CNCotton Nursing Solutions

Privacy Policy

Cotton Nursing Solutions Ltd — Last updated: March 2026

1. Who We Are

Cotton Nursing Solutions Ltd (“we”, “us”, “our”) operates two divisions — Cotton Nursing and Cotton Family — providing occupational health services, accredited training, and family wellbeing resources. We are committed to protecting your privacy and handling your personal data responsibly.

Data Controller: Elisabeth Fairbairn, Owner
Contact: [email protected]
Phone: 07872 179689
Address: Canterbury, Kent

2. What Data We Collect

We may collect the following personal data:

  • Identity & contact information: Name, email address, phone number, postal address
  • Booking & service data: Course bookings, appointment details, payment information
  • Health data: Where relevant to occupational health services, with your explicit consent
  • Communication data: Enquiries, feedback, and correspondence
  • Website data: Cookies, IP address, browser type, and usage data (see our Cookie section below)
  • Mailing list data: Email address and division preference when you sign up

3. How We Use Your Data

We use your data for the following purposes:

  • Delivering our services (training, occupational health, coaching)
  • Processing bookings and payments
  • Communicating with you about your enquiries, bookings, and our services
  • Sending newsletters and updates (only with your consent)
  • Meeting legal, regulatory, and safeguarding requirements
  • Improving our website and services

4. Legal Basis for Processing

We process your data under one or more of the following legal bases:

  • Consent: Where you have given clear consent (e.g., mailing list sign-up)
  • Contract: Where processing is necessary to fulfil a booking or service agreement
  • Legal obligation: Where we are required by law (e.g., health records, safeguarding)
  • Legitimate interest: Where processing is necessary for our legitimate business interests, provided your rights are not overridden

5. How We Store & Protect Your Data

  • Electronic data is stored securely on password-protected devices and cloud platforms (Google Drive, Cliniko)
  • Paper records are kept in locked cabinets with restricted access
  • Sensitive information is encrypted where possible
  • Only authorised staff and contractors may access data, in line with their roles

6. Data Sharing

We do not sell your data. We may share your data with:

  • Healthcare partners and trainers, where necessary for service delivery
  • Regulatory bodies, where required by law
  • Third-party service providers (e.g., booking platforms, payment processors) who meet adequate data protection standards

7. Data Retention

We retain your data only for as long as necessary for the purposes outlined above, or as required by law. Outdated or unnecessary data is securely deleted or destroyed. Retention periods are reviewed periodically.

8. Cookies

Our website uses essential cookies to ensure it functions correctly. We do not use advertising or tracking cookies. By using our website, you consent to the use of essential cookies.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Withdraw consent at any time (where applicable)
  • Data portability
  • Lodge a complaint with the Information Commissioner's Office (ICO)

10. Changes to This Policy

We may update this policy from time to time. Any changes will be posted on this page with an updated effective date.

11. Contact Us

If you have any questions about this policy or wish to exercise your rights, please contact us:

Email: [email protected]
Phone: 07872 179689