hashimotoally.co.uk

Privacy Policy

Last updated: June 2025

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, and other applicable privacy laws.

1. Data Controller Information

Data Controller: Hashimoto Ally
Website: hashimotoally.co.uk
Contact: info@hashimotoally.co.uk
DPO Contact: info@hashimotoally.co.uk

2. Important Notice About Medical Information

CRITICAL: This website provides general health information only and does not collect, store, or process personal medical records or diagnostic information. We are NOT a healthcare provider, and this privacy policy does not cover doctor-patient confidentiality or medical record privacy laws.

3. Legal Basis for Processing

We process personal data under the following legal bases:

  • Consent (Article 6(1)(a) UK GDPR) – for newsletters, cookies, and marketing
  • Legitimate Interests (Article 6(1)(f) UK GDPR) – for website analytics and security
  • Legal Obligation (Article 6(1)(c) UK GDPR) – for regulatory compliance
  • Contract (Article 6(1)(b) UK GDPR) – where applicable for services

4. Information We Collect

4.1 Personal Information You Provide

  • Contact Details: Name, email address, postal address (when provided)
  • Communication Data: Messages sent through contact forms, comments, or emails
  • Newsletter Subscriptions: Email address and communication preferences
  • Survey/Feedback Data: Responses to surveys or feedback forms
  • Account Information: If user accounts are created (username, password, preferences)

4.2 Health-Related Information

IMPORTANT: We do NOT collect:

  • Personal medical records or test results
  • Specific diagnostic information
  • Treatment plans or medication details
  • Information that could identify specific health conditions

We MAY collect:

  • General feedback about website content usefulness
  • Non-identifying information about topics of interest
  • Anonymized survey responses about general health experiences

4.3 Automatically Collected Data

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, time spent, click patterns, referral sources
  • Cookies and Tracking: As detailed in our Cookie Policy
  • Security Data: Access logs for security monitoring

5. How We Use Your Information

5.1 Primary Purposes

  • Content Delivery: Providing health information and educational resources
  • Communication: Responding to inquiries and sending requested updates
  • Website Improvement: Analyzing usage to enhance user experience
  • Security: Protecting against fraud, abuse, and security threats
  • Legal Compliance: Meeting regulatory and legal obligations

5.2 Marketing and Communications

  • Newsletters: Only with explicit consent, with easy unsubscribe options
  • Educational Updates: Information about Hashimoto’s and related health topics
  • Website Updates: Notifications about new content or features

6. Sensitive Data Protection

Given our focus on health information:

  • No Medical Records: We do not collect personal medical information
  • Anonymization: Any health-related feedback is anonymized
  • Special Category Data: Any inadvertently collected special category data is immediately deleted
  • Third-Party Links: We are not responsible for health data collected by linked sites

7. Information Sharing and Disclosure

7.1 We DO NOT:

  • Sell or rent personal information to third parties
  • Share identifiable health information
  • Provide data to marketing companies or data brokers
  • Transfer data outside the UK/EEA without adequate safeguards

7.2 We MAY share data with:

  • Service Providers: Email platforms, hosting providers, analytics services (under strict data processing agreements)
  • Legal Authorities: When required by law or to protect legal rights
  • Business Transfers: In case of merger, acquisition, or asset sale (with notice)
  • Consent-Based Sharing: With your explicit permission

8. International Data Transfers

  • Primary Storage: Data stored within the UK/EEA
  • Third-Party Services: Some processors may be outside UK/EEA with adequate safeguards
  • Safeguards: Standard Contractual Clauses or adequacy decisions ensure protection

9. Data Retention

  • Account Data: Retained while account is active plus 3 years after closure
  • Communication Records: 7 years for legal compliance
  • Website Analytics: 26 months maximum
  • Marketing Consents: Until withdrawn or 3 years of inactivity
  • Legal Records: As required by applicable law

10. Data Security

10.1 Technical Measures

  • Encryption: Data encrypted in transit (SSL/TLS) and at rest
  • Access Controls: Limited access on need-to-know basis
  • Regular Backups: Secure backup procedures with encryption
  • Security Monitoring: Continuous monitoring for unauthorized access

10.2 Organizational Measures

  • Staff Training: Regular privacy and security training
  • Data Processing Agreements: Contracts with all third-party processors
  • Incident Response: Procedures for data breaches and security incidents
  • Regular Audits: Privacy and security assessments

11. Your Rights Under UK GDPR

11.1 Individual Rights

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (“right to be forgotten”)
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in portable format
  • Right to Object: Object to processing based on legitimate interests
  • Rights Related to Automated Decision-Making: Protection from automated decisions

11.2 Exercising Your Rights

  • Contact Method: Email [privacy@hashimotoally.co.uk]
  • Response Time: Within 30 days (may extend to 60 days for complex requests)
  • Identity Verification: May require proof of identity for security
  • No Fee: Most requests processed free of charge

12. Cookies and Tracking Technologies

Detailed information available in our Cookie Policy. Summary:

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: Google Analytics and similar (with anonymization)
  • Preference Cookies: Remember your settings and choices
  • Marketing Cookies: Only with explicit consent

13. Children’s Privacy

  • Age Restriction: Website not intended for users under 16
  • Parental Consent: Required for users under 16
  • Data Deletion: Immediate deletion if we learn data is from child under 16
  • Educational Content: Health information suitable for mature audiences

14. Third-Party Links and Services

  • External Links: Not responsible for privacy practices of linked websites
  • Social Media: Separate privacy policies apply
  • Embedded Content: Third-party embeds may collect data independently
  • Recommendation: Review third-party privacy policies before sharing data

