Privacy policy

PRIVACY & COOKIE POLICY
Last Updated: June 2026

At Nutri by Juste, we are committed to safeguarding your privacy and ensuring that your personal and sensitive health information is handled responsibly. This Privacy Policy outlines how we collect, use, protect, and legally retain the information you provide to us through our website, booking platforms, and nutritional therapy services.

The Data Controller is Nutri by Juste. For any privacy-related queries, you can contact us directly at [email protected].

1. The Types of Data We Collect
When you visit our website or engage with any services we provide, we collect:

Personal Identification: Your name, email address, phone number, and billing details.
Special Category Health Data: Symptoms, medical histories, lifestyle details, dietary logs, and raw biological data derived from private laboratory investigations (e.g., functional biomarker testing or nutrigenomics) that you choose to share.
Technical Data: Essential functional cookies used by our hosting platform (Durable) to maintain website stability and secure client bookings.
2. Our Lawful Basis for Processing Data
To comply with the UK General Data Protection Regulation (UK GDPR), Nutri by Juste processes your data under the following strict legal frameworks:

Personal Data (Article 6): Processed via your explicit Consent when booking, or to fulfill our Contractual obligation to deliver your purchased wellness programs.
Special Category Health Data (Article 9): Processed under Article 9(2)(h), which strictly permits the processing of health-related metrics for the explicit provision of health coaching, naturopathic nutritional therapy, and care management.
3. How We Use & Share Your Information
Your information is utilized solely to create customized nutrition programs and communicate relevant updates that align with your health goals.

We never sell or rent your data. To deliver our services, your data is securely shared only with essential third-party processors. This includes our website host (Durable), secure practitioner management software, and accredited external laboratories or testing providers. 

4. Data Retention & The 7-Year Rule
While you have the right to withdraw your consent for future marketing communications at any time, clinical health data is subject to strict regulatory timelines. To comply with professional indemnity insurance mandates and clinical liability regulations in the UK, Nutri by Juste is legally required to retain all clinical case notes, intake forms, and lab reports for a minimum statutory period of 7 years from the date of your final consultation. This legal requirement supersedes a client's GDPR 'right to erasure' request during this 7-year timeframe.

5. Protecting Your Information
Nutri by Juste employs stringent security measures to protect your data from unauthorized access or misuse. All digital records are stored within encrypted, password-protected, GDPR-compliant platforms. We adhere to rigid industry standards to ensure that your personal information remains entirely confidential.

6. Your Rights Under UK GDPR
You hold the following legal rights regarding your data:

The right to access a copy of the personal data we hold about you.
The right to request corrections to any inaccurate or incomplete information.
The right to lodge a formal complaint with the Information Commissioner’s Office (ICO) if you believe your data has been mishandled.