Privacy Policy

Lotus Health & Holistics (lotushealth.uk)
Last updated: July 2026

1. Who we are

Lotus Health & Holistics ("we", "us", "our") provides kinesiology and complementary health services, including food intolerance testing and wellness consultations, both in person in Cheltenham, Gloucestershire and remotely across the UK.

We are the data controller for the personal information described in this policy. If you have any questions about this policy or how we handle your information, please contact us at:

Email: info@lotushealth.uk

2. The information we collect

We only collect information that we need in order to respond to your enquiries and provide our services. This may include:

Contact and enquiry information

  • Your name, email address, and phone number
  • Any information you include when contacting us through our website enquiry form, by email, or by phone

Booking and service information

  • Appointment details and correspondence relating to your sessions
  • Payment records (we do not store card details — payments are handled directly or through our payment provider)

Health and wellbeing information

  • Information you share with us about your health, lifestyle, diet, symptoms, and wellbeing goals in order for us to provide kinesiology and related services
  • Session notes and food intolerance testing results

Newsletter information

  • Your name and email address, if you choose to subscribe to our newsletter

3. Special category (health) data

Some of the information we collect — such as details about your health, symptoms, and wellbeing — is classed as "special category data" under UK data protection law and is given extra protection.

We only collect and use this information with your explicit consent, which we will ask for before your first session. You can withdraw your consent at any time by contacting us at info@lotushealth.uk, although this may mean we are unable to continue providing services to you.

4. How we use your information

We use your information to:

  • Respond to your enquiries and messages
  • Book, manage, and deliver your consultations and sessions
  • Keep appropriate records of the services we provide to you
  • Communicate with you about your appointments and ongoing care
  • Send you our newsletter, if you have subscribed (you can unsubscribe at any time)
  • Comply with our legal and insurance obligations

We will never sell your information to third parties, and we do not use your information for automated decision-making or profiling.

5. Our lawful bases for processing

Under UK GDPR, we rely on the following lawful bases:

  • Contract — to book and deliver the services you have requested
  • Explicit consent — for collecting and using your health and wellbeing information, and for sending you our newsletter
  • Legitimate interests — to respond to enquiries and manage our business in ways you would reasonably expect
  • Legal obligation — where we need to keep records for tax, accounting, or insurance purposes

6. How your information is stored

We keep our systems simple and secure. Your information is stored in:

  • Email — enquiries, correspondence, and service-related communication are handled through our secure email account
  • Client records — session notes and testing results are stored securely and are accessible only to your practitioner

We do not use a CRM system or share your details with marketing databases. Access to your information is limited to those who need it to provide your care.

7. Who we share your information with

We do not share your personal information with third parties, except:

  • Service providers who help us run our business (such as our email provider, website host, and payment provider), who are only permitted to use your information to provide services to us
  • Where required by law, for example to comply with a legal obligation or protect someone's vital interests

We will never share your health information with anyone else without your explicit consent, unless we are legally required to do so.

8. How long we keep your information

  • Enquiries that do not lead to a booking — deleted within 12 months
  • Client records and session notes — retained for 7 years after your last appointment, in line with insurance and professional record-keeping requirements
  • Financial records — retained for 6 years as required by HMRC
  • Newsletter details — retained until you unsubscribe

When your information is no longer needed, it is securely deleted.

9. Your rights

Under UK data protection law, you have the right to:

  • Access the personal information we hold about you
  • Correct information that is inaccurate or incomplete
  • Request deletion of your information (subject to our legal record-keeping obligations)
  • Restrict or object to how we use your information
  • Withdraw consent at any time, where we rely on consent
  • Data portability — receive your information in a usable format

To exercise any of these rights, email us at info@lotushealth.uk. We will respond within one month.

If you are unhappy with how we have handled your information, you have the right to complain to the Information Commissioner's Office (ICO):

Website: ico.org.uk
Helpline: 0303 123 1113

10. Cookies

Our website uses only the cookies necessary for it to function properly. We do not use advertising or tracking cookies. If this changes, we will update this policy and ask for your consent where required.

11. Children

Our services and website are intended for adults. Where we provide services to anyone under 18, we will always obtain consent from a parent or guardian first.

12. Changes to this policy

We may update this policy from time to time. Any changes will be posted on this page with an updated "last updated" date. Significant changes will be communicated to existing clients directly.


If you have any questions about this privacy policy or how we handle your information, please contact us at info@lotushealth.uk.