15. Data Breach Notification

  • ICO Notification: Reportable breaches notified within 72 hours
  • User Notification: Direct notification if high risk to your rights
  • Incident Response: Immediate containment and investigation procedures

16. Complaints and Disputes

16.1 Internal Complaints

  • Contact: [privacy@hashimotoally.co.uk]
  • Response: Acknowledgment within 5 business days
  • Resolution: Investigation and response within 30 days

16.2 Regulatory Complaints

  • UK ICO: Information Commissioner’s Office
  • Website: ico.org.uk
  • Phone: 0303 123 1113
  • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

17. Changes to This Privacy Policy

  • Update Notification: Email notification for material changes
  • Website Notice: Prominent notice on website for 30 days
  • Version Control: Previous versions available upon request
  • Effective Date: Changes effective from date of publication

18. Contact Information

Data Protection Inquiries:

  • Email: info@hashimotoally.co.uk
  • General Contact: info@hashimotoally.co.uk

Response Times:

  • General inquiries: 5 business days
  • Data subject requests: 30 days
  • Urgent privacy matters: 24-48 hours

Terms and Conditions

Last updated: June 2025

Acceptance of Terms

By accessing and using hashimotoally.co.uk, you accept and agree to be bound by these Terms and Conditions.

Use of Website

Permitted Use:

  • Personal, non-commercial use of website content
  • Sharing content with proper attribution

Prohibited Use:

  • Commercial use without permission
  • Reproducing content without attribution
  • Attempting to harm or disrupt the website
  • Using the site for illegal purposes

Intellectual Property

All content on this website, including text, images, logos, and design elements, is owned by Hashimoto Ally or licensed for use. Unauthorized use is prohibited.

User-Generated Content

If you submit comments or other content:

  • You grant us a non-exclusive license to use such content
  • You are responsible for the accuracy and legality of your submissions
  • We reserve the right to remove inappropriate content

Limitation of Liability

To the fullest extent permitted by law, Hashimoto Ally shall not be liable for any indirect, incidental, special, or consequential damages arising from your use of this website.

Governing Law

These terms are governed by the laws of England and Wales.

Changes to Terms

We reserve the right to modify these terms at any time. Changes will be effective immediately upon posting.

Medical Disclaimer

IMPORTANT: Please read this disclaimer carefully before using this website.

Not Medical Advice

The information provided on hashimotoally.co.uk is for educational and informational purposes only. It is not intended as medical advice, diagnosis, or treatment recommendations.

Consult Healthcare Professionals

Always consult with qualified healthcare professionals before:

  • Making decisions about your health
  • Starting, stopping, or changing medications
  • Beginning new treatments or therapies
  • Interpreting symptoms or test results

Personal Experience Sharing

Content on this website may include personal experiences with Hashimoto’s thyroiditis and related conditions. These experiences:

  • Are individual and may not apply to everyone
  • Should not be considered universal medical advice
  • Are not endorsements of specific treatments
  • Cannot replace professional medical guidance

No Doctor-Patient Relationship

Using this website does not create a doctor-patient relationship between you and the website owner or any contributors.

Individual Responsibility

You are responsible for:

  • Discussing website information with your healthcare team
  • Making informed decisions about your health
  • Seeking immediate medical attention for emergencies
  • Verifying information with reliable medical sources

Thyroid and Autoimmune Conditions

Hashimoto’s thyroiditis and related autoimmune conditions:

  • Require ongoing medical supervision
  • Can have serious complications if untreated
  • May interact with other health conditions
  • Need individualized treatment approaches

Emergency Situations

If you experience a medical emergency, call your local emergency services immediately. Do not rely on website information for emergency medical situations.

Accuracy Disclaimer

While we strive for accuracy, medical information changes rapidly. Always verify information with current medical literature and your healthcare providers.

Cookie Policy

Last updated: June 2025

What Are Cookies

Cookies are small text files stored on your device when you visit our website. They help us provide you with a better browsing experience.

Types of Cookies We Use

Essential Cookies:

  • Required for basic website functionality
  • Cannot be disabled without affecting site performance

Analytics Cookies:

  • Help us understand how visitors use our site
  • Provide insights for website improvements
  • May include Google Analytics or similar services

Preference Cookies:

  • Remember your settings and preferences
  • Enhance your user experience

Managing Cookies

You can control cookies through:

  • Your browser settings
  • Cookie preference tools on our website
  • Third-party opt-out mechanisms

Third-Party Cookies

Our website may include content from third parties (such as social media widgets or embedded videos) that may set their own cookies.

Updates to Cookie Policy

We may update this policy to reflect changes in our cookie usage or legal requirements.

Accessibility Statement

Last updated: June 2025

Our Commitment

Hashimoto Ally is committed to ensuring digital accessibility for people with disabilities. We continually improve the user experience for everyone and apply relevant accessibility standards.

Conformance Status

We aim to conform to the Web Content Accessibility Guidelines (WCAG) 2.1 Level AA standards.

Accessibility Features

Our website includes:

  • Alt text for images
  • Keyboard navigation support
  • Clear heading structure
  • Sufficient color contrast
  • Readable fonts and sizing

Known Issues

We are aware of some accessibility limitations and are working to address them, including:

  • [List any known accessibility issues]

Feedback

We welcome feedback on the accessibility of our website. Please contact us at [accessibility@hashimotoally.co.uk] with:

  • Accessibility barriers you encounter
  • Suggestions for improvement

Alternative Access

If you cannot access content on our website, please contact us for alternative formats or assistance.

Contact Information

For any questions regarding these legal pages, please contact:

Hashimoto Ally Email: info@hashimotoally.co.uk

Website: hashimotoally.co.uk

These legal pages were last reviewed and updated in June 2025. We recommend reviewing them periodically as they may be updated to reflect changes in law or our practices.