1. Introduction
 

This privacy notice explains how we collect, use, and process your personal data when you use our website www.thewildheartway.com
.

By providing us with your personal data, you confirm that you are over 18 years of age.

Sian Gilmartin (trading as Sian Gilmartin Coaching) is the data controller and is responsible for your personal data (referred to as “we”, “us”, or “our” in this privacy notice).
 

Contact Details:
Full Name of Legal Entity: Sian Gilmartin t/a Sian Gilmartin Coaching/Sian Gilmartin: The Wild Heart Way
Email Address: sian@thewildheartway.com

It is important that the personal information we hold about you is accurate and up to date. Please notify us of any changes by emailing sian@thewildheartway.com
 

2. What Data We Collect, Why, and the Legal Basis
 

Personal data refers to information that can identify you as an individual. It does not include anonymised or aggregated data.

We may process the following categories of personal data:
 

Communication Data
Includes emails, contact form messages, social media messages, or other communications sent to us.
Purpose: To respond to your messages, maintain records, and handle legal claims if needed.
Legal Basis: Legitimate interests (responding to communications and record-keeping).
 

Customer Data
Includes name, title, billing and delivery addresses, email, phone number, purchase details, and payment information.
Purpose: To process and fulfil your orders or bookings.
Legal Basis: Performance of a contract or steps to enter into a contract.
 

User Data
Includes information about how you use our website, online services, or any content you post.
Purpose: To operate our website, provide relevant content, ensure security, maintain backups, and manage online services.
Legal Basis: Legitimate interests (to administer our website and services).
 

Technical Data
Includes IP addresses, browser type, device information, navigation data, time zone, and analytics data.
Purpose: To analyse and improve our website, deliver relevant content, administer security, and optimise marketing strategies.
Legal Basis: Legitimate interests (website and business administration and growth).
 

Marketing Data
Includes your communication preferences and marketing opt-ins.
Purpose: To send you relevant content, advertisements, and promotional offers.
Legal Basis: Consent or legitimate interests (marketing and business growth).

We may use Customer Data, User Data, Technical Data, and Marketing Data to deliver relevant website content and advertisements (including social media ads) and to assess their effectiveness.
 

Sensitive Data

For certain menopause, matrescence or menstruality services (e.g., workshops, courses or sessions), we may collect sensitive data to assess your suitability and ensure any health-related adaptations:

- Medical or psychological conditions related to menopause/menstruality

- Menstrual cycle or health-related information

Legal Basis: Explicit consent, obtained when you agree to our Terms & Conditions at booking.

If required data is not provided, we may be unable to deliver the service and will notify you at the time.
 

3. How We Collect Your Personal Data

We collect data:

Directly from you, e.g., forms, emails, or service bookings

Automatically, via cookies and analytics tools

From third parties, such as Google, Facebook, payment providers, or publicly available sources like Companies House or the Electoral Register
 

4. Marketing Communications

We may send marketing communications based on:

- Your consent

- Legitimate interests (business growth, promotions, or improving services)

You can opt out at any time via links in emails or by contacting us directly. Opting out of marketing does not affect transactional communications, e.g., booking confirmations.

Before sharing your data with third parties for their marketing, we will always obtain your explicit consent.
 

5. Disclosure of Your Personal Data
 

We may share your personal data with:

- IT and system administration service providers

- Professional advisers (lawyers, auditors, insurers)

- Government authorities if required by law

- Third parties in business mergers or sales

- Third parties must process your data in accordance with the law and only for specified purposes.
 

6. International Transfers
 

Where we transfer data outside the UK:

We ensure it’s to countries approved by UK authorities or under approved frameworks

For US providers, we use UK-regulator-approved privacy frameworks

If safeguards aren’t available, we obtain your explicit consent, which you may withdraw at any time
 

7. Data Security

We maintain appropriate security measures to protect your personal data from accidental loss, misuse, alteration, or unauthorised access. Access is restricted to employees and partners who require it for business purposes.
 

8. Data Retention
 

We retain personal data only as long as necessary for:

- Fulfilling the purpose it was collected for

- Legal, accounting, or reporting requirements

Basic customer data is retained for six years after customer activity ends for tax purposes. Anonymised data may be retained indefinitely for research or statistical purposes.
 

9. Your Legal Rights
 

You have rights under data protection laws, including:

- Accessing your personal data

- Correcting inaccurate data

- Requesting erasure

- Restricting processing

- Data portability

- Objecting to processing

- Withdrawing consent (if applicable)

For more information: ICO – Individual Rights

Requests can be made via contact@siangilmartin.com. We may ask for identification to ensure security.

If unsatisfied, you can also complain to the ICO (www.ico.org.uk).
 

10. Third-Party Links
 

Our website may contain links to third-party websites. We are not responsible for their privacy policies and encourage you to read them when visiting other sites.
 

11. Cookies
 

You can configure your browser to refuse cookies or alert you when cookies are set. Disabling cookies may limit website functionality.