Below is a GDPR- and UK-DPA-compliant privacy policy template you can adapt for Fern Psychology’s landing page. Be sure to replace anything in bold brackets with your actual details.
Privacy Policy
Fern Psychology (“we,” “us,” “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website at fernpsychology.com (the “Site”) and when you contact us.
1. Data Controller
Inaya Psychological services Ltd
Contact Email: inayatherapy@gmail.com
We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
-
Contact Form Data
-
Name
-
Email address
-
Phone number (optional)
-
Message details
-
-
Usage Data (automatically collected)
-
IP address
-
Browser type and version
-
Pages visited and time stamps
-
Referring site URLs
-
-
Cookies and Tracking
-
Session cookies (to keep you logged in)
-
Analytics cookies (e.g. Google Analytics)
-
Marketing cookies (if you opt in to our newsletter)
-
3. How We Use Your Data
We process your personal data for the following purposes and legal bases:
| Purpose | Data Collected | Legal Basis |
|---|---|---|
| Responding to contact inquiries | Contact Form Data | Consent / Contract |
| Improving website functionality and UX | Usage Data & Cookies | Legitimate interests¹ |
| Sending newsletters or marketing (opt-in) | Email address | Consent |
| Complying with legal obligations | Any personal data | Legal obligation |
¹ Our “legitimate interests” include maintaining site security, understanding user behaviour, and optimizing performance.
4. Sharing & Disclosure
-
Service Providers: We may share data with trusted third parties (e.g. hosting provider, analytics platform) strictly to perform services on our behalf.
-
Legal Requirements: We may disclose personal data if required by law or to protect our rights or safety.
-
No Sale of Data: We do not sell or rent personal data to third parties.
5. International Transfers
Your data may be stored or processed outside the UK/EEA (e.g. on U.S.-based servers). We use standard contractual clauses or other approved safeguards to ensure an adequate level of protection.
6. Data Retention
We retain contact form submissions and related personal data for as long as necessary to fulfill the purposes outlined here, or until you request deletion. Usage data and analytics are retained for up to 24 months.
7. Your Rights
Under the UK GDPR, you have the right to:
-
Access your personal data (Subject Access Request)
-
Rectify inaccuracies
-
Erase your data (“right to be forgotten”)
-
Restrict or object to processing
-
Data portability
-
Withdraw consent (where processing is based on consent)
To exercise these rights, contact us. We will respond within one month.
8. Cookies & Tracking Technologies
Our Site uses cookies. You can manage cookie preferences through your browser settings or via our cookie banner.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we’ll revise the Effective Date above and notify you via the Site or email if the changes are material.