Privacy Policy for Gaia Nutrition

Last Updated: 1 September 2025

 

Gaia Nutrition ("we," "us," or "our"), we are committed to protecting the privacy and security of our clients, including children and their guardians/parents, and visitors to our website, gaianutrition.org (the "Website"), hosted on the Wix platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Website or engage with our online sound frequency healing and rebalancing services (the "Services"). By using our Website or Services, you agree to the practices described in this policy.We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as well as other applicable laws, particularly regarding health-related data and children’s data.1. Information We CollectWe may collect the following types of information:a. Personal DataContact Information: Name, email address, phone number, or other details provided by clients or their guardians/parents when booking appointments, contacting us, or subscribing to newsletters.
Health-Related Data: Information about health or wellness goals shared during consultations for sound frequency healing/rebalancing, necessary to provide personalised Services. This is considered special category data under UK GDPR and may include data about children when provided by their guardians/parents.
Payment Information: Billing details (e.g., credit card or payment processor information) when you pay for our Services, processed securely via Wix Payments or third-party payment providers.
Account Information: If you create an account on our Website, we may collect login credentials, preferences, or other details you provide.

b. Children’s DataWhen providing Services to children, we collect personal data (e.g., name, age, health-related information) only with the explicit consent of their parent or legal guardian. This data is used solely to deliver the Services and is handled with extra care in accordance with UK GDPR.c. Non-Personal DataUsage Data: Information about how you interact with our Website, such as IP address, browser type, pages visited, time spent on pages, and referring URLs, collected via Wix analytics or similar tools.
Cookies and Tracking Technologies: We use cookies and similar technologies (e.g., Wix cookies, Google Analytics) to enhance your experience, analyse Website usage, and improve our Services. You can manage cookie preferences via the cookie banner on our Website or your browser settings.

​

2. How We Use Your InformationWe process your personal data based on lawful grounds under the UK GDPR, such as your consent, the performance of a contract, or our legitimate interests. We use your information to:Provide and personalise our sound frequency healing and rebalancing Services for adults and children (with guardian consent).
Process payments and manage bookings through Wix or third-party platforms.
Communicate with you or your guardian/parent, including responding to inquiries, sending appointment confirmations, or providing updates about our Services.
Send newsletters or promotional materials (with your explicit consent, where required).
Improve our Website and Services through analytics and user feedback.
Comply with legal obligations, such as maintaining records for health-related services or tax purposes.

For health-related data and children’s data, we process this information only with explicit consent or as necessary to provide the Services you or your guardian/parent have requested.

 

3. How We Share Your InformationWe do not sell or rent your personal data. We may share your information in the following circumstances:Service Providers: With trusted third parties, such as Wix (our Website host), payment processors (e.g., Wix Payments, PayPal, Stripe), or scheduling platforms, who act as data processors under our instructions and in compliance with UK GDPR.
Legal Requirements: To comply with legal obligations, such as responding to court orders, regulatory requirements, or requests from the UK Information Commissioner’s Office (ICO).
Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, with appropriate safeguards in place.
With Your Consent: For any other purpose with your or your guardian’s explicit permission.

Wix, as our Website host, processes certain data (e.g., usage data, contact information) on our behalf. For details on Wix’s data practices, please review Wix’s Privacy Policy.

 

4. Lawful Basis for ProcessingUnder UK GDPR, we process your personal data based on the following lawful grounds:Consent: For marketing communications, health-related data, children’s data (via guardians/parents), or certain cookies.
Contract: To provide Services, process payments, or manage bookings.
Legitimate Interests: For Website analytics, improving our Services, or fraud prevention, where these interests do not override your rights.
Legal Obligation: To comply with regulatory or tax requirements, including record-keeping for health services.

 

5. Your RightsUnder the UK GDPR and Data Protection Act 2018, you (or your guardian/parent, for children) have the following rights regarding your personal data:Access: Request a copy of the personal data we hold about you.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion of your data, subject to legal or contractual limitations (e.g., health record retention requirements).
Restriction: Request that we restrict processing of your data in certain circumstances.
Objection: Object to processing based on legitimate interests or for direct marketing.
Data Portability: Request a copy of your data in a structured, machine-readable format.
Withdraw Consent: Withdraw consent at any time where we rely on it for processing (e.g., marketing emails, health data, or children’s data).

To exercise these rights, contact us at annie@gaianutrition.org (mailto:annie@gaianutrition.org). We will respond within one month, as required by law.

 

6. Data SecurityWe implement appropriate technical and organisational measures to protect your personal data, including children’s data and health-related data, from unauthorised access, loss, or misuse. These include secure data storage, encryption (e.g., via Wix’s SSL technology), and access controls. However, no online system is completely secure, and we cannot guarantee absolute security.

 

7. Data RetentionWe retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, comply with legal obligations, or resolve disputes. For example:Contact and booking data is retained for the duration of our service relationship and up to 7 years for tax purposes.
Health-related data (including children’s data) is retained in accordance with UK health practitioner guidelines, typically for 7 years after your last appointment (or until a child reaches 25, if longer, for services provided to minors), unless you or your guardian request deletion sooner (subject to legal requirements).

 

8. International Data TransfersAs a UK-based online business, your data is primarily processed in the UK. However, some of our service providers (e.g., Wix, payment processors) may process data in the United States or other countries outside the UK. Where data is transferred outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, in compliance with UK GDPR.

 

9. Third-Party LinksOur Website may contain links to third-party websites or services (e.g., payment processors, scheduling tools). We are not responsible for their privacy practices. We encourage you to review their privacy policies before providing personal data.

 

10. CookiesWe use cookies and similar technologies to enhance your experience and analyse Website performance. Wix may also set cookies for functionality and analytics. You can manage your cookie preferences via the cookie banner on our Website or your browser settings. For more details, see our Cookie Policy (#) [Note: You may need to create a separate Cookie Policy or link to Wix’s cookie information].

 

11. Children’s PrivacyOur Services are available to children with the explicit consent of their parent or legal guardian. We collect and process children’s personal data (e.g., name, age, health-related information) only with guardian consent and for the purpose of providing sound frequency healing/rebalancing Services. We take extra care to protect children’s data, ensuring compliance with UK GDPR’s requirements for processing minors’ data.

 

12. Changes to This Privacy PolicyWe may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our Website with a revised "Last Updated" date or, where required, by direct communication (e.g., email to guardians for children’s data). Your continued use of our Website or Services constitutes acceptance of the updated policy.

 

13. Contact UsIf you have questions, concerns, or wish to exercise your data protection rights, please contact us at: annie@gaianutrition.org