top of page
  • Facebook
  • LinkedIn

Privacy Policy

Who We Are

Alice Johnston Medical Herbalist is a medical herbal medicine practice based in Uphall, West Lothian, Scotland. We are the data controller responsible for your personal data.

If you have any questions about this notice or how your information is handled, please contact:

Email: alice@medicalherbalist
Phone: 07485 503 958
Postal Address: Craiglea, 29 Station Road, Uphall EH52 5DX

What Information We Collect

We collect personal data in the following ways:

1. Clinical and Health Information (Special Category Data)

If you book a consultation, we collect information necessary to provide safe and effective care. This may include:

  • Name, address, date of birth and contact details

  • Medical history and current symptoms

  • Medication and supplement use

  • Lifestyle information relevant to your health

  • Consultation notes and treatment plans

Health information is classified as special category data under UK data protection law and is treated with strict confidentiality.

2. Contact Information

When you contact us or book services, we may collect:

  • Name

  • Email address

  • Telephone number

  • Appointment history

  • Correspondence (email, text message or WhatsApp)

3. Payment Information

Payments are processed securely via Square for both online and in-person transactions. We do not store full card details. We may retain transaction records for accounting purposes.

4. Mailing List Information

When you attend walks, talks or events and choose to join our mailing list, we collect:

  • Name

  • Email address

We use Brevo to manage email communications. Every email contains a clear unsubscribe link, and you may opt out at any time.

How We Use Your Information

We use your personal data to:

  • Provide herbal medicine consultations and treatment

  • Maintain accurate clinical records

  • Communicate regarding appointments and care

  • Process payments

  • Send newsletters or event information (where you have opted in)

  • Comply with legal, insurance and professional obligations

We only collect information that is relevant and necessary for these purposes.

Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contractual necessity – to provide clinical services

  • Legal obligation – to comply with healthcare and tax regulations

  • Legitimate interests – for administration of the practice

  • Explicit consent – for processing health data and for marketing communications

You may withdraw consent for marketing at any time.

 

How We Store and Protect Your Data

Your data is stored securely using the following measures:

  • Paper clinical files are kept in locked storage

  • Digital records are stored securely within Microsoft 365 cloud services

  • Practice phone communications (including text and WhatsApp) are password protected

  • Access to data is restricted and protected by secure passwords

  • Payment processing is handled securely by Square

We take appropriate technical and organisational measures to safeguard your information against unauthorised access, loss or misuse.

 

Data Retention

Clinical records are retained for a minimum of six years after your last consultation (or in the case of children, six years after their 18th birthday), in line with professional practice standards and insurance requirements.

Mailing list data is retained until you unsubscribe.

Sharing Your Information

We do not sell or trade your data.

We may share limited information with:

  • Secure service providers (e.g., Microsoft 365, Square, Brevo)

  • Other healthcare providers, but only with your explicit consent

  • Legal authorities where required by law

All third-party providers are required to handle your data securely and in accordance with data protection law.

Your Rights

Under UK data protection law, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate data

  • Request erasure in certain circumstances

  • Restrict or object to processing

  • Withdraw consent for marketing

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

You can contact us directly to exercise your rights.

If you are dissatisfied with how your data is handled, you may contact:

Information Commissioner’s Office (ICO)
 

Website Hosting (Wix)

This website is hosted by Wix. Wix may collect limited technical information such as IP address, browser type and usage data for website security and analytics purposes. Please refer to Wix’s own privacy policy for further information.

Privacy Notice

Effective date: 18.02.2026
Last updated: 18.02.2026

Contact

Phone: 07485503958

Email: alice@medicalherbalist.scot

bottom of page