Privacy Policy
NutriBalance Website: https://www.nutribalance-health.com/
Email: info@nutribalance-health.com Last updated: May 2026
1. Introduction
At NutriBalance, your privacy and trust are at the heart of everything we do. This policy explains how we collect, use, store, and protect your personal information when you contact us, book a consultation, take part in our workshops or events, or engage with our website. We comply fully with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, ensuring that all personal information is handled lawfully, fairly, and transparently. The Data Controller responsible for your information is: Elina Deneva, Naturopathic Nutritional Therapist, trading as NutriBalance. Email: info@nutribalance-health.com
ICO Registration Number: ZC045558
2. What Information We Collect
We only collect information that is necessary to provide you with safe and effective naturopathic nutritional support. This includes: Personal contact information — your name, date of birth, address, phone number, email address, and (where relevant) occupation. Health and lifestyle information — your medical history, current and past symptoms, medications, supplements, family health background, dietary habits, sleep, stress levels, lifestyle factors, and any other information you share during consultations, on pre-consultation forms, or in food diaries. Information you submit via online forms — including the Pre-Consultation Form and Three-Day Food Diary, which are collected via Google Forms. Communications — emails, messages, and notes from our conversations. Website information — basic technical data such as your IP address and browsing activity (see Section 8 on Cookies). Some of the information we hold is classed as "special category data" under UK GDPR — including health, lifestyle, and wellbeing information. We handle this with the highest level of care and confidentiality.
3. How and Why We Use Your Information
We use your information to: Provide personalised naturopathic nutritional consultations, recommendations, and follow-up care Manage appointments, send reminders, and communicate about your sessions Order and interpret functional tests when clinically appropriate Maintain accurate client records as required by our professional standards Send you information about workshops, events, or new services — only where you have given consent Improve the quality and safety of our service
4. Our Lawful Bases for Processing
Under UK GDPR, we rely on the following lawful bases: For general personal data (Article 6): Performance of a contract — to deliver the consultation services you have requested Legitimate interests — to manage appointments and communications effectively Legal obligation — to meet professional record-keeping standards For health and special category data (Article 9): Explicit consent — given by you when you complete our pre-consultation form and confirm your agreement to receive nutritional therapy support Provision of healthcare — processing necessary for the provision of preventative or wellbeing services by a practitioner bound by a duty of professional confidentiality under the code of ethics of ANP / GNC. You have the right to withdraw your consent at any time by contacting us at info@nutribalance-health.com.
5. How Your Information Is Stored
Your records are stored securely and accessed only by your practitioner. Electronic records are held on password-protected, regularly backed-up devices, with encryption where possible. Paper records (where applicable) are kept in locked files within a secure environment. Information submitted via Google Forms is held on Google's secure servers. Only your practitioner has access, and any downloaded data is stored securely under our standard procedures. No other person or organisation has access to your data unless you provide written consent, or unless we are legally required to disclose it (see Section 7).
6. International Data Transfers
Some of the third-party services we use, such as Google (Google Forms, Gmail) may process or store data on servers located outside the United Kingdom, including in the United States. Where this occurs, we ensure that appropriate safeguards are in place — including the UK International Data Transfer Agreement, Standard Contractual Clauses, or adequacy decisions — so that your data remains protected to the same standard as it would be in the UK.
7. Sharing Your Information
We do not share your personal information with any third party for purposes unrelated to your care, except in the following circumstances: Functional testing laboratories — When clinically appropriate and with your explicit consent, we may share necessary information (such as your name, date of birth, contact details, and relevant clinical information) with laboratories who carry out functional tests on your behalf. These may include: Genova Diagnostics Lifecode GX Functional DX Regenerus Labs Mineral Check Each laboratory has its own privacy policy and is required to handle your data in compliance with UK GDPR or equivalent standards. We will always discuss any test with you in advance and obtain your consent before sharing your information. Service providers (data processors) — such as Google (for online forms and email), who process data on our behalf and are bound by data protection agreements. Legal or safeguarding obligations — where we are legally required to share information (for example, in cases of serious risk of harm to you or another person, or when required by a court order). Your GP or other healthcare professionals — only with your explicit written consent. We will never sell your data, share it for marketing purposes, or use it in ways you have not agreed to.
8. Cookies and Website Use
Our website uses cookies to help the site function properly and to improve your browsing experience. Cookies are small text files stored on your device by your browser. We use: Necessary cookies — essential for the site to function Functional cookies — to remember your preferences. You can disable cookies in your browser settings, though some parts of the site may not function correctly as a result. We do not use cookies to track personal information, serve advertisements, or share your data with third parties.
9. Children's Privacy
Where consultations or services involve a child or young person under the age of 18, we obtain consent from a parent or legal guardian. Records relating to minors are retained until the client reaches the age of 25, or for 7 years after the most recent consultation — whichever is later — in line with professional best practice.
10. Marketing Communications
From time to time, we may send you information about new services, workshops, events, or articles that may be of interest. We will only do so where you have given explicit consent (for example, by ticking a sign-up box). You can unsubscribe at any time by clicking the unsubscribe link in any email or by contacting us directly.
11. Social Media
If you interact with NutriBalance via social media (such as Instagram, Facebook, or LinkedIn), the platform's own privacy policy will apply to any data they collect. We do not transfer information from social media into your clinical record without your knowledge. We strongly recommend that you do not share personal health information via social media direct messages or public comments. If you wish to discuss your health, please contact us by email or through our website's secure contact form.
12. How Long We Keep Your Records
We retain client records for 7 years after your most recent consultation, in line with the requirements of our professional body and standard practice for healthcare records in the UK. For minors, records are retained until the client reaches 25, or for 7 years after the most recent consultation, whichever is later. After this period, records are securely destroyed (both electronic and paper) unless you have requested otherwise, or unless we are legally required to retain them.
13. Your Rights Under UK GDPR
You have the right to: Access the personal information we hold about you Rectify any factual inaccuracies Erase your data, where the legal retention period has passed Restrict or object to processing Data portability — to receive your data in a structured, commonly used format Withdraw consent for processing or communications at any time Not be subject to decisions based solely on automated processing Lodge a complaint with the Information Commissioner's Office (ICO) To exercise any of these rights, please contact us at info@nutribalance-health.com. We will respond within one month.
14. Security
Your information is protected through: Secure, password-protected electronic storage Encryption of sensitive files where possible Locked physical storage for any paper records Strict confidentiality procedures Restricted access — only your practitioner has access to your records While no system can ever be guaranteed 100% secure, we take all reasonable and proportionate steps to prevent loss, misuse, or unauthorised access.
15. Complaints
If you believe your personal data has been mishandled, please contact us first so we have the opportunity to address it: Data Controller: Elina Deneva Email: info@nutribalance-health.com If you are not satisfied with our response, you have the right to contact the Information Commissioner's Office (ICO) directly: Website: www.ico.org.uk Helpline: 0303 123 1113
16. Updates to This Policy
This privacy policy may be updated from time to time to reflect changes in our practice or legal requirements. The most current version will always be available on our website, and the "Last updated" date at the top will reflect any changes.
In summary
At NutriBalance, your privacy and trust are our priority. We handle all personal information with the utmost care and confidentiality, using it solely to support your health, wellbeing, and journey back into balance.