Privacy Policy
Introduction
Eating Disorder Recovery Ltd, trading as Eating Disorder Recovery, Eating Disorder Recovery Training, Eating Disorder Recovery Associates and The Eating Disorder Recovery Clinic (“we”, “our”, “us”), is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, use, and protect your personal data when you:
- visit our website (https://edrecovery.co.uk)
- contact us (e.g. by email, phone, or post)
- engage with our services
Please read this policy carefully.
Information We Collect:
We may collect and process the following types of data:
Personal Data
- Name, address, email address, phone number, and other contact details
Special Category Data (Sensitive Data)
- Information relating to your physical and mental health
- Information shared during appointments
- This may include details such as gender identity, sexuality, religious beliefs, or other sensitive information where relevant to your care
Technical Data
- IP address, browser type and version, time zone setting, operating system, and device information
Usage Data
- Information about how you use our website and services
Marketing and Communications Data
- Your preferences in receiving marketing communications
Financial Data
- Payment information where relevant
How We Collect Information
We collect data in the following ways:
Direct interactions, including when you:
- Complete forms on our website
- Contact us via email, phone, or post
- Engage in appointments or services
- Subscribe to communications
- Provide feedback
How We Use Your Information
We will only use your personal data where the law allows us to.
This includes:
- Responding to enquiries
- Providing and managing your care
- Managing our relationship with you
- Administering appointments and services
- Maintaining clinical records
- Communicating with other professionals involved in your care where appropriate
- Improving our services and website
- Sending relevant information or updates where appropriate
Sharing Your Information
We may share your personal data where necessary for your care, our operations, or where required by law.
This may include:
- Clinicians and associate practitioners involved in your care
- Your GP, who will be contacted when you begin treatment and when you are discharged from our service
- Other healthcare professionals, where appropriate to support your treatment
- Professional advisers (e.g. legal, accounting, insurance)
- Regulators or authorities, where required by law
The initial contact with your GP is a brief introduction to inform them that you are receiving support from our clinic and to clarify that we are not responsible for your physical health monitoring. A discharge letter will also be sent when your treatment ends.
We do not routinely share ongoing details of your treatment with your GP. However, we may share additional relevant information during treatment where there is a clinical need to do so or at your request.
We will always share only the minimum necessary information relevant to your care.
We do not sell your personal data.
Legal Basis for Processing Your Information
We process your personal data under the following legal bases:
- Consent – where you have given clear permission
- Contractual necessity – to provide services to you
- Legal obligation – to comply with legal or regulatory requirements
- Legitimate interests – where necessary for our business operations
For special category data, we process this under:
- Provision of health or social care
- Explicit consent, where required
Data Security
We have appropriate security measures in place to protect your data from:
- unauthorised access
- loss
- misuse
- alteration or disclosure
Access is limited to those who have a legitimate need.
We also have procedures in place to deal with any suspected data breach.
Data Retention
We retain your personal data only for as long as necessary.
For clinical records:
- Adult records are typically retained for 7 years after discharge
- Records for clients under 18 are retained until age 25
We may retain data longer where required by law.
International Transfers
We do not routinely transfer your data outside the UK or EEA.
Your Rights
Under UK GDPR, you have the right to:
- Access your data
- Request correction of inaccurate data
- Request deletion (where applicable)
- Restrict processing
- Object to processing
- Request transfer of your data
To exercise your rights, please contact us.
Third Party Links
Our website may contain links to other websites. We are not responsible for their privacy practices.
Changes to This Policy
We may update this policy from time to time. Updates will be posted on our website.
Contact Us
If you have any questions or wish to exercise your rights:
Email: hello@edrecovery.co.uk
Address: 34a St Mary Street, Bridgwater, TA6 3LY