Privacy Policy for Dr. Ayiesha Malik’s Website and Services

Effective Date

Dr. Ayiesha Malik (“we”, “our”, “us”) is committed to protecting your privacy and ensuring that your personal data is handled securely and responsibly. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website and services, including wellbeing coaching, naturopathy, and homeopathy.

1. Data Controller

Dr. Ayiesha Malik is the data controller for personal information collected through this website and service provision.

Contact details:

2. Data Collection

We collect personal data in two main contexts:

2.1 Website Visitors (General Browsing)

When you visit our website without booking a service, we may collect the following information:

  • Technical information: IP address, browser type, operating system, device type, and website interactions (e.g., pages visited, time spent on pages).

  • Cookies and tracking data: We use cookies, including Facebook Pixel, to analyse website traffic, improve functionality, and for targeted advertising purposes.

  • Voluntary information: If you subscribe to our newsletter or fill out contact forms, we may collect your name, email address, and preferences.

Purpose:

  • To improve website functionality and user experience

  • To send communications you have requested (e.g., newsletters)

  • To measure and improve the effectiveness of advertising campaigns

Legal basis:

  • Legitimate interest (website analytics and functionality improvement)

  • Consent (for marketing communications)

2.2 Clients Booking Services (Coaching, Naturopathy, Homeopathy)

When you book or use services, we collect more detailed personal and health-related data necessary to provide care:

  • Identification information: Name, date of birth, contact details

  • Health information: Medical history, symptoms, current medications, lifestyle information, session notes

  • Payment information: Payment details required to process fees (via secure third-party payment processors)

Purpose:

  • To provide safe and effective wellbeing coaching, naturopathy, and homeopathy services

  • To manage appointments and process payments

  • To maintain accurate patient records for regulatory and legal compliance

Retention:

  • All client records, including consultation notes, are securely stored for a minimum of seven (7) years in line with UK professional and regulatory requirements.

Legal basis:

  • Contractual necessity (to provide services)

  • Legal obligation (for record-keeping and regulatory compliance)

  • Consent (for health-related communications and treatment)

Important Note:

  • Session notes are not automatically sent to your GP. It is your responsibility to inform your GP if you are also working with a naturopathic doctor.

3. How We Use Your Data

Your personal data is used for the following purposes:

  • To provide coaching, naturopathy, and homeopathy services

  • To communicate with you regarding appointments, treatment, or website inquiries

  • To process payments securely

  • To comply with legal and professional obligations

  • To analyse website traffic and improve website services

  • To provide targeted advertising via platforms such as Facebook (Facebook Pixel)

4. Cookies and Tracking Technologies

Our website uses cookies and other tracking technologies to enhance functionality and monitor performance:

  • Functional cookies: Essential for website operation

  • Analytical cookies: To understand website usage and improve user experience

  • Facebook Pixel: Used to track website interactions for advertising and remarketing purposes

You can manage or disable cookies through your browser settings, although some functionality may be affected.

5. Sharing Your Data

We do not share your personal or health information with third parties except:

  • Where required by law (e.g., safeguarding or legal obligations)

  • With your explicit consent

  • With trusted service providers who assist us in delivering services (e.g., secure payment processors), under strict data protection agreements

6. Data Security

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, or disclosure. This includes secure storage of patient records, encrypted communications, and secure servers for website data.

7. Your Rights under UK GDPR

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you

  • Correction: Request corrections to any inaccurate or incomplete data

  • Deletion: Request deletion of personal data where legally permissible

  • Restriction: Request restrictions on processing under certain circumstances

  • Objection: Object to processing for marketing purposes

  • Data portability: Request a copy of your data in a structured, commonly used format

To exercise your rights, please contact us using the details above.

8. Retention of Data

  • Website visitor data is retained as long as necessary to fulfil its purpose, such as analytics or marketing.

  • Client records, including consultation notes, are retained securely for a minimum of seven (7) years and are securely deleted thereafter.

9. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of these websites. Please review their privacy policies before providing any personal data.

10. Changes to this Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our services, technology, or legal obligations. Significant changes will be communicated via the website or email.

11. Contact

If you have questions about this Privacy Policy or our data practices, please contact: