Privacy Policy
Last updated: 31 May 2026
Issued by: Elevra Hypnosis & Therapy Ltd, registered in England & Wales, Company No. 16647202.
This policy explains how we collect, use, and protect your personal data when you visit our website or use our services, and how we use cookies. Please read it carefully. If you have questions, contact us at info@elevrahypnosis.com.
Part 1 — Privacy Policy
1. Who We Are
Elevra Hypnosis & Therapy Ltd is the data controller responsible for your personal data. We provide online hypnotherapy and coaching services to clients across the UK and internationally.
Company number: 16647202
Registered in: England & Wales
Email: info@elevrahypnosis.com
Website: https://elevrahypnosis.com
2. What Data We Collect
2.1 Data you give us directly
When you contact us, submit an enquiry, or book a session, you may provide:
- Your name and email address
- Your phone number or WhatsApp contact details
- The subject and content of your message or enquiry
- Appointment preferences and scheduling information
- Payment information (processed securely by PayPal — we do not store card details ourselves)
2.2 Data we collect automatically
When you visit our website we may collect:
- Your IP address and approximate location (country or region)
- Browser type, device type, and operating system
- Pages visited, time spent on pages, and how you navigated the site
- The website or search terms that referred you to us
This is collected via cookies and analytics tools — see Part 2 for full details.
2.3 Data from third parties
We do not purchase data from third-party brokers. If you contact us via a social media platform, we may receive the message content and your public profile name, subject to that platform’s own privacy terms.
3. How We Use Your Data
We use your data only for the purposes listed below, each with a valid legal basis under UK GDPR.
Responding to your enquiry — Legitimate interests (Article 6(1)(f)) / Pre-contractual steps (Article 6(1)(b))
Booking and delivering sessions — Performance of a contract (Article 6(1)(b))
Processing payments — Performance of a contract (Article 6(1)(b))
Sending confirmations and reminders — Performance of a contract (Article 6(1)(b))
Improving our website — Legitimate interests (Article 6(1)(f))
Complying with legal obligations — Legal obligation (Article 6(1)(c))
Sending marketing communications — Consent (Article 6(1)(a)) — only where you have opted in
We will never sell, rent, or trade your personal data to third parties for marketing purposes.
4. Data Retention
We retain your data only for as long as necessary:
- Enquiry and contact data: 12 months from your last contact, or until you ask us to delete it
- Booking and session records: 3 years from your last session
- Payment records: 7 years, as required by HMRC
- Marketing consent records: Until you withdraw consent, plus 1 year
- Website analytics data: As configured in Google Analytics (typically 26 months)
When data is no longer needed it is securely deleted or anonymised.
5. Who We Share Your Data With
We share data only with third-party providers who help us deliver our services. All are bound by appropriate data processing agreements.
5.1 Booking
BookingPress — our appointment booking plugin. Processes your name, email, and appointment details.
5.2 Payments
PayPal — secure payment processing. We do not store card details. PayPal privacy policy: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
5.3 Communications and website
WPForms — processes contact form submissions.
WhatsApp (Meta) — if you contact us via WhatsApp, your message is subject to Meta’s privacy policy.
Google Analytics / Google Tag Manager — website analytics. See Part 2 for details.
5.4 Web hosting
Our website is hosted on a third-party provider. Data may be stored on servers in the UK or EEA under appropriate data processing agreements.
5.5 Legal disclosure
We may disclose data where required by law, court order, or regulatory authority.
6. International Transfers
Some providers (including Google and Meta) may process data outside the UK and EEA. Where this occurs, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or Standard Contractual Clauses, in line with UK GDPR requirements.
7. Data Security
We take reasonable technical and organisational steps to protect your data, including:
- HTTPS encryption across the website
- Password-protected access to client records
- Use of reputable, compliant third-party platforms
- Restricting data access to those who need it to deliver your service
No method of internet transmission is 100% secure. If you have concerns, please contact us directly.
