Privacy Policy

Last Updated: 22 May 2025

Introduction

At Island BodyTalk (“we,” “our,” or “us”), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website, book sessions, or engage with our BodyTalk services.

This policy applies to all visitors and clients of our website and services, regardless of location. We comply with applicable privacy laws including the General Data Protection Regulation (GDPR), UK GDPR, and California Consumer Privacy Act (CCPA).

Information We Collect

Personal Information You Provide

  • Contact Information: First name, last name, email address, and phone number
  • Health Information: Information you provide in intake forms, session notes, and feedback forms related to your health, wellness goals, and BodyTalk sessions
  • Location Information: Country information collected through feedback forms
  • Communication Records: Records of our communications with you, including emails and session notes
  • Payment Information: Billing information processed through our payment provider (Stripe)

Information Collected Automatically

  • Website Usage Data: Through Google Analytics, we collect information about how you use our website, including pages visited, time spent, and navigation patterns
  • Technical Information: IP address, browser type, device information, and referring website
  • Cookies: We use cookies as described in our Cookie Policy below

How We Use Your Information

We use your personal information for the following purposes:

Primary Services

  • BodyTalk Sessions: To provide personalized BodyTalk treatments and maintain your health records
  • Appointment Management: To schedule, confirm, and manage your appointments through Calendly
  • Communication: To respond to inquiries, provide session updates, and send important information about your care
  • Payment Processing: To process payments for services through Stripe

Marketing and Communication

  • Newsletter: To send you our newsletter through Kit.com (only with your explicit consent)
  • Practice Updates: To inform you about our services, workshops, and relevant health information via Brevo.com
  • Website Improvement: To analyse website usage through Google Analytics and improve user experience

Legal and Administrative

  • Record Keeping: To maintain accurate health records as required by IBA (International BodyTalk Association) professional standards
  • Legal Compliance: To comply with applicable laws and regulations
  • Business Operations: To manage our practice operations and improve our services

Legal Basis for Processing (GDPR)

For users in the EU and UK, we process your personal information based on:

  • Consent: For newsletter subscriptions and marketing communications
  • Contract Performance: To provide BodyTalk services you’ve requested
  • Legitimate Interests: To improve our website, analyze usage, and operate our business
  • Legal Obligation: To maintain health records as required by IBA professional standards and applicable laws

Third-Party Services

We work with trusted third-party service providers who may process your information:

Service Providers

  • Calendly: Appointment scheduling and calendar management
  • Stripe: Payment processing and billing
  • Kit.com (formerly ConvertKit): Newsletter management and email marketing
  • Brevo.com: Email communications and client updates
  • Google Analytics: Website analytics and usage tracking

Data Protection

All third-party providers are selected based on their privacy standards and data protection measures. These providers operate under their own privacy policies and terms of service, which include commitments to protect user data according to applicable privacy laws.

Data Retention

We retain your information for the following periods:

  • Health Information: 12 months from your last session
  • Feedback Data: 12 months from submission
  • Contact Information: Until you request deletion or unsubscribe from our communications
  • Website Analytics: Anonymised data retained according to Google Analytics settings
  • Payment Records: As required by financial regulations and tax laws

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Universal Rights

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Opt-out: Unsubscribe from marketing communications at any time

Additional Rights (EU/UK/California)

  • Data Portability: Request a copy of your data in a portable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for processing where applicable

To exercise these rights, please contact us using the contact form provided below.

Cookies

Our website uses cookies to enhance your browsing experience:

Types of Cookies

  • Essential Cookies: WordPress functionality cookies required for website operation
  • Analytics Cookies: Google Analytics cookies to understand website usage
  • Preference Cookies: To remember your choices and preferences

Cookie Control

You can control cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Sensitive data is encrypted in transit and at rest
  • Access Controls: Limited access to personal information on a need-to-know basis
  • Regular Updates: Security measures are regularly reviewed and updated
  • Third-Party Security: All service providers maintain appropriate security standards

International Data Transfers

As we serve clients worldwide, your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

  • Adequacy Decisions: Transfers to countries with adequate data protection
  • Standard Contractual Clauses: For transfers to countries without adequacy decisions
  • Consent: Where required by law

Health Information Privacy

We recognise the sensitive nature of health information and take additional steps to protect it:

  • Professional Standards: We follow professional standards for health information privacy
  • Limited Access: Health information is only accessed by authorized practitioners
  • Secure Storage: Health records are stored securely with appropriate encryption
  • Client Control: You have the right to access and request corrections to your health records

Children’s Privacy

Our services are not directed to children under 16. If we become aware that we have collected personal information from a child under 16 without appropriate consent, we will delete such information promptly.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by:

  • Email Notification: For significant changes affecting your rights
  • Website Notice: Posting updates on our website
  • Date Updates: Updating the “Last Updated” date at the top of this policy

How To Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us through our contact form below.

We will respond to all privacy-related inquiries within 30 days.

Complaints

If you believe we have not handled your personal information in accordance with this policy or applicable laws, you have the right to lodge a complaint with:

  • EU: Your local data protection authority
  • UK: Information Commissioner’s Office (ICO)
  • California: California Attorney General’s Office
  • Other locations: Your local privacy regulator

Consent

By using our website and services, you acknowledge that you have read and understood this Privacy Policy. For specific processing activities requiring consent (such as newsletter subscriptions), we will obtain your explicit consent before processing your information.

This Privacy Policy is designed to be transparent about our data practices while ensuring compliance with applicable privacy laws. If you have any questions or concerns, please don’t hesitate to contact us.

Have Questions or Wish To Exercise Your Rights? Contact Us

First Name
Last Name
Email
Message
Your request has been submitted successfully!
There has been some error while submitting the form. Please verify all fields and try again.