Privacy Policy

1Scope

This Privacy Policy explains how personal data is collected, used, stored, and protected by Corinna Kitchen and Ayurveda Wellbeing.

Personal data refers to information that relates to an identified or identifiable living individual.

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

2Data Controller

The data controller responsible for your personal data is:

Corinna Kitchen
Ayurveda Wellbeing
3 Castle View, Westgate Street, Lewes, BN7 1AD
Email: corinna@corinnakitchen.com

One-to-one biodynamic psychotherapy and biodynamic massage, where offered, operates under a separate professional and therapeutic framework with additional confidentiality and consent processes.

3Types of Personal Data We Collect

Depending on how you engage with us, we may collect:

• Name, email address, postal address, and telephone number
• Payment and transaction information (processed securely via third-party providers)
• Account and platform access details
• Programme enrolment and participation data
• Communications and correspondence with us
• Website usage data, including IP address and cookie data

For one-to-one biodynamic psychotherapy only, additional personal and sensitive data may be collected under a separate therapeutic privacy and consent agreement.

4How We Use Your Personal Data

We use personal data to:

• Deliver programmes, workshops, retreats, digital products, and physical goods
• Provide access to online platforms and communities
• Respond to enquiries and provide customer support
• Manage payments, refunds, and transactions
• Send essential service communications
• Send marketing communications where consent has been given
• Improve our website, offerings, and user experience

We only collect data that is necessary for these purposes.

5Legal Basis for Processing

We process personal data under the following lawful bases:

• Contractual necessity – to deliver products and services you have purchased
• Consent – where you have opted in to receive communications
• Legitimate interest – to respond to enquiries and operate our business
• Legal obligation – for accounting and regulatory compliance

You may withdraw consent for marketing communications at any time.

6Marketing Communications

You will only receive marketing communications if you have actively opted in.

You can unsubscribe at any time using the link in our emails or by contacting corinna@corinnakitchen.com.

We do not sell, rent, or trade your personal data.

Lawful Basis for Marketing

Where you have purchased products or services from us, we may send information about similar products, services or events where permitted by law. You may opt out at any time.

7Data Sharing and Disclosure

We keep your personal data confidential.

Your data may be shared only with trusted third parties where necessary, including:

• Payment processors
• Website and platform providers (such as hosting and community platforms)
• Email communication providers

All third parties are required to process data securely and in accordance with GDPR.

We may disclose personal data if legally required to do so.

8Data Retention

We retain personal data only for as long as necessary:

• Customer and transaction data: up to 7 years for accounting and legal purposes
• Programme access data: for the duration of access plus a reasonable administrative period
• Marketing data: until consent is withdrawn

Therapeutic records (where applicable) are retained in accordance with professional and legal requirements and governed by separate documentation.

9Data Storage and Security

All personal data is stored securely using appropriate technical and organisational measures.

Data is primarily stored within the United Kingdom or with GDPR-compliant service providers.

We take reasonable steps to protect personal data from loss, misuse, unauthorised access, or disclosure.

9AInternational Data Transfers

Some of our service providers may process or store data outside the United Kingdom.

Where personal data is transferred internationally, we take reasonable steps to ensure that appropriate safeguards are in place and that personal data remains protected in accordance with UK GDPR requirements.

Such safeguards may include adequacy regulations, contractual safeguards, or reliance upon GDPR-compliant service providers.

10Cookies

Our website uses essential and analytical cookies to ensure functionality and to understand website usage.

You can manage or disable cookies through your browser settings. Disabling cookies may affect website functionality.

Further information about cookies used by our website platform can be found in our Cookie Preferences section.

11Your Rights Under GDPR

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request erasure of data (where applicable)
• Restrict processing
• Object to processing, including marketing
• Request data portability

Requests can be made by contacting corinna@corinnakitchen.com. We aim to respond to all legitimate requests within one calendar month as required under UK GDPR.

12Complaints

If you have concerns about how your personal data is handled, please contact us first so we can address the issue.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
https://ico.org.uk/

13Contact Details

For all privacy-related enquiries:
Email: corinna@corinnakitchen.com