Netgain Nutrition
A. Johnson
Covering Somerset and the South West
Privacy Notice - Netgain Nutrition
Last updated: December 2025
​
1. Introduction
NetGain Nutrition is committed to protecting your personal information and respecting your privacy. This Privacy Notice explains how I collect, use, store, and protect your data when you use my nutritional advisory services.
I'm registered with the Information Commissioner's Office (ICO) as a data controller, which means I'm responsible for keeping your information safe and using it properly.
​
About NetGain Nutrition:
Trade Name: NetGain Nutrition
Legal Name: Ms Julie Clare Sinkins
ICO Registration: ZC047220
Address: 3 Frampton Road, Bridgwater, Somerset, TA6 6ER
Email: jsinkins@hotmail.com
Phone: 07879 061478
​
For any questions about how I handle your data, you can contact me using the details above.
​
2. Information I Collect
To provide you with personalised nutritional advice and support, I need to collect certain information about you. Here's what I gather and why:
​
2.1 Information You Provide Directly
Contact Details: Your name, email address, phone number, and postal address
Health Information: Medical history, current health conditions, medications, allergies, dietary restrictions, and any other health details relevant to your nutritional needs
Dietary Information: Current eating habits, food preferences, dietary goals, previous diet history
Lifestyle Information: Activity levels, sleep patterns, stress levels, occupation (where relevant to your nutrition plan)
Consultation Records: Notes from our consultations (phone, video call, or in-person), progress updates, feedback
Measurement Data: Weight, height, body measurements (if relevant to your goals)
Communication Records: Emails, messages, and any other correspondence between us
Payment Information: Billing details for invoicing purposes (note: card payments are processed securely by Stripe – I don't see or store your full card details)
Consent Records: Your agreement to this Privacy Notice and any specific consents (such as parental consent if you're under 16)
​
2.2 Information I Collect Through My Website
When you visit netgainnutrition.com or submit a contact form, I may collect:
IP address and general location data
Browser type and device information
Pages you visit on the website
How you found my website
Date and time of your visit
Information you submit through contact forms or booking requests
​
2.3 Information I Receive from Others
In some cases, I may receive information about you from:
Your parent or guardian (if you're under 16 – see Section 12 for details about young people's privacy)
Healthcare professionals (with your consent, such as referrals or shared care arrangements)
Family members or carers (with your consent, where you've asked them to help with your nutrition plan)
When I receive information from others, I make sure they have the right to share it with me.
​
2.4 Special Category Data (Sensitive Personal Data)
The nature of nutritional advice means I process sensitive personal information, which UK data protection law calls "special category data". This includes:
Health information: Medical conditions, diagnoses, symptoms, medications, test results
Dietary requirements related to health or religion: For example, allergies, coeliac disease, diabetes management, or religious dietary needs
I only process this sensitive information because:
You've given me explicit consent to do so (which you can withdraw at any time)
It's necessary to provide you with healthcare services (nutritional therapy)
It's necessary to protect your vital interests (your health and wellbeing)
I take extra care with this information and apply enhanced security measures to keep it safe.
​
3. How I Use Your Personal Data
I use your information for the following purposes:
​
3.1 Providing Nutritional Services
Assessing your nutritional needs and health status
Creating personalised nutrition plans tailored to your goals and health requirements
Monitoring your progress and adjusting recommendations
Providing ongoing support and guidance through consultations
Responding to your questions between appointments
Managing our professional relationship
Legal Basis: Contract (performing the services you've asked for), Consent (for health data), Legitimate Interests (providing quality care)
​
3.2 Administration and Client Management
Scheduling and managing appointments through Calendly
Maintaining your client records securely in NutriAdmin
Processing payments via Stripe or bank transfer
Sending appointment reminders and follow-up information
Managing invoicing and accounting records
Legal Basis: Contract, Legal Obligation (tax and accounting requirements)
​
3.3 Communication and Updates
Responding to enquiries from prospective clients
Keeping you informed about your appointments or any changes to my services
Sending you resources or information relevant to your nutrition plan
Following up on your progress
Legal Basis: Contract, Legitimate Interests (maintaining the client relationship)
Please note: I don't send marketing emails or newsletters. All communication from me will be directly relevant to your care or enquiry.
​
3.4 Legal and Professional Requirements
Maintaining professional records in line with industry standards
Complying with legal and regulatory obligations
Protecting both of us in case of disputes or legal claims
Ensuring your safety and safeguarding where necessary
Legal Basis: Legal Obligation, Legitimate Interests (professional standards and protection)
​
4. Artificial Intelligence and Technology Tools
​
4.1 My Approach to AI
I use some technology tools to help with administrative tasks and to present information more clearly. Here's my commitment to you:
Transparency: I'm upfront about where AI helps me work
Your Data Stays Private: Your personal and health information is never shared with AI tools
Human-Led Care: All nutritional advice, assessments, and decisions come from me – not from automated systems
Security: Any tools I use are subject to the same security standards
​
4.2 How I Use AI
Administrative Support:
I use ChatGPT to help improve my general business writing (such as website content, blog posts, or educational materials) and to help present data in visual formats like charts or graphs for educational purposes.
