Mums On The Rise

Privacy Policy

This Privacy Policy explains how Naomi Rothwell-Boyd, trading as Mums on the Rise ("I", "me", "my"), collects, uses, shares, and protects your personal data, and what rights you have. It applies to my coaching clients, enquirers, and visitors to www.mumsontherise.co.uk.

I take your privacy seriously, particularly because coaching can involve sensitive information about your health, wellbeing, and personal circumstances. This policy should be read alongside my Coaching Terms and Conditions.

1. Who is responsible for your data

I am the "data controller" for the personal data described in this policy. This means I decide how and why your data is processed.

Contact details
Mums on the Rise (sole trader: Naomi Rothwell-Boyd)
Email: naomi@mumsontherise.co.uk

2. The personal data I collect

Depending on how you interact with me, I may collect:

  • Identity and contact details: your name, email address, telephone number, and postal address.
  • Booking and scheduling information: session dates and times, and information you provide when booking (for example through my booking system).
  • Payment information: records of payments, invoices, and amounts due. Card details are handled by my payment provider; I do not store full card numbers.
  • Coaching information: the goals, issues, reflections, and notes that arise during our work together, including session notes and any materials you share with me.
  • Sensitive ("special category") information: coaching may involve information about your health, mental or emotional wellbeing, family circumstances, or similar. This is treated as special category data and given extra protection (see clause 4).
  • Correspondence: emails and messages between us.
  • Website and technical information: if you use my website, limited technical data such as IP address and usage information, collected through cookies or analytics (see clause 8).

3. How I collect your data

I collect personal data:

  • directly from you — when you enquire, book a discovery call or coaching, complete any intake questionnaire, attend sessions, email me, or make a payment;
  • automatically — through my website (cookies and analytics); and
  • occasionally from third parties — for example my booking or payment systems, which pass me the details you entered.

4. Why I use your data, and my legal basis

Under UK data protection law I must have a "lawful basis" for using your data. Where the data is sensitive (special category) data, I must also meet an additional condition. The sections below explain both.

Providing and managing your coaching

What: arranging and delivering sessions, communicating with you, keeping coaching notes.

Lawful basis: performance of our contract.

Sensitive data condition (where relevant): your explicit consent.

Taking payment and keeping financial records

What: invoicing, processing payment, accounting, and tax.

Lawful basis: performance of our contract, and compliance with my legal obligations (for example tax law).

Responding to enquiries

What: dealing with questions before you become a client.

Lawful basis: my legitimate interest in responding to potential clients, or taking steps to enter into a contract.

Marketing (only where you have agreed)

What: sending you updates, offers, or newsletters.

Lawful basis: your consent. You can withdraw it at any time (see clause 10).

Keeping my business safe and meeting legal duties

What: keeping records to deal with complaints, establish or defend legal claims, liaise with my insurer, and meet safeguarding or legal obligations.

Lawful basis: my legitimate interests, and compliance with legal obligations.

Sensitive data condition (where relevant): establishing, exercising, or defending legal claims; or protecting someone's vital interests in a safeguarding situation.

Website operation and security

What: running and protecting my website.

Lawful basis: my legitimate interests in a secure, functioning website.

Where I rely on consent, you are free to refuse or withdraw it, and I will explain any consequence.

5. Who I share your data with

I do not sell your data. I share it only where necessary, with:

  • Service providers ("processors") who help me run my practice, each bound by appropriate data-protection terms — for example Calendly (booking and scheduling) and Google (email and file storage).
  • My accountant, for tax and financial record-keeping.
  • My coaching supervisor and/or professional insurer, in confidence, where needed for professional practice or to handle a claim. Where possible this is anonymised.
  • Authorities or other third parties, where I am required or permitted to disclose information by law, or in a safeguarding situation as described in my Terms and clause 4 above.

6. Sending data outside the UK

Some of my providers may store or process data outside the UK (for example in the EU or the United States). Where data is transferred outside the UK, I take steps to ensure it is protected to UK standards — for example by relying on UK "adequacy" arrangements, the International Data Transfer Agreement, or the UK Extension to the EU–US Data Privacy Framework, together with a transfer risk assessment where appropriate.

7. How long I keep your data

I keep personal data only for as long as necessary:

  • Coaching notes and related records: kept for the duration of our relationship and then for up to 5 years, reflecting the period during which a legal claim could be brought, after which they are securely deleted.
  • Financial and tax records: kept for at least the period required by HMRC.
  • Marketing data: kept until you withdraw consent or ask me to stop.

8. Cookies and website analytics

My website may use cookies and similar technologies to function and to understand how visitors use it. You can control cookies through your browser settings, and where required I will ask for your consent to non-essential cookies.

9. How I keep your data secure

I take appropriate technical and organisational measures to protect your data, including secure storage, access controls, strong passwords, and using reputable providers. No system is completely secure, but I work to protect your information and to deal promptly with any data breach, including notifying the ICO and affected individuals where the law requires.

10. Your rights

Under UK data protection law you have the right to:

  • be informed about how your data is used (this policy);
  • access a copy of the personal data I hold about you;
  • rectification — to have inaccurate data corrected;
  • erasure — to ask me to delete your data in certain circumstances;
  • restrict or object to certain processing;
  • data portability — to receive certain data in a usable format;
  • withdraw consent at any time, where I rely on consent; and
  • complain to the ICO (see clause 12).

To exercise any of these rights, contact me at naomi@mumsontherise.co.uk. I will respond within one month. There is normally no charge, and I may need to verify your identity first.

11. Children

My coaching services are for adults (18 and over). I do not knowingly collect data about children through my services.

12. Complaints

If you have any concern about how I handle your data, please contact me first at naomi@mumsontherise.co.uk so I can try to put it right.

You also have the right to complain to the Information Commissioner's Office (ICO):
Website: www.ico.org.uk
Helpline: 0303 123 1113

13. Changes to this policy

I may update this policy from time to time. The version in force is the one published here. Significant changes affecting current clients will be notified to you directly.

This Privacy Policy is provided for use on the Mums on the Rise website and should be read alongside the Mums on the Rise Coaching Terms and Conditions.