top of page

Privacy Policy

Last updated: 15/3/2026

 

This Privacy Policy explains how The Witch Wellness Ltd (“The Witch”, “we”, “our”, “us”) collects, uses, and protects your personal data when you visit www.thewitch.co or use our services.

 

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

1. Who We Are

 

The Witch Wellness Ltd provides wellness and body optimisation services including body contouring treatments, lymphatic optimisation therapies, and wellbeing services.

 

Website: www.thewitch.co

Email: info@thewitch.co

 

For the purposes of data protection law, The Witch Wellness Ltd is the data controller responsible for your personal information.

 

2. Information We Collect

 

We may collect and process the following types of personal data.

 

Personal Identification Information

  • Name

  • Email address

  • Phone number

  • Address

 

Booking Information

  • Appointment bookings

  • Treatment history

  • Purchase history

 

Health Information

 

Where required for safety, we may collect:

  • medical history

  • contraindications

  • medications

  • lifestyle information relevant to treatments

 

This information is classified as special category data under UK GDPR.

 

Website Usage Information

 

When you use our website we may collect:

  • IP address

  • browser type

  • device information

  • pages visited

  • referral sources

 

This information helps us improve our website and services.

 

3. How We Use Your Information

 

We use personal data to:

 

  • manage bookings and appointments

  • provide treatments safely

  • communicate with clients

  • process payments

  • maintain treatment records

  • improve our services

  • comply with legal obligations

 

We will only use your data where we have a lawful basis to do so.

 

4. Legal Basis for Processing

 

Under UK GDPR, we rely on the following legal bases:

 

Contractual Necessity

 

To provide services you request, such as booking and delivering treatments.

 

Consent

 

For collecting health information and for marketing communications.

 

Legitimate Interests

 

To operate and improve our business and services.

 

Legal Obligations

 

To comply with regulatory or legal requirements.

 

5. Special Category Health Data

 

Some treatments require health information to ensure treatments are safe.

 

This information is processed only:

 

  • with your explicit consent

  • to assess suitability for treatment

  • to maintain safe clinical records

 

We treat this information as strictly confidential.

 

6. How We Store and Protect Data

 

We take appropriate technical and organisational measures to protect your data.

 

This includes:

 

  • secure digital systems

  • restricted staff access

  • password-protected systems

  • encrypted storage where applicable

 

We retain personal data only for as long as necessary.

 

Treatment records may be retained for up to 7 years for clinical and legal purposes.

 

7. Sharing Your Data

 

We do not sell personal data.

 

Your information may be shared with trusted third parties where necessary, including:

 

  • payment providers

  • booking software providers

  • website hosting platforms

  • insurers where required

 

These providers process data only on our instructions and are required to maintain confidentiality.

 

8. Cookies

 

Our website may use cookies to improve user experience.

 

Cookies help us:

 

  • understand website traffic

  • remember preferences

  • improve website functionality

 

You can disable cookies through your browser settings.

 

9. Marketing Communications

 

If you subscribe to our newsletter or marketing communications, we may send you updates about:

 

  • treatments

  • offers

  • events

  • wellbeing content

 

You may unsubscribe at any time using the link provided in emails.

 

10. Your Rights

 

Under UK GDPR you have the right to:

 

  • access your personal data

  • correct inaccurate information

  • request deletion of your data

  • restrict processing

  • withdraw consent

  • request data portability

 

To exercise these rights please contact us.

 

11. Third-Party Websites

 

Our website may contain links to external websites.

 

We are not responsible for the privacy policies of third-party sites.

 

12. Changes to This Policy

 

We may update this Privacy Policy from time to time.

 

The latest version will always be available on our website.

 

13. Contact Us

 

If you have any questions about this Privacy Policy or how we handle your data, please contact:

 

Email: info@thewitch.co

Website: www.thewitch.co

 

14. Complaints

 

If you are not satisfied with how your data is handled, you have the right to lodge a complaint with the Information Commissioner’s Office.

 

Website: www.ico.org.uk

bottom of page