What I don't do:
I never input your personal information, health data, or consultation notes into AI tools
I never use AI to create personalised nutrition plans or to make decisions about your care
I never use AI to analyse your specific health information
Human Oversight: Every aspect of your care is provided directly by me. AI is only used for general business tasks that don't involve client information.
​
4.3 No Automated Decisions About Your Care
I don't make decisions that affect your health or nutrition plan based solely on automated processing. All advice and recommendations are based on my professional judgement, your individual circumstances, and our conversations.
This means decisions about:
Whether to accept you as a client
Your nutrition plan and recommendations
Changes to your care
Whether to continue or end our professional relationship
All involve my personal review and consideration of your unique situation.
​
5. Legal Basis for Processing
Under UK GDPR, I need a valid legal reason to use your personal data. I rely on:
Consent: Where you've given clear permission (particularly for health data)
Contract: Where I need your information to provide the services you've asked for
Legitimate Interests: Where I have a genuine business need that doesn't override your rights (such as keeping records for professional standards)
Legal Obligation: Where I must process data to comply with the law (such as tax records)
Vital Interests: To protect your health and wellbeing in urgent situations
You can withdraw consent at any time by contacting me, though this may affect my ability to continue providing services.
​
6. How I Share Your Personal Data
I don't sell your personal data to anyone. However, I do use trusted service providers to help me run my practice efficiently:
​
6.1 Service Providers
NutriAdmin (UK-based): My secure client management system where your records are stored. This platform uses multi-factor authentication and is hosted in the UK. Website: nutriadmin.com
Calendly: For appointment scheduling and calendar management
Stripe: For secure payment processing (they handle your card details – I never see your full card number)
Microsoft 365: For email and document storage
Google Workspace: For some administrative tasks and file storage
All these providers:
Process your data only on my instructions
Have their own security measures in place
Comply with UK data protection laws
Are bound by written agreements to protect your data
​
6.2 Healthcare Professionals
With your explicit consent, I may share relevant information with:
Your GP or other healthcare providers (for coordinated care)
Other practitioners involved in your care
Referral sources (with updates on your progress, if appropriate)
I'll always ask your permission before sharing information with other healthcare professionals.
​
6.3 Legal Requirements
I may need to share your information if:
Required by law or court order
Necessary to protect your safety or someone else's safety (safeguarding)
Needed to prevent or detect crime
Requested by regulatory or professional bodies
​
6.4 Data Storage and Transfers
All your personal data is stored and processed within the United Kingdom. I don't transfer your data internationally.
​
7. Data Security
Your privacy and security are important to me. Here's how I protect your information:
Secure Systems: I use NutriAdmin with multi-factor authentication to access your records
Encryption: Data is encrypted when transmitted online (such as through my website or email)
Access Controls: Only I have access to your records – no one else can view them
Password Protection: All systems are protected with strong passwords
Regular Backups: Your data is backed up regularly to prevent loss
Physical Security: Paper records (if any) are kept in locked storage
Secure Disposal: When records need to be deleted, they're disposed of securely
While I take security seriously, no internet transmission is completely secure. Please keep any login details (if you have access to a client portal) confidential.
​
Data Breach Notification:
If there's ever a data breach that could affect you, I'll:
Report it to the ICO within 72 hours (if required by law)
Let you know promptly so you can take any necessary steps
Take immediate action to fix the problem
​
8. How Long I Keep Your Data
I only keep your personal information for as long as necessary. Here are my standard retention periods:
Client Records (Active): For the duration of our working relationship, plus 7 years after your last consultation (this meets professional standards and legal requirements)
Enquiries (Not Converted to Clients): 1 year from last contact
Payment and Invoicing Records: 6 years (HMRC requirement)
Appointment Records: Included in client records above
Email and Messages: 3 years from last contact
Website Contact Forms: 1 year if no consultation is booked
​
Why 7 Years for Client Records?
This retention period meets:
Professional insurance requirements
Potential legal claims periods
HMRC tax record requirements
Professional standards for healthcare records
After these periods, I securely delete or destroy your information. You can ask me to delete your data sooner (see Your Rights below), though I may need to keep some information if there's a legal requirement to do so.
​
9. Your Rights Under UK GDPR
You have important rights when it comes to your personal data. Here's what you can do:
​
9.1 Right of Access (Subject Access Request)
You can ask for a copy of all the personal data I hold about you. I'll provide this within one month, free of charge.
​
9.2 Right to Rectification
If any information I have about you is wrong or incomplete, you can ask me to correct it. This is especially important for health information – just let me know if anything needs updating.
