Eligibility

Privacy Policy

Last updated: 01 August 2025
Guardia Therapeutics Ltd trading as LeafEase (“we” or “us”) is committed to protecting and respecting your privacy. This policy, together with our website terms of use and any other documents referred to in it, explains how we collect, use, and protect your personal data when you interact with us, whether online, over the phone, by email, or during a consultation. By visiting www.leafease.co.uk or using our services, you are accepting and consenting to the practices described in this policy. For the purposes of the Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and other applicable legislation, the data controller is:

Guardia Therapeutics Ltd trading as LeafEase

Suite 5a, 2nd Floor 1-9 Castle Street, Hinckley, United Kingdom, LE10 1DA
Company Number: 15695083
ICO Registration Number: 00011048139

Please note: Links from our website may take you to third-party websites. These are not covered by this privacy policy, and we recommend you review their own privacy statements before submitting personal information.

Information We Collect From You

Personal data refers to any information about an individual from which they can be identified. This does not include anonymous data.
We may collect and process the following information:

Information you provide directly

  • Name, postal address, email address, and phone number
  • Date of birth, gender, and relevant demographic details
  • Payment details (where applicable)
  • Information relating to your health, medical history, diagnosis, and treatment plans (special category data)
  • GP surgery information and NHS number (for coordinated care)
  • Identification documents where required for compliance purposes

Special category data

During your consultation and through medical screening forms, we may collect health-related information including medical history, current symptoms, prescriptions, and other details necessary for medical assessment and care.

Information we collect automatically

When you visit our website, we may collect:

  • IP address, browser type, and device information
  • Date and time of visits, pages viewed, and navigation patterns
  • Cookie data to improve site performance and personalise your experience

Information from other sources

We may receive data from:

  • Your GP or other healthcare professionals
  • NHS Personal Demographic Service (to confirm your NHS number)
  • Trusted service providers, such as payment processors, delivery companies, or technical partners

How We Use Personal Information

We use your personal data only when it is necessary to provide safe, effective, and compliant healthcare services. This may include: 

  • Formulating, planning, and delivering treatment and care that is tailored to each patient’s medical needs and personal circumstances.
  • Communicating with you by mail, email, phone, or text for purposes such as:

         a. Confirming and organising consultations or follow-up appointments
         b. Maintaining contact between scheduled sessions where needed
         c. Sending treatment summaries, reports, and care plans
         d. Coordinating with other healthcare professionals involved in your treatment
         e. Providing relevant resources, prescriptions, or invoices

  • Conducting clinical audits to review, evaluate, and improve our services. All audit results are anonymised to protect your identity.
  • Carrying out administrative and operational tasks, such as securely storing patient records in our encrypted, password-protected databases.
  • Storing certain information in secure third-party systems used for clinical, administrative, and operational purposes (such as practice management platforms, encrypted cloud storage, and secure communication tools). All such systems are subject to strict privacy and access controls, and any personal identifiers are removed when they are no longer necessary.

We process your personal data in accordance with the UK GDPR, Data Protection Act 2018, and all relevant healthcare regulations, ensuring that your information is handled with the highest standards of confidentiality and security. 

Cookies

Our site uses cookies to:

  • Operate secure areas and process orders (strictly necessary cookies)
  • Analyse site traffic and improve user experience (performance cookies)
  • Remember your preferences (functionality cookies)
  • Deliver relevant marketing (targeting cookies, where consent is given)

You can manage cookie settings via your browser, but please note that disabling cookies may affect site functionality.

Sharing Your Information

We will only share your personal information when it is necessary to provide our services, meet our legal obligations, or improve patient care.

We may disclose your information to:

 

  • Healthcare professionals collaborating in your care and treatment
  • External partners responsible for processing payments or handling financial transactions

     

We may also engage trusted third-party entities and individuals for purposes such as:

  • Enhancing and developing our services
  • Delivering services on our behalf
  • Carrying out administrative or operational tasks related to your care
  • Supporting us in evaluating and improving the use and performance of our services

     

These third parties will only have access to the personal information required to perform their specific duties. They are contractually bound to maintain the confidentiality of your data, use it solely for the agreed purpose, and comply with all applicable data protection laws.

We do not sell your personal data to any third party.

Data Retention

We will keep your records for as long as required under UK healthcare regulations, typically six years from the end of your treatment, unless a longer retention period is required by law. 

Non-medical data used for marketing or analytics will be retained only for as long as necessary for the purposes collected and will then be securely deleted or anonymised.

Data Security

We use a combination of technical, organisational, and administrative measures to protect your personal data, including:

  • Encrypted data storage and secure servers
  • Role-based access controls for staff
  • Regular system audits and penetration testing
  • Staff training in data protection and confidentiality

While we take every reasonable step to protect your information, transmission over the internet carries inherent risks, and we cannot guarantee absolute security.

Your Rights

Under data protection law, you have the right to:

  • Access the personal data we hold about you
  • Request corrections to inaccurate or incomplete data
  • Request deletion of your data in certain circumstances
  • Object to or restrict processing
  • Request transfer of your data to another provider
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at dataprotection@leafease.co.uk We will respond within one month.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be published on this page, and where appropriate, notified to you by email. 

Contact Us

If you have any questions about this policy or wish to make a complaint, please contact:

Data Protection Officer
 Guardia Therapeutics Ltd trading as LeafEase
 Email: dataprotection@leafease.co.uk

If you are not satisfied with our response, you may contact the ICO:
 Information Commissioner’s Office
 Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
 Helpline: 0303 123 1113
 www.ico.org.uk