and delivering services
• Legal obligation — compliance with regulatory duties
• Legitimate interests — provided these do not override your rights

We may share your data with trusted third-party processors, including:

• Stripe — payment processor
• Xero — invoicing and accounting
• Google Workspace — cloud email and document storage
• Google Analytics — website usage tracking
• Google Fonts — website design consistency
• Cloudflare — security and content delivery network
• Kit — email marketing
• Semble — our secure client management system for medical record-keeping and communication
• Heidi AI — a GDPR-compliant AI-powered medical scribe used for secure medical transcription and documentation

All third-party services are selected based on their compliance with data protection regulations and their ability to provide appropriate technical and organisational safeguards. Some may store or process data outside the UK. In such cases, we ensure adequate protection is provided, including standard contractual clauses or equivalent safeguards.

We retain confidential client records in accordance with best practice and regulatory guidelines:

• Medical and psychiatric records are stored securely for a minimum of 8 years after the last contact, or as required by medical insurers or professional bodies
• Coaching and non-clinical records are typically retained for up to 7 years for professional, legal, and financial compliance

We review data retention regularly and securely delete records when they are no longer necessary.

We implement appropriate technical and organisational measures to protect your data, including:

• SSL encryption for all website traffic
• Secure servers with restricted access
• Data minimisation and regular reviews
• Security and performance services via Cloudflare

Under the UK GDPR, you have the right to:

• Access your personal data
• Request correction or deletion of your data
• Object to or restrict processing
• Withdraw consent at any time (where processing is based on consent)
• Lodge a complaint with the UK Information Commissioner's Office (ICO)

To exercise any of these rights, please contact us at admin@holisticpsychiatryclinic.com.

We use cookies to:

• Ensure basic functionality of the website
• Analyse traffic and performance (Google Analytics)
• Improve site security (Cloudflare)
• Personalise user experience

Upon visiting our site, you will see a cookie banner where you can accept or customise your cookie preferences. You can update or withdraw consent at any time.

Types of cookies we use

• Strictly Necessary Cookies — Required for site operation (e.g. security, session management)
• Performance Cookies — Help us understand how the site is used (e.g. via Google Analytics)
• Functionality Cookies — Enhance your experience (e.g. language preferences)

Our website is accessible globally. If you access our services from outside the UK, be aware that your data will be processed and stored in accordance with UK data protection laws.

We may update this policy periodically. Please refer to this page for the most current version. The "last updated" date at the top of this page reflects the latest revision.