​
9.3 Right to Erasure ("Right to be Forgotten")
You can ask me to delete your data in certain circumstances, such as:
You withdraw your consent
The data is no longer needed for the purpose I collected it
You object to how I'm using it
However, I may need to keep some information if there's a legal or professional requirement (such as for insurance or accounting purposes).
​
9.4 Right to Restrict Processing
You can ask me to limit how I use your data in certain situations, such as if you think the information is inaccurate or you've objected to me using it.
​
9.5 Right to Data Portability
You can ask for your data in a commonly used electronic format, or ask me to transfer it to another healthcare provider. This applies to information you've provided to me directly.
​
9.6 Right to Object
You can object to me processing your data based on legitimate interests. You can also object at any time if I were to use your data for marketing (though I don't currently send marketing communications).
​
9.7 Right to Withdraw Consent
Where I'm using your data based on your consent (particularly for health information), you can withdraw that consent at any time. This won't affect anything I've already done with your permission, but it may mean I can't continue providing nutritional services.
​
9.8 Rights Related to Automated Decisions
You have the right to:
Request human involvement in any automated decisions (though I don't make automated decisions about your care)
Express your point of view
Contest any automated decisions
​
How to Exercise Your Rights
To use any of these rights, simply contact me:
Email: jsinkins@hotmail.com
Phone: 07879 061478
Post: Ms Julie Clare Sinkins, 3 Frampton Road, Bridgwater, Somerset, TA6 6ER
​
What I'll Need from You:
To protect your privacy, I'll need to verify your identity before sharing information. I may ask for:
Proof of identity (such as a copy of your driving licence or passport)
Enough detail to locate your records
Clarification if your request isn't clear
​
Response Time:
I'll respond within one month. For complex requests, this might extend to two months, and I'll explain why if needed.
Free of Charge:
I don't charge for most requests unless they're clearly unreasonable or repetitive.
​
9.9 Right to Complain
If you're unhappy with how I've handled your data, you have the right to complain to the Information Commissioner's Office (ICO):
Information Commissioner's Office (ICO)
Website: www.ico.org.uk
Helpline: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
​
I'd appreciate the chance to resolve any concerns directly first, so please do get in touch with me before contacting the ICO if possible.
​
10. Third-Party Links
My website may contain links to other websites (such as research articles, resources, or product recommendations). Once you leave my website, I'm not responsible for the privacy practices of those other sites. I'd recommend reviewing their privacy policies before sharing any information.
​
11. Changes to This Privacy Notice
I may update this Privacy Notice occasionally to reflect changes in my practice, legal requirements, or technology tools. When I do:
Minor Changes:
I'll update the "Last Updated" date at the top
Changes take effect immediately
Significant Changes:
I'll email you (if you're a current client) to let you know about important updates
I'll give you reasonable notice before changes take effect
If legally required, I'll ask for fresh consent
I encourage you to review this Privacy Notice from time to time. Continued use of my services after changes means you accept the updated notice.
​
12. Privacy for Young People (Under 18s)
I provide nutritional services to young people aged 13 and over. Here's how I protect their privacy:
​
12.1 Parental Consent (Under 16s)
If you're under 16, I need consent from your parent or guardian before I can provide services. This is a legal requirement under UK GDPR.
Your parent or guardian will:
Need to agree to this Privacy Notice on your behalf
Be involved in your consultations (at least initially)
Have the right to access your records
Be able to make decisions about your data
​
12.2 Young People Aged 16-17
If you're 16 or 17, you can consent to nutritional services yourself. However, I usually encourage you to involve your parents or carers in your care, as their support often helps you get the best results.
​
12.3 Confidentiality and Safeguarding
I treat all young people's information confidentially. However, if I'm ever concerned about your safety or wellbeing, I may need to share information with:
Your parents or carers
Your GP or other healthcare professionals
Safeguarding authorities (in serious cases)
I'll always try to discuss this with you first, unless doing so would put you or someone else at risk.
​
13. Contact Me
If you have any questions about this Privacy Notice or how I handle your data, please get in touch:
Ms Julie Clare Sinkins
NetGain Nutrition
3 Frampton Road
Bridgwater
Somerset
TA6 6ER
Email: jsinkins@hotmail.com
Phone: 07879 061478
Response Times:
General enquiries: 1-2 business days
Data subject requests: Within one month
Complaints: I'll acknowledge within 24-48 hours
​
---
This Privacy Notice complies with:
- UK General Data Protection Regulation (UK GDPR)
- Data Protection Act 2018
- Privacy and Electronic Communications Regulations (PECR)
- Professional standards for nutritional therapy
Thank you for trusting NetGain Nutrition with your health information. Your privacy matters to me, and I'm committed to keeping your data safe while providing you with the best possible nutritional care.