Privacy Policy

The use of the Internet pages of The Acupuncture Lady is possible without providing personal data.

The processing of your personal data, such as name, address, e-mail address, or telephone number will always be in line with the General Data Protection Regulation (GDPR), and in accordance with the UK data protection regulations.

The Controller, for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

The Acupuncture Lady
16 North Star Drive
LU7 3DP Leighton Buzzard
Phone: 07933 046232

And has implemented organisational measures to ensure the most complete protection of personal data processed via this website.


The Internet pages of the The Acupuncture Lady use cookies. Cookies are text files that are stored in a computer system via an Internet browser.

By cookies, the Acupuncture Lady can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimised with the user in mind. Cookies allow us, as previously mentioned, to recognise our website users. The purpose of this recognition is to make it easier for users to utilise our website.

The Acupuncture Lady also uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using the site, to better understand how they find and use the web pages and to see their journey through the website.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us.

You may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.

Contact forms and email links

Should you choose to contact us using the contact form on our contact us page, none of the data that you supply will be stored by this website or passed to / be processed by any third-party data processors. Instead the data will be collated into an email and sent to us over Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.

Storage of personal data

The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, if it is no longer necessary for the fulfilment of the treatment.

When data is stored electronically, it is protected from unauthorised access, accidental deletion and malicious hacking attempts:

  • Data is protected by strong passwords that are changed regularly and never shared.
  • If data is stored on removable media (like a CD, DVD, USB keys), these are kept locked away securely when not being used.
  • Data is stored on designated drives and servers, and only uploaded to an approved cloud computing service.
  • All servers and computers containing data are protected by approved security software and a firewall.
  • When data is stored on paper, it is kept in a secure place, in a locked drawer or filing cabinet where unauthorised people cannot see it.

Data accuracy

The more important it is that the personal data is accurate, the greater the effort The Acupuncture Lady will put into ensuring its accuracy.

  • Data will be held in as few places as necessary.
  • We take every opportunity to ensure data is updated. For instance, by confirming a customer’s details when they call or visit.
  • The Acupuncture Lady will make it easy for data subjects to update the information The Acupuncture Lady holds about them.
  • Data will be updated as inaccuracies are discovered. For instance, if a patient can no longer be reached on their stored telephone number, it should be removed from the phone log and the paper record updated.

Subject access requests

Subject access requests from individuals can be made by email, via the web site, social media or telephone, where possible all requests should be addressed to the data controller. The data controller will always verify the identity of anyone making a subject access request before handing over any information, within 1 month from the date of request.

In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject.

Under these circumstances, The Acupuncture Lady will disclose requested data. However, the data controller will ensure the request is legitimate, seeking assistance from the company’s legal advisers where necessary.

Changes to the privacy policy

This privacy policy may change from time to time in line with legislation or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.

© The Acupuncture Lady – April 2018