8. Your Rights
Under UK GDPR you have the right to:
- Access — request a copy of the data we hold about you
- Rectification — ask us to correct inaccurate or incomplete data
- Erasure — ask us to delete your data in certain circumstances
- Restriction — ask us to pause processing in certain circumstances
- Portability — request your data in a structured, machine-readable format
- Object — object to processing based on legitimate interests or for direct marketing
- Withdraw consent — where processing is consent-based, you may withdraw at any time
To exercise any right, contact us at info@elevrahypnosis.com. We will respond within one month. There is no charge unless requests are manifestly unfounded or excessive.
9. Right to Complain
If you are unhappy with how we have handled your data, you may lodge a complaint with the Information Commissioner’s Office (ICO):
https://ico.org.uk | Helpline: 0303 123 1113
We would welcome the chance to resolve your concern directly first — please contact us at info@elevrahypnosis.com.
10. Children’s Data
Our services are for adults aged 18 and over. We do not knowingly collect data from children. If you believe we have done so, please contact us immediately and we will delete it.
11. Links to Other Websites
Our site may link to third-party websites. This policy applies only to elevrahypnosis.com. We recommend reading the privacy policy of any external site before sharing personal data.
12. Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. The date at the top shows when it was last updated. Material changes will be notified by email (where held) or by a prominent notice on our website.
Part 2 — Cookie Policy
13. What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They help the site function, remember preferences, and provide information about how it is used.
14. Cookies We Use
14.1 Strictly necessary cookies
Required for the website to function. Cannot be switched off. Set in response to actions such as submitting a form or completing a booking.
- WordPress session and security cookies (wp-settings-*, wordpress_logged_in_*)
- CSRF security tokens — protect form submissions from cross-site request forgery
- BookingPress session cookies — maintain your booking in progress
- WP-Optimize caching cookies
Legal basis: Exempt from consent under UK PECR — strictly necessary for service delivery.
14.2 Functional cookies
Enable enhanced functionality such as remembering display preferences.
- WordPress preference cookies (language, layout settings)
- Elementor page builder cookies
Legal basis: Legitimate interests in providing a functional browsing experience.
14.3 Analytics cookies
We use Google Analytics via Google Tag Manager to understand how visitors use our site — helping us improve content and navigation. Data is collected anonymously and does not identify you personally.
- _ga — distinguishes unique users (expires: 2 years)
- _ga_* — stores session state for Google Analytics 4 (expires: 2 years)
- _gid — distinguishes users within a 24-hour period (expires: 24 hours)
- _gat — throttles request rate (expires: 1 minute)
Google privacy policy: https://policies.google.com/privacy | Opt out: https://tools.google.com/dlpage/gaoptout
Legal basis: Consent — analytics cookies are placed only after you accept via our cookie banner.
14.4 Third-party cookies
Some functionality on our site may load cookies from third parties:
Google Tag Manager (googletagmanager.com) — manages loading of scripts.
Google Fonts (fonts.googleapis.com) — serves web fonts; may log your IP address. See Google’s privacy policy.
PayPal — sets cookies on the payment page to facilitate secure transactions.
We have no direct control over third-party cookies. Please refer to their respective privacy policies.
15. Cookie Consent
On your first visit, a cookie banner will invite you to accept or decline non-essential cookies. You can update your preferences at any time via the “Cookie Settings” link in the footer.
Blocking certain cookies may affect how parts of the site work, including the booking process.
16. Managing Cookies in Your Browser
You can also control cookies directly through your browser settings:
Google Chrome: Settings → Privacy and security → Cookies and other site data
Mozilla Firefox: Options → Privacy & Security → Cookies and Site Data
Safari: Preferences → Privacy → Manage Website Data
Microsoft Edge: Settings → Cookies and site permissions
You can also opt out of interest-based advertising via youronlinechoices.com (EU/UK) or aboutads.info.
17. Contact Us
For any questions about this policy or to exercise your data rights:
Email: info@elevrahypnosis.com
Company: Elevra Hypnosis & Therapy Ltd
Company No: 16647202
We aim to respond within 5 working days and will always reply within the statutory one-month period.
Start your journey now!
Discover how hypnotherapy can help in a relaxed, welcoming atmosphere, from the comfort of your own home, with no pressure and plenty of support.
