top of page

Privacy Policy

A Legal Disclaimer

Neuroshine is committed to protecting your privacy and handling your data transparently, fairly, and lawfully in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our ADHD-related services in the United Kingdom.

1. Information We Collect

We may collect and process the following categories of data:

Personal Information

  • Name, email address, contact number

  • Address (if needed for billing or communication)

  • Account login details (if applicable)

Health Information (Special Category Data)

  • ADHD-related health data, including symptoms, diagnosis, treatment notes, or preferences

  • Session notes from coaching or therapeutic services

  • Forms, assessments, and related submissions

Technical and Usage Data

  • IP address, browser type, device ID

  • Website navigation data, time spent on pages

  • Cookies and analytics data (see section 7)

Financial Information

  • Payment and billing details (processed securely through third-party payment providers)

2. Lawful Basis for Processing

We only process your personal data when we have a lawful basis to do so. These may include:

  • Consent – when you give us clear permission

  • Contract – to fulfil a service you’ve requested

  • Legal obligation – where we’re required by law

  • Vital interests – in an emergency or safeguarding context

  • Legitimate interests – for secure, efficient service delivery (e.g., fraud prevention)

For special category data (e.g., health), we may rely on your explicit consent or other bases such as provision of health or social care.

3. How We Use Your Information

We use your information to:

  • Provide ADHD-related services (coaching, education, support)

  • Schedule and manage appointments

  • Personalise your experience and content

  • Communicate with you effectively

  • Improve our services

  • Maintain records and comply with regulations

4. Sharing Your Information

We do not sell or rent your data. We may share data with:

  • Service providers (e.g., web hosting, video conferencing, analytics)

  • Health or social care professionals, with your consent

  • Legal or regulatory authorities, when required

All partners must comply with UK GDPR and implement suitable data protection measures.

5. Data Security

We implement appropriate technical and organisational safeguards to secure your data. These include:

  • Encrypted storage and communications

  • Access controls and user authentication

  • Staff training and confidentiality agreements

6. Your Data Rights (UK GDPR)

You have the right to:

  • Access the personal data we hold about you

  • Request correction or erasure of your data

  • Object to or restrict how we process your data

  • Withdraw consent (where processing is based on consent)

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, contact us at: [support@yourdomain.co.uk]

7. Cookies and Tracking

We use cookies to enhance your experience and collect analytics. These may include:

  • Essential cookies (for security and functionality)

  • Analytics cookies (e.g., Google Analytics)

You can manage or block cookies via your browser settings. We never use or sell your personal data.

8. Children’s Privacy

Our services may be used by children and young people, particularly where ADHD services are delivered to individuals under 18. We are committed to protecting children’s privacy and apply the following measures:

  • We collect only necessary data for service provision

  • We ensure data is handled securely and confidentially

  • Parental or guardian consent is required where applicable

  • Children’s data is stored and protected with the same safeguards as adult data, in accordance with the Children’s Code issued by the ICO

If you believe we have collected a child’s personal data improperly, please contact us immediately.

9. Retention of Data

We retain personal data only as long as necessary:

  • For service provision and record-keeping

  • To comply with legal and regulatory obligations (e.g., health data retention for 7 years)

  • For dispute resolution or safeguarding

After this period, data is securely deleted or anonymised.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted on our website and, where appropriate, communicated directly to you.

11. Contact Us

For questions, concerns, or to exercise your data rights, contact us at:

[Your Service Name]
[Your Company Address, UK]
Email: [support@yourdomain.co.uk]
Phone: [Insert UK Contact Number]
ICO Registration Number: [Insert if available]

bottom of page