Screenshot 2019-01-16 at 10.31.58.png

Privacy Policy

Our commitment 


At Doctor Ana Solutions Limited, establishing a safe and trusting relationship with our clients is fundamental to the services we provide. We take care to ensure that the information we hold about you is handled securely and is treated with the highest respect. We take our professional and legal obligations seriously with respect to both the client confidentiality and data protection. If you have any queries or concerns about the handling of your personal information, please contact Doctor Ana on or 0207 225 2202 


This privacy notice explains how we look after your personal information. It informs you about your privacy rights and how the law protects you. It is important that you read this privacy notice so that you are fully aware of how and why we are holding and using your personal information. 


Doctor Ana Solutions Limited engages both professional and administrative staff and is the data controller for the purposes of data protection legislation within the UK.  


Personal information that we obtain about you 


Personal information means any information about an individual from which that personal can be identified. We may obtain, use, store and transfer different kinds of personal information about you. 


  • Identity and contact information includes your name, marital status, title, date of birth, gender, address, email address and telephone numbers.

  • Professional contact information includes details of other health practitioners, educational professionals or social care professionals involved in your care.

  • Professional service information includes information provided to us or generated by us in the course of provision of our professional services to you. This includes notes of your background and history, our record of individual and group sessions, assessment results and data generated in the process of neurofeedback training. 

  • Financial and transaction information includes your bank account details, payment card details, insurance details, invoice amounts and payments.

  • Technical data when you visit our website, including your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.

In the course of providing you with professional services, we may also obtain special category information about you. Special category information includes information concerning racial or ethnic origin, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation.  

How we obtain personal information 


We may obtain personal information about you from a number of sources. In the usual course of our services, we do not seek information about you without your knowledge: 


  • Direct contact with you in person, by telephone or in writing.

  • From family members and others close to you, for example, by way of questionnaire. 

  • From various professionals with whom we may need to communicate for the purposes of providing professional services to you. This includes health practitioners (such as GPs or psychiatrists), educational professionals (such as teachers) and social service professionals. 

  • From lawyers and the courts where there is any form of legal processes or proceedings.

  • Publicly available material.

  • [Automated collection about your equipment, browsing actions and patterns when you visit our website. We collect this personal data by using cookies and our cookie policy [] sets out further details.]


The purposes for which we use your personal information 


We use your personal information for the following purposes:


  • For the purposes of providing professional services.

  • For the purposes of the proper management of this practice. 

  • To arrange payment of our fees by you or a third party, and for the purposes of financial accounting with respect to this practice.

  • For the purpose of meeting our professional and legal obligations, including professional supervision. 

  • For the purposes of legal proceedings. 

  • Where we believe you or others are at risk of harm, for the purposes of safeguarding you or others against such harm. 

  • To administer and protect our website and information security infrastructure. This includes carrying out troubleshooting, data analysis, testing, system maintenance, support and reporting thereby allowing us to maintain network security and stability. 


The basis upon which we use personal information 


We will only use and hold your personal information (including special category information) where there is a lawful basis for us to do so. This is where it is necessary:


  • For the purpose of our legitimate interests in providing professional services and managing our practice, including meeting the associated professional obligations upon us. 

  • For the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. 

  • To comply with a legal obligation. 


When we use and hold your special category information, it will be where it is necessary for the purposes of:


  • The provision of healthcare in light of our professional obligations of confidentiality.

  • Providing a confidential advice and support services.

  • Safeguarding an individual from harm.

  • Reporting potential breaches of ethical principles or codes of professional conduct.

  • Establishing, exercising or defending legal claims.


We do not rely upon your consent in using or holding your personal information or special category information in the usual course of our practice. 

Who we share your personal information with 


We will only share your personal information, where it is necessary for the purposes above, with the following:


  • Various professionals with whom we may need to communicate for the purposes of providing professional services to you. This may include health practitioners (such as GPs or psychiatrists), educational professionals (such as teachers), social service professionals and family business advisors.

  • Lawyers and the courts where there is any form of legal processes or proceedings.

  • Insurers or other third parties for the purposes of arranging payment of our fees.

  • Professional service providers, for example lawyers, accountants and IT consultants, for the purposes of the proper management of our practice.

  • The relevant professional regulator where it is necessary to report potential breaches of ethical principles or codes of professional conduct. 

  • Relevant organisations where there are safeguarding concerns with respect to you or any other individual.

  • Relevant bodies or organisations where we are legally obliged to do so.


We use Private Practice Software provided by Cliniko Limited in the administration of our appointment booking and payment. We use Xero accounting software for the financial management of our practice. Appointments are recorded on


Our professional staff members will share information concerning clients with their supervisors on an anonymous basis. Our supervisors are regulated professionals bound by the same professional obligations of confidentiality as our staff. 


International transfer of personal information 


We do not transfer your personal information outside of the European Economic Area or countries determined by the European Commission to adequate levels of data protection. If you are travelling outside of these countries and communicate with us by email or other electronic means, any transfer of your data by reason of these electronic communications is undertaken with your explicit consent. 

How long we keep your personal information 


Generally, we will hold your personal information for a period of seven years after the conclusion of our professional relationship, unless it is necessary to retain your personal information for longer, for example, because:


  • There are safeguarding concerns with respect to you or any other individual. 

  • There is a reasonably foreseeable possibility of regulatory or legal proceedings. 

  • We are subject to an ongoing legal obligation. 


How we protect personal information 


We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are required to do so. 


Security Measures


Some of our security measures include the following:

  • We send all client related documents using a password protected system

  • We do not keep client document on more than one computer to improve security around client documents.

  • We use an antivirus programme to protect our computers from any malicious malware or interference.

  • We regularly perform computer updates and perform backups to ensure security is kept up to date.

Information about our services

From time to time, we may send you information we believe is relevant to you. This may include relevant professional insights, invitations to events or information on new services.


You can ask us to stop contacting you for such purposes at any time. 



Our website and cookies


Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we encourage you to read the privacy policy of every website you visit.

We use cookies to track visitor use and compile statistical reports of our website activity. If you want us to stop using personal information we’ve collected via cookies on our website, please change your cookie settings.


We keep our cookies policy under regular review. Our cookies policy was last updated on 11th July 2019.


View of cookie policy



The legal rights of individuals whose personal information we process

You have the following rights:


  • Request access to your personal information (commonly known as a "data subject access request"). You can request a copy of your own personal information that we hold and information concerning how we process your information. 

  • Request correction of the personal information that we hold about you. This enables you to request for any incomplete or inaccurate information we hold about you to be corrected.

  • Request erasure of your personal information. You can ask us to delete or remove personal information where there is no good reason for us to continue to process it, where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.

  • Object to processing of personal information where we are relying on our legitimate interests (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feels it impacts on your fundamental rights and freedoms. 

  • Request restriction of processing of your personal information. You can ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the information's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your information but we need to verify whether we have overriding legitimate interest to use it.


These rights are subject to various legal exceptions. If you make any of the requests above, we would explain to you in our response if we have relied upon any of these exceptions.


You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO). Full details can be found on the ICO’s website However, if you have any concerns with respect to the way we handle your personal data, you are welcome to raise these with us in the first instance so that we work together to resolve your concerns. 


Changes to this privacy notice 


We keep this privacy notice under regular review. This privacy notice was last updated on 11 July 2019.