Privacy Policy

Before raising a consultation enquiry with Tara Whyand, which may or may not contain personal data, please make sure you have read the following privacy policy.

This privacy policy sets out how Tara Whyand uses and protects any personal information that you provide.  It is in line with the new General Data Protection Regulation (GDPR) which comes into effect on 25th May 2018. GDPR regulates the collection, storage, processing, and sharing of personal data for patients within the EU. Tara Whyand wishes to be transparent about this.

Patients from outside the EU will also be treated in the same way by Tara Whyand, giving equality within her service.

How is your personal data used?

Tara Whyand will always request consent to use (collect, store, process, and share) your personal data on the pre-appointment form you complete before a consultation.

Information from this form is needed to provide you with appropriate dietary advice for the management of your diagnosis, and to communicate that with you and your nominated health care professionals. Occasionally health insurance providers may ask Tara Whyand certain details about you. Your information will not be shared with other healthcare professionals without your consent and only relevant personal data will be obtained.

If the pre-appointment form is not completed with consent, the consultation will not go ahead.

Your rights and access to your information

You have a right to withdraw consent to the processing of your information by Tara Whyand at any point, however, dietary advice can then no longer be provided without that information.

Individuals also have the right to be informed of, to rectify, to restrict processing of and to object to the information Tara Whyand has for them. Tara Whyand tries to be as open as it can be in terms of giving people access to their personal information. Individuals can request personal information by making a ‘subject access request’ under the GDPR. This can be done in writing via email to and Tara Whyand will give you a description of it, tell you why we are holding it, who it may be disclosed to and let you have a copy of the information. If you believe that any information being held on you is incorrect or incomplete, please email Tara Whyand as soon as possible and she will promptly correct any information found to be inaccurate. Individuals have a right to make a complaint by email.

How long is your personal data stored for?

Once you have had a consultation you are considered to be a patient of Tara Whyand’s. Even if consent for processing your personal data is withdrawn, or you move your care to another health professional, Tara Whyand is legally bound to retain your personal  information (pre-appointment form, referral letters, relevant test results, dietary appointment letters) for 8 years. This is in line with the records management code of practice for Health and Social Care 2016.

What is Tara Whyand’s lawful basis for processing personal data?

  • Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

Tara Whyand processes special category data which needs higher protection as it is personal health information. This is necessary for the provision of health care (Article 6, GDPR).

How is your information kept secure from 25th May 2018?

Personal identifiable data from your pre-appointment form, any referral letters, relevant test results and your appointment letter will be stored securely.

There are appropriate physical and electronic procedures in place to safeguard the information collected to prevent unauthorised access:

  • Tara Whyand’s website is managed by tsohost, which is compliant with the GDPR regulations.
  • has an SSL certificate for security. Any data sent via the contact form is encrypted, as are emails
  • Any paper given to Tara Whyand containing personal information is scanned and stored as a JPEG file on the computer.
  • No personal identifiable data will be stored on paper. The paper is incinerated by Tara Whyand.
  • The computer used for storing personal identifiable data from your pre-appointment form, any referral letters, relevant test results and your appointment letter, as encrypted word and JPEG files, is password protected and has Antivirus and Firewall software.
  • Personal data is backed up on the cloud storage Dropbox which is also GDPR compliant, encrypted and password protected.


Users should seek personal and medically informed advice as appropriate from a professionally qualified dietitian on all specific situations and conditions of concern to them.

This policy was last updated in May 2018 and will be reviewed regularly and updated as appropriate.