top of page
Untitled design (30).jpg

Privacy Policy

This Privacy Policy explains how Karen F Burke (“we”, “us”, “our”) collects, uses and protects your personal data when you use this website, book services, buy digital products, or contact us.

1) Who we are

Data Controller: Karen F Burke

We do not publish a physical address on this website. If you need an address for formal correspondence, please request it by email.

 

2) The personal data we collect

We may collect and process the following categories of personal data:

A) Information you provide

  • Contact details: name, email address, phone number, organisation (if relevant)

  • Enquiry details: the information you submit via forms, email, or messages

  • Booking details: appointment preferences, booking notes, and related admin information via Wix Bookings

  • Purchase details (digital products): billing name, email, order details, receipts and transaction references

  • Marketing preferences: whether you opt in/out of emails and what you choose to receive

B) Information collected automatically

  • Website usage data: device type, browser, IP address, approximate location, pages visited, time on pages, referral source

  • Cookies and similar technologies: see section 10

 

3) Special category data (health / wellbeing)

Some services may involve you sharing health or wellbeing information (for example, stress, symptoms, medical background, or sensitive personal circumstances). This is “special category data” under UK GDPR.

We only use this information to provide the service you request and to keep appropriate notes for continuity of care/support. We handle it with additional care and only access it where necessary.

Please avoid including sensitive health information in website forms if you would prefer to share it in a session instead.

 

4) How we use your data and our lawful basis

UK GDPR requires a lawful basis for processing personal data. We use your data for the purposes below:

A) To respond to enquiries and provide information

  • Purpose: reply to messages, discuss your needs, send information you request

  • Lawful basis: Legitimate interests (running our business and responding to enquiries)

B) To manage bookings and deliver services (including coaching, workshops and advisory support)

  • Purpose: schedule sessions, provide services, manage client relationships

  • Lawful basis: Contract (to deliver services you request)

C) To process payments and deliver digital products

  • Purpose: take payments, deliver digital products, provide receipts and customer support

  • Lawful basis: Contract

D) To meet legal and accounting obligations

  • Purpose: maintain business records for tax/accounting and compliance

  • Lawful basis: Legal obligation

E) To send marketing emails (only where permitted)

  • Purpose: newsletters, updates, resources, offers, launches

  • Lawful basis: Consent (and in limited cases, the “soft opt-in” under PECR where applicable)
    You can unsubscribe at any time using the link in our emails.

F) To improve the website and user experience

  • Purpose: analytics, performance monitoring, improving content and navigation

  • Lawful basis: Legitimate interests and, where required, Consent (for non-essential cookies)

Special category data (health):
Where you share health/wellbeing information, we process it because it is necessary for providing the service you request, and with appropriate safeguards. Where required, we will rely on your explicit consent or another applicable condition under UK GDPR.

 

5) Who we share your data with

We share personal data only when necessary to run the website and deliver services:

  • Wix.com (website hosting, forms, Wix Bookings, and any Wix-based e-commerce features)

  • Payment providers (as applicable): PayPal and/or Stripe
    Note: We do not receive or store full card details. Payment providers handle card processing.

  • Analytics: Google Analytics (if enabled)

  • Email and productivity tools: email provider(s) used to communicate with you

Each provider may act as a data processor or independent controller depending on the service. We do not sell your personal data.

 

6) International transfers

Some providers may store or process data outside the UK. Where this happens, appropriate safeguards are used (for example, adequacy regulations and/or contractual safeguards) to protect your personal data.

 

7) How long we keep your data (retention)

We keep your data only as long as needed for the purpose it was collected, and to meet legal/accounting requirements. Typical retention periods are:

  • Enquiries (non-clients): up to 12 months from last contact

  • Client records (including session notes and accounts): typically up to 7 years from the end of the relationship

  • Orders & payment records (digital products/services): typically up to 6–7 years

  • Marketing subscriptions: until you unsubscribe or we remove inactive contacts

If you ask us to delete data, we’ll do so where possible, but we may need to retain certain records for legal or accounting reasons.

 

8) Your rights

You have rights under UK GDPR, including the right to:

  • access your personal data

  • correct inaccurate data

  • request deletion (in certain circumstances)

  • restrict processing (in certain circumstances)

  • object to processing (in certain circumstances)

  • data portability (in certain circumstances)

  • withdraw consent (where processing is based on consent)

To exercise any of these rights, contact us at [insert email address].

 

9) Complaints

We’d appreciate the opportunity to resolve concerns directly.

You also have the right to complain to the UK regulator:
Information Commissioner’s Office (ICO) — ico.org.uk

 

10) Cookies

We use cookies and similar technologies to make the site work, understand usage, and improve performance.

  • Essential cookies are required for core site functionality.

  • Non-essential cookies (such as analytics and marketing cookies) may be used only where required and permitted via your cookie choices.

You can control cookies using the cookie banner (where provided) and via your browser settings.

 

11) Security

We take reasonable technical and organisational measures to protect your data. No online transmission is completely secure, but we use reputable providers and work to keep data protected from unauthorised access, loss or misuse.

 

12) Third-party links

This website may link to third-party websites or services (for example, social platforms or payment providers). We are not responsible for their privacy practices. Please review their privacy policies separately.

 

13) Changes to this policy

We may update this Privacy Policy from time to time. The most recent version will always be posted on this page with the updated date.

bottom of page