Privacy Policy

Learn more

Privacy Policy – Salūs by Ali Crampton

Current as of 29/10/2025

This is the privacy policy of Ali Crampton trading as Salūs by Ali Crampton, operated by Alison Crampton (UK Registered Business Number if applicable). If you have any questions or need further information, please email hello@salusbyalicrampton.com.

Salūs by Ali Crampton acts in accordance with key legislation and regulatory requirements for respecting and maintaining client information and privacy. Personal information is required to provide professional health services. This document describes how I collect and manage your personal and sensitive information when you interact with my business.

I comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. I also aim to comply with EU GDPR where visitors from the EU may access this site.

PERSONAL INFORMATION

If you engage with me via this website or become my client, I may collect the following personal information:

  • Your name, email address, phone number, postal address, date of birth, and occupation

  • Country of residence

I may collect and use your personal information to:

  • Respond to your enquiries

  • Provide my products or services at your request

  • Monitor or improve the use of and satisfaction with my website, products, or services

  • Share clinic news and updates relevant to my work

  • Notify you about services or products that may be of interest

COLLECTION OF PERSONAL INFORMATION

I collect personal information to provide quality health services and manage your health needs. Where practicable, I will collect personal information directly from you or sources authorised by you.

I may collect information via:

  • Contact through email, phone, or website forms

  • Webinars, seminars, or events

  • Social media correspondence (Facebook, LinkedIn, Instagram, etc.)

  • Booking a consultation or purchasing a product/service

  • Intake forms completed at your first appointment

  • Information from referrals by other professionals (with your consent)

I only collect information:

  • With your full awareness and consent

  • If required to provide the services or products you request

  • If required by law or necessary to protect someone from harm

  • For administrative purposes if you become a client

  • Where I have a legitimate interest in marketing, with an opt-out option

Failure to provide requested information may prevent me from providing services effectively.

I may send updates about my services if you have opted in; you can unsubscribe at any time.

SENSITIVE INFORMATION

Sensitive information (special category data under UK GDPR) may include:

  • Medical history, medications, allergies, pathology results

  • Family medical history

  • Diet and lifestyle information

Sensitive information is collected securely via:

  • Intake forms in Practice Better (Practice Better Privacy Policy)

  • Secure Practice Better or in-person consultations

  • Secure payment methods such as Stripe

  • Email (less secure; alternative options available on request)

This information is collected to:

  • Provide requested services effectively

  • Ensure services are appropriate and safe

Sensitive data is stored securely on password-protected devices and, where applicable, on cloud services provided by trusted third-party platforms.

COLLECTION OF INFORMATION FROM MINORS

  • Information from individuals under 18 is considered sensitive.

  • Collected only with parental/guardian consent.

  • Stored securely in accordance with this Privacy Policy.

DISCLOSURE OF INFORMATION

I may disclose information to:

  • Provide requested services or products

  • Refer you to other professionals at your request

  • Engage support services (e.g., accounting, IT, legal, marketing)

  • Share de-identified information for professional supervision

I will disclose information if legally required or if there is a risk of harm, in line with UK law.

Third-party providers assisting my business are required to maintain confidentiality and follow protective privacy policies.

SECURITY

I take reasonable physical, technical, and administrative safeguards to protect your information from misuse, loss, and unauthorised access.

I manage risk by:

  • Securely storing files

  • Restricting access to necessary personnel

  • Sharing information with service providers on a strictly need-to-know basis

  • Conducting regular security audits

Third-party service providers may include:

Electronic communication (email, Zoom, social media) carries inherent risks. If concerned about sensitive data, please discuss alternative methods.

COOKIES AND GOOGLE ANALYTICS

  • Cookies are used to improve user experience and analyse website usage.

  • Browser settings can disable cookies, but functionality may be affected.

  • My website uses Squarespace analytics and Google Analytics (GA Privacy)

  • Google Analytics opt-out: https://tools.google.com/dlpage/gaoptout

ACCESS TO INFORMATION

You can request access, correction, or updates to your personal information. I will respond within 30 days, unless legal obligations prevent disclosure.

COMPLAINTS

If you have concerns about data handling:

  • Contact me via email; I will respond within 30 days.

  • If unresolved, UK clients may contact the Information Commissioner’s Office (ICO): https://ico.org.uk

  • Irish clients may contact the Data Protection Commission (DPC): https://www.dataprotection.ie

NOTIFICATION OF CHANGES

This Privacy Policy may be updated. Revised policies will be posted on the website, and clients notified of significant changes.

DATA BREACH NOTIFICATION

In the event of a serious data breach posing risk to individuals:

  • I will assess and take remedial action immediately.

  • UK clients will be notified in accordance with UK GDPR (typically within 72 hours to the ICO).

  • If required, clients will be informed directly or via website notice.

Thank you for reading this Privacy Policy. This document was created with the support of Carefree Counsel. Copying without permission infringes copyright.