Home
About Contact

Privacy Policy

 

 

This privacy notice tells you what to expect us to do with your personal information when you use drnicolasutton.com, purchase a digital product, book a session, or sign up for our mailing list.

 

  1. Contact details

Dr Nicola Sutton

[email protected]

drnicolasutton.com

 

  1. What information we collect, use, and why

 

Digital product purchases

When you purchase a digital product (such as the Shout Less Toolkit) or sign up for a free resource (such as the 7-Day Yell Less Reset), we collect:

  • Your name and email address
  • Payment details for paid products — processed securely through Kajabi's checkout system. We do not store your card details directly.

This information is used to deliver the product, send access details and transactional emails, and manage your account on the Kajabi platform.

 

1:1 session bookings

When you book a Reset Session or Break the Loop programme, we collect:

  • Your name and email address
  • Your responses to the session prep form, which is used to prepare for our sessions together
  • Payment details, processed securely through our booking system

This information is used to confirm your booking, prepare for and deliver your sessions, send booking-related communications, and manage payment.

 

Email marketing

When you sign up for our mailing list — either directly or as part of a product sign-up — we collect your name and email address. This is used to send you educational content, updates, and occasional offers relevant to your interests. All marketing emails include an unsubscribe link. You can opt out at any time.

 

Contact form enquiries

When you submit an enquiry through our contact form, we collect your name, email address, and the details of your message. This information is used solely to respond to your enquiry.

 

Website usage

When you visit drnicolasutton.com, we collect standard website usage data including IP addresses and browsing behaviour through cookies and tracking tools. This is used to understand how visitors use the site and to measure the effectiveness of our advertising. Please see our Cookie Policy for full details.

 

Meta advertising

We use the Meta Pixel on this website to measure the effectiveness of our advertising on Facebook and Instagram. This tool collects data about your visit to our site and may connect it with your activity on Meta platforms. This data is processed by Meta Platforms Ireland Ltd in accordance with their data policy. You can manage your ad preferences through your Meta account settings.

 

  1. Lawful bases and data protection rights

Under UK data protection law, we must have a lawful basis for collecting and using your personal information. You can find out more about lawful bases on the ICO's website at ico.org.uk.

 

Contract

We rely on contract as our lawful basis for processing personal information when you purchase a digital product or book a session. Processing your name, email address, and payment details is necessary to fulfil our obligations to you as a customer.

 

Consent

We rely on consent as our lawful basis for sending marketing emails. You give consent when you sign up for our mailing list or tick the marketing opt-in at checkout. You can withdraw your consent at any time by clicking the unsubscribe link in any email or by contacting us at [email protected].

 

Legitimate interests

We rely on legitimate interests as our lawful basis for:

  • Website analytics — understanding how visitors use our site so we can improve it
  • Advertising measurement — using the Meta Pixel to understand which ads bring people to our site
  • Responding to enquiries — processing contact form submissions to provide a helpful response
  • Safeguarding — in rare circumstances where there is a serious risk of harm to you or others, we may need to share information with the appropriate authority regardless of consent. This is consistent with Dr Nicola Sutton's professional obligations. We will always aim to discuss any such disclosure with you first unless doing so would increase the risk of harm.

Where we rely on legitimate interests, you have the right to object to our processing. We will consider your objection and stop processing unless we have compelling legitimate grounds to continue.

 

Your data protection rights

Depending on the lawful basis we rely on, you have the following rights:

  • Right of access — you can ask us for copies of your personal information
  • Right to rectification — you can ask us to correct or delete information you think is inaccurate or incomplete
  • Right to erasure — you can ask us to delete your personal information
  • Right to restriction of processing — you can ask us to limit how we use your personal information
  • Right to object to processing — you can object to our processing of your personal data
  • Right to data portability — you can ask us to transfer your personal information to another organisation or to you
  • Right to withdraw consent — where we rely on consent, you can withdraw it at any time

To make a data protection rights request, please contact us at [email protected]. We will respond within one month.

 

  1. Where we get personal information from

We collect personal information directly from you when you:

  • Purchase a digital product or sign up for a free resource
  • Book a session and complete the prep form
  • Sign up for our mailing list
  • Submit an enquiry through our contact form
  • Visit our website

 

  1. How long we keep information

 

We retain personal information for different periods depending on the type of data and the purpose for which it was collected:

  • Digital product customer data — retained for as long as you have an active account or subscription, and deleted within 30 days of an account deletion or unsubscribe request, unless there is a legal obligation to retain it
  • Session booking data and prep form responses — retained for seven years from the date of last contact, in line with standard professional practice, after which they are securely deleted
  • Financial and payment records — retained for a minimum of six years as required by HMRC
  • Marketing and mailing list data — retained until you unsubscribe or request deletion, and deleted within 30 days of that request
  • Contact form enquiries that do not lead to a purchase or booking — deleted within 12 months
  • Website analytics and advertising data — retained in accordance with the data policies of the relevant platforms (Kajabi and Meta)

When the relevant retention period expires, personal data is securely deleted or anonymised.

 

  1. Who we share information with

 

Third party platforms

We use the following third party platforms to operate our business. Each processes your personal data only as necessary to provide their service:

  • Kajabi — our website, product delivery, and email marketing platform. Kajabi processes your name, email address, purchase history, and course access data. Kajabi's privacy policy is available at kajabi.com/policies/privacy
  • Meta Platforms Ireland Ltd — we use the Meta Pixel to measure advertising effectiveness. Meta's data policy is available at facebook.com/privacy/policy
  • Microsoft Bookings — used to manage session bookings. Microsoft's privacy statement is available at privacy.microsoft.com
  • Asana — used to store and manage session prep form responses securely. Asana's privacy policy is available at asana.com/terms/privacy

 

Legal and safeguarding disclosures

We may share personal information with third parties where required by law, by a court order, or where there is a serious risk of harm to you or others. In such circumstances we will share only the minimum information necessary and only with the relevant authority. We will aim to discuss any such disclosure with you first unless doing so would increase the risk of harm.

 

What we never do

We never sell your personal data to any third party. We never share your personal data with third parties for their marketing purposes.

 

  1. Cookies

Our website uses cookies and similar tracking technologies. These include cookies necessary to operate the site, cookies that help us understand how visitors use the site, and advertising cookies including the Meta Pixel. You can manage your cookie preferences through our cookie banner when you first visit the site. For full details please see our Cookie Policy.

 

  1. International data transfers

Some of the third party platforms we use — including Kajabi and Meta — may process your data outside the UK or European Economic Area. Where this is the case, we ensure that appropriate safeguards are in place in accordance with UK data protection law. You can find out more about the safeguards each platform uses in their respective privacy policies.

 

  1. How to complain

If you have any concerns about our use of your personal data, please contact us first at [email protected] and we will do our best to resolve the matter.

If you remain unhappy after raising a complaint with us, you have the right to complain to the Information Commissioner's Office (ICO):

 

Information Commissioner's Office

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Helpline: 0303 123 1113

Website: ico.org.uk/make-a-complaint

 

  1. Changes to this policy

We may update this privacy policy from time to time. Any changes will be posted on this page with the date updated. We encourage you to review this policy periodically.