Medeinė Deginaitė — Registered Dietitian logo
Medeinė Deginaitė
Legal

Privatumo politika

Paskutinį kartą atnaujinta: April 2026

Teisiniai puslapiai pateikiami anglų kalba. Versija lietuvių kalba suteikiama paprašius — susisiekite su mumis.

This privacy policy describes how Medeinė Deginaitė (referred to as "we", "our", or "the practice") collects, uses, and protects personal information you provide through this website (medeinedietitian.co.uk) and when using dietetic services.

We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the standards expected of Health and Care Professions Council (HCPC) registrants.

1. Who we are

Medeinė Deginaitė is the data controller for personal information collected through this website and in the course of providing private dietetic services. The practice is run by a dietitian registered with the HCPC and is a full member of the British Dietetic Association (BDA).

To contact us about anything in this policy, email hello@medeinedietitian.co.uk.

2. What information we collect

We collect and process personal information in three contexts:

Website enquiries (contact form)

  • Your name
  • Your email address
  • The subject and content of your message
  • Your IP address (automatically logged for security and rate-limiting purposes)

Bookings

Bookings are taken via Cal.com. Cal.com collects your name, email address, time zone, and any questionnaire answers required to prepare for your session. Please see Cal.com's own privacy policy for how they handle this information.

Clinical records (clients only)

When you become a client, we collect additional information necessary for safe and effective dietetic care, including: health history, current medications, dietary history, relevant investigation results, goals and progress notes, and communication records. This information is held in secure electronic systems and is treated as confidential clinical information.

3. Lawful basis for processing

  • Contract: to provide the services you have booked and paid for.
  • Consent: for marketing communications (you can withdraw this at any time).
  • Legitimate interests: to respond to enquiries, to secure our website, and to run our practice.
  • Legal obligation: for tax and accounting records.
  • Vital interests / health: for clinical records, we rely on the special-category condition for the provision of health or social care and treatment by a health professional (UK GDPR Article 9(2)(h)).

4. How we use your information

  • To reply to enquiries and arrange consultations
  • To provide dietetic assessment, planning, and follow-up care
  • To send you written session summaries and educational resources
  • To take payment for services (via Stripe)
  • To maintain clinical records as required by HCPC standards
  • To meet legal, tax, and regulatory obligations

5. Who we share your information with

We do not sell your information, ever. We only share it with the small number of service providers necessary to run the practice, and only where contracts and data protection arrangements are in place:

  • Cal.com — appointment scheduling
  • Stripe — secure payment processing
  • Resend — delivering contact-form emails to our inbox
  • Vercel — website hosting and privacy-friendly analytics
  • Google Workspace / email provider — our email inbox

Where required by law, or where there is a genuine safeguarding concern, we may share information with relevant authorities or your GP. Wherever possible we will discuss this with you first.

6. International transfers

Some of our service providers process data outside the UK, including in the European Economic Area and the United States. Where this is the case, we rely on UK-approved safeguards such as International Data Transfer Agreements or Adequacy Decisions to ensure your information remains protected.

7. How long we keep your information

  • Website enquiries that do not become clients — deleted within 12 months.
  • Clinical records — retained for 8 years after your last consultation, in line with BDA and NHS guidance on dietetic records.
  • Financial records — retained for 6 years as required by HMRC.

8. Your rights

Under UK GDPR you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request erasure (with limits — clinical records must be retained for the period above)
  • Restrict or object to processing
  • Data portability for information you provided to us
  • Withdraw consent at any time where we relied on it
  • Complain to the Information Commissioner's Office (ICO) at ico.org.uk

To exercise any of these rights, please email hello@medeinedietitian.co.uk.

9. Cookies and analytics

This website does not use cookies for tracking, advertising, or profiling. We use Vercel Analytics, which is privacy-friendly and does not use cookies or collect personally identifiable information. Only minimal, aggregated page-view data is collected to understand how the site is used.

If we introduce any cookie-based tracking in future, we will update this policy and ask for your consent via a banner before anything non-essential is set.

10. Security

We take the security of your information seriously. Our website is served over HTTPS. Clinical information is held in dedicated healthcare systems with encryption at rest and in transit. Access to client data is limited to the practitioner.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date above will reflect the current version.