Privacy Policy

Privacy Policy

Warrington Pain Clinic — Last updated: June 2026

Your privacy matters to us. This policy explains what personal information we collect, why we collect it, how we use it, and your rights under UK data protection law.

1. Who We Are

Warrington Pain Clinic is operated by Ema Gregory-Scott, Advanced Clinical Massage Therapist, trading from 82 Whitchurch Close, Warrington, WA1 4JZ.

Ema Gregory-Scott is the data controller for all personal data collected through this website and in the course of providing treatments. You can contact us at info@warringtonpainclinic.co.uk or on 07912 609143.

2. Our Principles

  • We will never sell your personal data.
  • We will never share your data with any third party for their own marketing purposes.
  • We will always keep your personal data secure.
  • We will never send you marketing emails without your consent.
  • We will only collect the data we genuinely need.

3. What Data We Collect and Why

Booking and appointment data

When you book an appointment we collect your name, email address, phone number, and payment information. This is necessary to fulfil your booking, process payment, and send you appointment confirmations and reminders. The legal basis for this processing is contract — it is necessary to provide the service you have requested.

Health data (consultation form)

Before your first appointment you are required to complete a consultation form. This collects information about your health, medical history, medications, and any conditions relevant to your treatment. This is special category data under UK GDPR and is treated with the highest level of care. We collect this data with your explicit consent and it is used solely to plan and deliver safe, appropriate treatment. It is also required for our professional insurance obligations.

You can withdraw consent for us to hold your health data at any time by contacting us — see Section 8 for your rights.

Website enquiries

If you contact us by email or via the Tidio chat widget on our website, we collect your name, email address, and the content of your message. This is used solely to respond to your enquiry. The legal basis is legitimate interests.

Email marketing

If you have opted in to receive our emails, we will send you occasional updates about availability, treatments, and offers. The legal basis for this is consent. You can unsubscribe at any time using the link at the bottom of any email.

Website analytics

We use Google Analytics to understand how visitors use our website. This collects anonymised data about pages visited, time spent on site, and how you found us. No personally identifiable information is collected through analytics. The legal basis is legitimate interests.

Cookies

Our website uses cookies. You will be asked for your consent to non-essential cookies when you first visit the site. You can manage your cookie preferences at any time via the cookie settings on our website. For full details please see our cookie notice displayed on the site.

4. Third Parties We Share Data With

We use a number of trusted third party services to operate our business. Where these services process your personal data, they do so on our behalf and are bound by data processing agreements. We do not sell or share your data with third parties for their own purposes.

  • Amelia (booking system) — stores your appointment bookings, contact details, and booking history within our WordPress website.
  • Stripe — processes card payments securely. We do not store your card details. Stripe’s privacy policy is available at stripe.com/gb/privacy.
  • Make.com — used to automate certain workflows such as connecting booking data to other systems. Data is processed within the EU.
  • Mailchimp — used to send email newsletters and campaigns to clients who have opted in to receive marketing emails. You can unsubscribe at any time.
  • Tidio — live chat software on our website. If you use the chat widget, your messages and contact details may be stored by Tidio.
  • Google Analytics — website analytics. See Section 3 above.
  • Smush (WPMU Dev) — image optimisation and content delivery network (CDN). Images on this website are served via their CDN infrastructure.
  • CookieYes — manages your cookie consent preferences on this website.

5. How Long We Keep Your Data

We keep client records, including consultation forms and appointment history, for a minimum of 7 years from your last appointment. This is in line with standard practice for health records and our professional insurance obligations.

If you have opted in to email marketing and have not engaged with our emails for an extended period, we may remove you from our mailing list.

You can request deletion of your data at any time — see Section 8.

6. Data Security

We take reasonable steps to protect your personal data from unauthorised access, loss, or disclosure. Our website uses HTTPS encryption. Payment processing is handled entirely by Stripe and we do not store card details on our systems.

Health data collected via the consultation form is stored securely within our website and is accessible only to Ema Gregory-Scott.

7. Transfers Outside the UK

Some of the third party services we use may process data outside the UK. Where this is the case, we ensure appropriate safeguards are in place in line with UK GDPR requirements, such as standard contractual clauses or adequacy decisions.

8. Your Rights

Under UK GDPR you have the following rights regarding your personal data:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can ask us to correct any inaccurate data.
  • Right to erasure — you can ask us to delete your personal data. Note that we may need to retain certain records for legal or insurance reasons.
  • Right to restrict processing — you can ask us to limit how we use your data.
  • Right to data portability — you can ask for your data in a portable format.
  • Right to object — you can object to us processing your data where we rely on legitimate interests.
  • Right to withdraw consent — where we process your data based on consent (such as health data or marketing), you can withdraw that consent at any time.

To exercise any of these rights, please contact us at info@warringtonpainclinic.co.uk. We will respond within one month.

If you are unhappy with how we have handled your data, you have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113.

9. Changes to This Policy

We may update this privacy policy from time to time. The current version will always be available on our website with the date it was last updated shown at the top.

Warrington Pain Clinic
82 Whitchurch Close, Warrington, WA1 4JZ
07912 609143
info@warringtonpainclinic.co.uk