Legal
Privacy Policy
Last updated: April 2026
This policy explains how Sharon Dawson ANP collects, uses, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Who we are
This website is operated by Sharon Dawson, Advanced Nurse Practitioner, trading as Sharon Dawson ANP. The data controller is Sharon Dawson, contactable at sharon@sharondawson.org.
Sharon Dawson ANP is registered with the Information Commissioner's Office (ICO) as required under UK data protection law.
What data we collect
We collect personal data only when you voluntarily provide it. This may include:
- Your name and email address when you contact us via email or enquiry
- Your name, email address, and organisation name when you book a call via Google Calendar
- Information you include in the body of your enquiry or booking notes
- Basic analytics data about how visitors use this website (pages visited, time on site) — this data is anonymised and does not identify individuals
We do not collect sensitive personal data (such as health information) through this website.
How we use your data
We use your personal data solely for the following purposes:
- To respond to your professional enquiry
- To schedule and manage booked calls
- To fulfil any contracted consultancy, training, or advisory services
- To comply with legal and professional obligations
We do not use your personal data for marketing purposes without your explicit consent. We do not sell, rent, or share your personal data with third parties for commercial purposes.
Legal basis for processing
We process your personal data on the following legal bases under UK GDPR:
- Legitimate interests — responding to professional enquiries and managing business relationships
- Contract performance — where data is necessary to deliver agreed services
- Legal obligation — where processing is required to comply with professional or regulatory requirements
Third-party services
This website uses the following third-party services which may process limited personal data:
- Google Calendar — for booking calls. Booking data is governed by Google's Privacy Policy.
- Netlify — for website hosting. Netlify may collect basic server logs. See Netlify's Privacy Policy.
- Zoho Mail — for email communication. Email data is processed by Zoho EU servers in accordance with UK GDPR.
How long we keep your data
- Enquiry correspondence is retained for 12 months, then deleted unless a contract has been entered into
- Contract-related records are retained for 7 years in line with HMRC requirements
- Booking data is retained for 6 months after the date of the call
Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (subject to legal retention requirements)
- Object to or restrict processing of your data
- Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk
To exercise any of these rights, contact sharon@sharondawson.org. We will respond within 30 days.
Data security
We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. All email communication is handled via encrypted EU-based servers.
Changes to this policy
We may update this policy periodically. The date at the top of this page will reflect the most recent update. Continued use of this website constitutes acceptance of the current policy.
Contact
For any data protection queries: sharon@sharondawson.org