Privacy Policy for Morag Brookesbell

Last updated: July 2025

At Morag Brookesbell (“we”, “us”, or “our”), your privacy matters to us.

We’re committed to looking after your personal information with the same care and respect that we bring to our coaching and support services.

This Privacy Policy explains, in clear language, how we collect, use, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

This policy applies to www.moragbrookesbell.com and any associated subdomains or services operated under the Morag Brookesbell brand.

Some services or subdomains may be hosted on third-party platforms (such as client portals, checkout systems, or course hosting providers).

In those cases, their own privacy policies will also apply alongside this one.

1. Who We Are

For data protection purposes, Morag Brookesbell is the Data Controller, this means we decide how and why your personal information is used.

If you have any questions about this policy or how your data is handled, you can contact us at:

Email: [email protected]

2. What Data We Collect

We may collect the following types of personal information:

A. Identity & Contact Data

Full name

Email address

Phone number

Billing or delivery address

B. Technical & Usage Data

IP address, browser type, time zone, device identifiers

Pages visited, links clicked, time spent on site

Referring URLs and page interaction data

C. Special Category Data (Health & Wellness)

Information you choose to share about your physical health, mental wellbeing, or lifestyle goals

Typically collected through forms, questionnaires, consultations, or coaching check-ins

Only collected with your explicit consent and used solely to support your coaching or personal development journey

D. Marketing & Tracking Data

Marketing preferences

Cookie identifiers and pixels (e.g., Meta Pixel, Google Analytics)

3. How We Collect Your Data

We gather data through:

Direct Interactions: Forms, emails, coaching questionnaires, assessments, purchases, or messages you send us

Automated Technologies: Cookies, analytics tools, and tracking pixels

Third-Party Services: CRM systems (e.g., GoHighLevel), payment processors (e.g., Stripe), email tools (e.g., Mailgun), podcast players (e.g., Transistor.fm)

Sensitive health or wellness data is collected only when you provide it voluntarily and is never used for automated decision-making.

4. How We Use Your Data

We use your data to:

Deliver coaching, education, or consulting services

Respond to your questions and support requests

Send service-related updates and marketing (if you’ve opted in)

Process payments and deliver products or resources

Personalise your coaching and track progress

Improve our website and services through analytics

Comply with legal obligations

Special category health data is only ever used for the agreed purpose (e.g., tailoring your coaching) and is not shared outside our work together without your consent.

5. Legal Basis for Processing

Under UK GDPR, we process personal data on the following bases:

Consent – for marketing, cookies, and special category health data

Contract – to fulfil the services or products you’ve purchased

Legal Obligation – where the law requires it

Legitimate Interests – for analytics, service improvement, and security (only where your rights are not overridden)

6. Marketing Communications

We will only send you marketing emails if you’ve explicitly opted in. You can unsubscribe at any time by:

Clicking the “unsubscribe” link in our emails

Contacting us at [email protected]

7. Cookies & Tracking Technologies

We use cookies and similar tools to make your experience smoother and more personalised.

When you first visit our website, you’ll see a cookie banner that lets you:

Accept all cookies

Decline non-essential cookies

Customise your preferences

Types of Cookies We Use:

Essential Cookies – Required for basic site functionality

Analytics Cookies – Help us understand site traffic and usage (e.g., Google Analytics)

Marketing Cookies – Tailor ads and content based on your browsing activity (e.g., Meta Pixel)

You can also control cookies through your browser settings at any time.

8. Sharing Your Data

We never sell your personal data. We only share it with trusted third parties where necessary for delivering our services, including:

Stripe – Secure payment processing

GoHighLevel – Client portal and CRM

Mailgun – Email delivery

Google Analytics – Website analytics

Meta Platforms – Marketing pixel tracking

Transistor.fm – Podcast embedding and playback

All third-party providers are contractually required to keep your data secure and use it only for agreed purposes.

9. International Data Transfers

Some of our providers may process data outside the UK/EEA. Where this happens, we use approved safeguards such as:

Standard Contractual Clauses (SCCs)

UK International Data Transfer Agreements (IDTAs)

Adequacy decisions where applicable

10. Data Retention

We keep your personal data only for as long as necessary to provide services, meet legal requirements, and resolve disputes.

Sensitive personal data will be securely deleted upon your request or after a period of inactivity unless legal requirements mean we must keep it longer.

11. Data Security

We protect your information through:

SSL encryption

Secure storage systems

Restricted internal access based on role

Encrypted databases for sensitive data

Regular access reviews and audits

12. Your Rights

Under the UK GDPR, you have the right to:

Access your data

Correct inaccuracies

Request deletion (“Right to be Forgotten”)

Restrict certain processing

Receive a copy of your data in a portable format

Object to certain uses of your data

Withdraw consent at any time

To exercise these rights, email [email protected]. You can also contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.

13. Do Not Track (DNT)

If your browser has “Do Not Track” enabled, we will automatically block non-essential cookies and trackers.

14. External Links & Embedded Content

Our site may contain embedded content (e.g., podcast players, videos) or links to external sites. We are not responsible for their content or privacy practices and encourage you to review their policies.

15. Where You’ll Find This Policy

This Privacy Policy is linked in:

The footer of every page on our site

All checkout forms and email opt-ins

Client onboarding materials where relevant

16. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be posted here with the updated date at the top. If we make significant changes, we will notify you via email or on our website.

17. Contact Us

If you have any questions, concerns, or requests about this Privacy Policy or how we handle your personal data, you can contact us at:

Morag Brookesbell
Email: [email protected]
Website: www.moragbrookesbell.com