PRIVACY POLICY

Clear terms to support a safe, professional working relationship

Last updated: April 2026

This privacy policy explains how Tanya Wyatt (“I”, “me”, “my”) collects, uses and protects your personal data when you visit tanyawyatt.com or contact me through this website.

I am committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who I am

I am Tanya Wyatt, a movement specialist based in Fulham, London. I offer one-to-one in-person movement, strength and rehabilitation sessions to adults in London.

For the purposes of UK GDPR, I am the data controller for personal data collected through this website.

ICO registration number: [add upon registration]

You can contact me at:
Email: tanya@tanyawyatt.com
Phone: +44 7394 404 478
Location: Fulham, London

What personal data I collect

I only collect personal data when you voluntarily provide it to me. This includes:

  • Your name
  • Your email address
  • Any message or enquiry you submit via the contact form on this website

I do not collect sensitive personal data such as health or medical information through this website. Any health-related information shared as part of a working relationship is handled separately and only with your explicit consent.

How I collect your data

I collect personal data through the contact form on this website when you choose to get in touch with me. I do not collect data through any other automated means on this site beyond standard analytics tools (see third-party services below).

How I use your personal data

I use your personal data only for the following purposes:

  • To respond to your enquiry or message
  • To provide the movement specialist services you have requested
  • To communicate with you about appointments or ongoing work where relevant

I do not use your personal data for marketing without your explicit consent, and I will never sell or share your data with third parties for their own marketing purposes.

Legal basis for processing

Under UK GDPR, I process your personal data on the following lawful bases:

  • Legitimate interests — to respond to enquiries submitted through this website
  • Contract performance — to deliver the services you have engaged me to provide
  • Consent — where you have explicitly agreed, for example to receive follow-up communications

Third-party services

This website uses the following third-party tools that may process your data independently:

Google Analytics — used to understand how visitors use this website. Data is anonymised where possible. For more information, please see Google’s privacy policy at policies.google.com/privacy.

Meta (Facebook) Pixel — used to measure the effectiveness of advertising and to understand website activity. For more information, please see Meta’s privacy policy at facebook.com/privacy/policy.

Both services may set cookies on your device. For full details of the cookies used on this website, please see our cookie policy.

How long I keep your data

I retain personal data only for as long as necessary for the purpose for which it was collected:

  • Enquiries and general correspondence are kept for up to two years
  • Records relating to an ongoing working relationship may be kept for up to six years in line with standard business practice

You may request deletion of your personal data at any time. See your rights below.

Data security

I take reasonable steps to protect your personal data from unauthorised access, loss or misuse. All data submitted through this website is transmitted securely via HTTPS encryption.

In the event of a data breach that is likely to result in a risk to your rights and freedoms, I will notify the ICO within 72 hours as required by UK GDPR, and will inform you directly where required.

Your rights under UK GDPR

You have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data I hold about you
  • Right to rectification — to request that I correct any inaccurate or incomplete data
  • Right to erasure — to request that I delete your personal data, subject to any legal obligations I may have to retain it
  • Right to restrict processing — to request that I limit how I use your data in certain circumstances
  • Right to object — to object to processing based on legitimate interests
  • Right to data portability — to receive your data in a structured, commonly used and machine-readable format where applicable
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, please contact me at tanya@tanyawyatt.com. I will respond within one calendar month in accordance with UK GDPR requirements. There is no charge for making a request.

Complaints

If you are unhappy with how I have handled your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s independent data protection supervisory authority.

Website: ico.org.uk
Telephone: 0303 123 1113

I would, however, appreciate the opportunity to address your concerns directly before you contact the ICO. Please get in touch with me first at tanya@tanyawyatt.com

Changes to this privacy policy

I may update this privacy policy from time to time to reflect changes in the way I handle personal data or in applicable legislation. Any changes will be posted on this page with a revised date at the top. I encourage you to review this page periodically.