top of page
  • Youtube
  • TikTok
  • Instagram
  • LinkedIn

Privacy Policy - Halima Henke


Last updated: 14 January 2026


1. Introduction
This Privacy Policy explains how I collect, use, store, and protect personal data when you:

  • visit my website,

  • purchase digital products, or

  • engage with my services, including one-to-one online sessions.

It applies to:

  • visitors to my website,

  • individuals who contact me or purchase ebooks or other digital content, and

  • clients who book and participate in one-to-one online sessions.

This Privacy Policy is provided in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where relevant, the EU General Data Protection Regulation (EU GDPR).

2. Who I Am
I am the data controller for the personal data described in this Privacy Policy.
Name / Trading name: Halima Henke Legal status: Sole trader Country of operation: United Kingdom
If you have any questions about this Privacy Policy or how your personal data is handled, you can contact me at:
Email: contact@halimahenke.com
I do not have a statutory requirement to appoint a Data Protection Officer.


3. What Personal Data I Collect

The personal data I collect depends on how you interact with me and my services.
a) Website visitors and enquiries
When you visit my website or contact me, I may collect:

  • your name and email address,

  • the content of your message or enquiry, and

  • technical information such as IP address, browser type, and basic usage data.

b) Purchases and payments

  • When you purchase ebooks or other digital products, I may collect:

  • your name and email address,

  • purchase and transaction details, and

  • billing-related information.

  • Payment card details are processed securely by third-party payment providers and are not stored by me.

c) One-to-one online sessions

When you book and participate in one-to-one sessions, I may collect:​

  • your name and contact details,

  • booking and scheduling information, and

  • communications relating to sessions.

I do not collect personal data that is not relevant to providing the services.

4. Special Category Data
In the context of one-to-one online sessions, you may choose to share information relating to your health, emotional wellbeing, or personal circumstances.
This information is considered special category personal data under data protection law. It is shared voluntarily and processed only for the purpose of providing the agreed services.
Special category data is handled with a higher level of confidentiality and appropriate safeguards and is processed only where a lawful basis applies, including your explicit consent, as described further in this Privacy Policy.
You are not required to share any information that you do not wish to disclose.

5. How and Why I Use Your Personal Data
I use personal data only where it is necessary and proportionate and only for clear and legitimate purposes, including:
a) Providing services

  • delivering one-to-one online sessions,

  • communicating with you in relation to those services, and

  • managing session-related administration.

b) Managing bookings and payments

  • processing bookings and purchases,

  • managing payments and refunds where applicable, and

  • maintaining appropriate business and financial records.

c) Communicating with you

  • responding to enquiries,

  • sending service-related communications such as confirmations or practical information, and

  • communicating about matters directly related to services you have requested.

I do not send marketing communications unless you have specifically opted in.
d) Legal and regulatory obligations

  • complying with applicable legal, tax, or regulatory requirements, including record-keeping obligations.

e) Improving and protecting my services

  • maintaining the security and integrity of my website and systems,

  • understanding how my website and services are used at a general level, and

  • improving the quality and effectiveness of my services.

All such use is carried out in a way that respects your rights and expectations.

6. Lawful Bases for Processing
Depending on the nature of my interaction with you, I rely on the following lawful bases:
a) Contract

  • Processing is necessary to:

  • provide services you have requested,

  • manage bookings, sessions, and purchases, and

  • fulfill contractual obligations between us.

b) Legal obligation

  • Processing is necessary to comply with legal or regulatory obligations, including:

  • tax and accounting requirements, and

  • responding to lawful requests from authorities

c) Legitimate interests

Processing may be necessary for legitimate interests, including:​

  • responding to enquiries,

  • maintaining and securing my website and systems, and

  • managing my business operations in a proportionate and expected way.

  • Where this basis is relied upon, your rights and interests are carefully balanced.

d) Explicit consent (special category data)
Health- or wellbeing-related information shared during one-to-one sessions is processed only with your explicit consent.
You may withdraw consent at any time. Withdrawal does not affect processing already carried out but may mean that certain services cannot continue.
e) Marketing communications
Marketing communications are sent only where you have given consent, which can be withdrawn at any time.

7. How Your Personal Data Is Stored and Kept Secure
I take reasonable and appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, or alteration.
Personal data is stored using secure systems and services, with access limited to what is necessary for providing services and operating my business.
Security measures may include:

  • reputable service providers and platforms,

  • password protection and access controls,

  • device and account security measures, and

  • secure handling of communications and records.

While no system can be completely secure, data protection practices are reviewed periodically to ensure they remain appropriate.

8. How Long I Keep Your Personal Data
Personal data is retained only for as long as necessary, including for service provision, legal compliance, and dispute resolution.
Typical retention periods include:
Enquiries and website communications

Retained for a limited period for follow-up and record-keeping, then securely deleted.
Client and session-related information

Retained only as long as reasonably necessary to provide services and meet legal or professional obligations.
Purchases and financial records

Retained for longer periods where required by tax or accounting law.
When no longer required, data is securely deleted or anonymised.

9. Sharing Your Personal Data
Personal data is shared only where necessary to operate services or where legally required.
This may include sharing with:

  • payment service providers,

  • booking or scheduling platforms,

  • email and communication service providers, and

  • website hosting or technical service providers.

These parties are required to handle personal data in accordance with applicable data protection laws.
Personal data is not sold and is not shared for advertising or marketing purposes.

10. International Data Transfers
Service providers may store or process data outside the UK or the European Economic Area (EEA).
Where international transfers occur, appropriate safeguards are used, including:

  • standard contractual clauses approved under UK and EU data protection law, or

  • transfers to countries recognised as providing an adequate level of data protection.

11. Cookies and Website Tracking
The website may use cookies and similar technologies to ensure proper functioning and understand general usage.

  • Essential cookies are used where necessary.

  • Non-essential cookies (such as analytics) are used only with consent.

Cookie preferences can be managed or withdrawn at any time through the website’s cookie settings.
Further details are provided in the Cookie Policy.

12. Your Data Protection Rights
You have the right to:

  • access your personal data,

  • correct inaccurate or incomplete data,

  • request deletion in certain circumstances,

  • restrict processing in certain circumstances,

  • object to processing,

  • request data portability where applicable, and

  • withdraw consent where processing is based on consent.

Requests can be made using the contact details above. Identity verification may be required.


13. How to Make a Complaint
If you have concerns about how your data is handled, please contact me first so I can try to resolve the issue.
You also have the right to complain to the Information Commissioner’s Office (ICO) in the United Kingdom.


14. Changes to This Privacy Policy
This Privacy Policy may be updated from time to time to reflect legal or operational changes.
The most recent version always applies.

bottom of page