top of page
Carly-Nutrition-logo
BOOK A FREE DISCOVERY CALL

Privacy Policy

This Privacy Policy explains how Carly Nutrition collects, uses, stores, and protects your personal information. Carly Nutrition is committed to handling your data responsibly and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

1. Who We Are

​

Carly Nutrition is an independent nutrition coaching practice operated by Carly Jones, Associate Registered Nutritionist (ANutr, AfN), Registration No. 12539, and Level 3 Personal Trainer (CIMSPA Membership No. C044328), based in Portishead, Bristol.

​

Carly Jones is the data controller for the purposes of UK GDPR. If you have any questions about how your data is used, please contact:

​

Email: carly@carlynutrition.co.uk

​

Website: carlynutrition.co.uk

​

2. What Personal Data We Collect

​

Depending on how you interact with Carly Nutrition, we may collect the following types of personal data:

​

Contact and identity information

​

Your name, email address, phone number, and any other details you provide when contacting us via our website, email, or WhatsApp.

​

Health and lifestyle information

​

Information about your diet, health history, medical conditions, medications, lifestyle, and goals, which you provide through Practice Better intake forms or during coaching sessions. This is classed as special category data under UK GDPR and is handled with the highest level of care.

​

Booking and payment information

​

Details relating to your bookings, invoices, and payment history, processed through Practice Better.

​

Website usage data

​

Anonymous data about how you use our website, collected through Wix Analytics and Google Analytics. This includes pages visited, time spent on the site, and general location data. This data does not identify you personally.

​

3. Why We Collect Your Data and Our Legal Basis

​

We only collect and process your personal data where we have a lawful basis to do so under UK GDPR. The table below sets out the purposes for which we use your data and the legal basis for each:

​

To provide nutrition and movement coaching services

​

Legal basis: Performance of a contract. We need your health and contact information to deliver the services you have booked with us.

​

To communicate with you about your bookings and sessions

​

Legal basis: Performance of a contract. We use your contact details to send invoices, session reminders, and follow-up information via email or Practice Better.

​

To maintain accurate client records

​

Legal basis: Legitimate interests. Keeping records of your sessions, goals, and progress allows us to provide a safe and effective service.

​

To comply with legal obligations

​

Legal basis: Legal obligation. We may be required to retain certain records for accounting, tax, or regulatory purposes.

​

To analyse website performance

​

Legal basis: Legitimate interests. We use anonymised analytics data to understand how our website is used and to improve the experience for visitors.

​

4. How We Collect Your Data

​

We collect personal data in the following ways:

​

•  Via the contact or booking form on our website (carlynutrition.co.uk)

•  Via email to carly@carlynutrition.co.uk

•  Via WhatsApp or phone call

•  Via intake forms and client records within Practice Better

•  Automatically via Wix Analytics and Google Analytics when you visit our website

​

5. Where We Store Your Data

​

Your personal data is stored and processed using the following platforms:

​

Practice Better

​

Our client management platform, used to store intake forms, session notes, booking history, and invoices. Practice Better is compliant with applicable data protection standards. You can view their privacy policy at practicebetter.io.

​

Google Workspace (Gmail and Google Drive)

​

Used for email communication and storing documents. Google’s data centres are subject to appropriate safeguards. You can view Google’s privacy policy at policies.google.com/privacy.

All platforms we use are required to handle your data securely. We do not store paper-based client records.

​

6. Sharing Your Data

​

We do not sell, rent, or share your personal data with third parties for marketing purposes. Your data will only be shared in the following limited circumstances:

​

•  With service providers who help us operate our business (such as Practice Better and Google), who are bound by their own data protection obligations

•  With third-party testing laboratories, where you have chosen to proceed with functional or metabolic testing recommended as part of your coaching. In this case, only the information necessary for processing your test will be shared, and this will always be discussed with you in advance. Your consent to this is covered by your signed client agreement

•  Where we are legally required to do so, for example by a court order or regulatory authority

We will never share your personal health data with any other party without your explicit consent.

​

7. Cookies and Website Analytics

​

Our website uses cookies and analytics tools to help us understand how visitors use the site. We use Wix Analytics (built into our website platform) and Google Analytics for this purpose. The data collected is anonymised and does not identify you personally.

​

You can control cookie preferences through your browser settings or via the cookie consent banner on our website. For more information about how Google Analytics uses data, visit: policies.google.com/technologies/partner-sites.

​

8. How Long We Keep Your Data

​

We retain your personal data only for as long as necessary for the purposes it was collected, or as required by law. In practice, this means:

​

•  Client records and health information: retained for a minimum of 7 years following the end of our working relationship, in line with standard professional practice recommendations

•  Financial and invoicing records: retained for 6 years in line with HMRC requirements

•  Website analytics data: retained in line with the default retention settings of Wix Analytics and Google Analytics

After the applicable retention period, your data will be securely deleted.

​

9. Your Rights

​

Under UK GDPR, you have the following rights in relation to your personal data:

​

•  The right to access the data we hold about you

•  The right to have inaccurate data corrected

•  The right to request deletion of your data (the ‘right to be forgotten’), subject to legal retention obligations

•  The right to restrict or object to how we process your data

•  The right to data portability (to receive your data in a portable format)

​

To exercise any of these rights, please contact carly@carlynutrition.co.uk. We will respond within one calendar month of receiving your request.

​

10. Data Security

​

We take the security of your personal data seriously. We use password-protected platforms, secure cloud storage, and take reasonable technical and organisational measures to protect your data from unauthorised access, loss, or disclosure. In the event of a data breach that is likely to affect your rights, we will notify you and the Information Commissioner’s Office (ICO) as required by law.

​

11. Complaints

​

If you have a concern about how we handle your personal data, please contact us in the first instance at carly@carlynutrition.co.uk and we will do our best to resolve the matter promptly.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection regulator:

Website: ico.org.uk

Telephone: 0303 123 1113

​

12. Changes to This Policy

​

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The current version will always be available on our website at carlynutrition.co.uk. We will notify active clients of any significant changes.

bottom of page