Privacy Policy

Last updated: 08/08/2025

1. Who We Are

WWC Services Ltd. (trading as Holorise)
45A Lavender Gardens, London, SW11 1DJ, United Kingdom
Company Registration: [Number]
ICO Registration: [Number]

Data Protection Contact:
cap.codron@holorise.co
07999 405025

We provide coaching and Rapid Transformational Therapy (RTT) services to clients worldwide.

2. Information We Collect

Information You Provide

  • Identity Data: Name, date of birth, gender

  • Contact Data: Address, email, telephone numbers

  • Health Data: Medical history, medications, mental health information relevant to our services

  • Session Data: Notes, goals, progress records, homework assignments

  • Financial Data: Payment information, billing history

  • Communications: Emails, messages, appointment bookings

  • Emergency Contacts: Next of kin details

Information We Collect Automatically

  • Technical Data: IP address, browser type, device information

  • Usage Data: How you use our website and client portal

  • Cookies: See our Cookie Policy for details

Information From Third Parties

  • Booking Systems: Data from SimplyMeet when you book appointments

  • Payment Processors: Transaction confirmations (not full card details)

  • Professional Referrals: Information from referring practitioners (with your consent)

3. How We Use Your Information

We only use your personal data when the law allows us to. Most commonly, we use it where:

To Deliver Our Services (Contractual Necessity)

  • Provide coaching and RTT sessions

  • Manage appointments and communications

  • Create personalized transformation recordings

  • Track your progress and session history

  • Process payments

To Meet Legal Obligations (Legal Requirement)

  • Maintain records for professional insurance (7 years)

  • Comply with safeguarding requirements

  • Respond to legal requests or court orders

  • Meet tax and accounting obligations

For Our Legitimate Interests

  • Improve our services through anonymized analysis

  • Ensure network and information security

  • Manage our business operations

  • Provide client support between sessions

With Your Consent

  • Send marketing communications

  • Share testimonials or case studies

  • Use cookies (except strictly necessary ones)

  • Process special category data (health information)

4. Sharing Your Information

We keep your information confidential and only share it when necessary:

Service Providers (Data Processors)

All providers are contractually required to protect your data:

  • CoachAccountable: Client portal and session management

  • SimplyMeet: Appointment scheduling

  • HubSpot: Customer relationship management

  • Stripe/Wise: Payment processing

  • Microsoft 365: Secure document storage

  • MailerLite: Marketing emails (only if you've opted in)

Professional Requirements

  • Supervision: Discussed anonymously with professional supervisors

  • Insurance: If required for claims or compliance

  • Professional Bodies: If required by IICT or other regulatory bodies

Legal Requirements

We may disclose information if required by law or where:

  • There's risk of harm to you or others

  • We're legally compelled by court order

  • There are safeguarding concerns

  • It's necessary to protect our legal rights

We never sell your personal data.

5. International Transfers

Some service providers operate outside the UK/EEA. Where transfers occur, we ensure appropriate safeguards:

  • Standard Contractual Clauses

  • Adequacy decisions

  • Your explicit consent where required

Specific international processors:

  • CoachAccountable (USA)

  • HubSpot (USA)

  • MailerLite (USA)

  • Stripe (USA)

6. Data Security

We implement appropriate technical and organizational measures:

  • Encryption for data in transit and at rest

  • Password protection and two-factor authentication

  • Limited access on need-to-know basis

  • Regular security reviews and updates

  • Secure disposal procedures

  • Staff training on data protection

Physical records are stored in a locked fire-safe at our premises.

7. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request a copy of your personal data

  • Rectification: Correct inaccurate information

  • Erasure: Request deletion (subject to legal retention requirements)

  • Restriction: Limit how we process your data

  • Portability: Receive your data in a machine-readable format

  • Object: Oppose certain types of processing

  • Withdraw Consent: At any time for consent-based processing

To exercise any right, email cap.codron@holorise.co. We'll respond within 30 days.

8. Data Retention

We keep your information only as long as necessary:

  • Client Records: 7 years from last contact (insurance requirement)

  • Financial Records: 7 years (HMRC requirement)

  • Session Recordings: 7 years unless you request earlier deletion

  • Marketing Data: Until you unsubscribe

  • Website Analytics: Maximum 2 years

  • Consent Records: 7 years from consent date

9. Special Category Data

Health information is "special category data" requiring extra protection. We process this data based on:

  • Your explicit consent (primary basis)

  • Provision of health services by health professionals

  • Vital interests (emergency situations only)

You can withdraw consent for health data processing, though this may affect our ability to provide services safely.

10. Automated Decision Making

We use AI tools (like Claude and ChatGPT) to support our practice through:

  • Session note organization

  • Pattern analysis for your benefit

  • Administrative efficiency

Important: All data is fully anonymized before any AI processing. No identifiable information is ever shared with AI systems.

We don't use automated decision-making that produces legal or similarly significant effects.

11. Children's Privacy

Our services are for adults aged 18 and over. We don't knowingly collect data from children under 18.

12. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. We'll notify you of material changes via:

  • Email notification

  • Website notice

  • Discussion at your next session

13. Complaints

If you're concerned about how we handle your data:

  1. Contact us first: cap.codron@holorise.co

  2. Professional body: International Institute for Complementary Therapists (IICT)

  3. Supervisory authority: Information Commissioner's Office (ICO)

    • Website: ico.org.uk

    • Phone: 0303 123 1113

14. Cookie Policy

For information about cookies and similar technologies, see our separate [Cookie Policy].

15. Contact Us

For any privacy-related questions:

Email: cap.codron@holorise.co
Phone: 07999 405025
Post: WWC Services Ltd. (trading as Holorise), 45A Lavender Gardens, London, SW11 1DJ