top of page

Connected Life Limited trading as “Capacity at Work”

Privacy Policy

1. Introduction

This is our privacy policy. It tells you how we collect and process data received from you, including how we process data in relation to our patients, clients, suppliers, business contacts and visitors of our site. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. 

This policy applies to Connected Life Limited trading as “Capacity At Work”

If you have any comments on this privacy policy, please email them to


2. Who We Are

It is required by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, known as General Data Protection Regulation (GDPR) for us to provide you with the following information as a 'data controller':

  • is operated by Connected Life Limited trading as “Capacity at Work”

  • Connected Life Limited incorporated and registered in England and Wales with company number 8022801whose registered office is at Suite 3, Duke's House, 4-6 High Street, Windsor, SL4 1LD

  • The Connected Life Limited Data Protection Officer is Meeta and she can be contacted at

3.  Health Care Services


Connected Life Limited provides the following health care and consultancy services:

  • Coaching

  • Consultancy

  • Psychotherapy

  • Counselling


4.  What information we collect


We may collect and process the following data about you – be it directly from you or a third party:


  • Identity data - including name, username or similar identifier, occupation

  • Contact data - including email address(es), postal address and telephone number(s).

  • Next of Kin – name, date of birth, email address(es), postal address and telephone number(s).

  • Parent or Guardian – if you are under 18 years of age we will collect the data of your guardian including name, date of birth, email address, postal address and telephone number(s).

  • Medical data, including medication, gender, sex life and sexual orientation, your mental, emotional and physical health, genetic and biometric data.

  • Complaints or Grievances, you have raised that relate to the services of Connected Life Limited.

  • Financial data, including bank account and payment details as well as your private medical insurance provider

  • Transaction data, including details about payments to and from you and other details of services you have purchased from us.

  • Technical data, including IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology you use to access our site.

  • Profile data, including your interests, preferences, feedback and survey responses. 

  • Usage data, including information about how you use our website and services .

  • Marketing and communication data, including your preferences in receiving marketing from us and our third parties and your communication preferences. 

Please ensure all third parties e.g. Parent/Guardian, Next of Kind have seen our Privacy Policy Notice and understood it before you provide us with their information.

We also collect, use and share Aggregated data such as statistical or demographic data. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage data to calculate the percentage of users accessing a specific website feature.

We collect Special Categories of Personal Data information relating to your health which can include examination findings, medical imaging data relating to your care, diagnostic test results, correspondence and communication from other clinical professionals relating to your current or past clinical care as well as criminal convictions and offences.  This includes clinical notes.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:

a) you have given consent to the processing of your personal data for one or more specific purposes;

b) processing is necessary for the performance of treatment for you;

c) processing is necessary for compliance with a legal obligation to which we are subject;

d) processing is necessary to protect the vital interests of you or of another natural person;

e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or

f) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party such as our credit card payment processing, other medical expert, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data.


We use different methods to collect data from and about you, including: 

  • Direct interactions when you purchase our services, request marketing/information be sent to you, enter a promotion or survey, or give us feedback or contact us. 

  • Automated technologies or interactions – we collect data by using cookies. Please see our Cookie Policy for further details. 


5. Cookies

Our website uses cookies, which is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. We use cookies to help Connected Life Limited identify and track visitors and their website access preferences. If our website visitors who do not wish to have cookies placed on their computers, they should set their browsers to refuse cookies before using the Connected Life Limited website. Please look at our Cookie Policy for more cookie information.

6. How we use what we collect 

We use information about you to:

  • Provide information and services that you request, or (with your consent or if we have another lawful basis) which we think may interest you.

  • Carry out our services directly with you.

  • Tell you our fees and process payment.

  • Liaise with others who are connected to, or could potentially be connected to your health and wellbeing, as it relates to the services and support we currently provide you with.  These may include doctors, other healthcare clinicians, hospitals, police and other law enforcement agencies, social services, parents/guardians if you are under 18 as well as any person you have specifically authorized us to share information with.

  • Record and maintain clinical records as required by our Regulatory bodies (UKCP and BACP) to ensure safe and effective care.


If you are already our patient/client, we will only contact you electronically about your personal treatment and things similar to services previously engaged by you.

If you don’t want us to use your personal data for any of the reasons set out in this section 5, you can let us know at any time by contacting us at and we will delete your data from our systems. However, you acknowledge this may limit our ability to provide our services to you.

In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data in these cases.

Please find below further information as to the purposes and lawful basis of the personal data that we collect and process. 

Type(s) of data


Categories of

personal data

Purpose of


Lawful basis

Clients, their employees and contractors

Contact information, including name, address, telephone number and e-mail address

Communication data including e-mail communication, text and other messaging services


Financial data including bank account and payment card details


Transaction data including details about payments to and from customers.

To ensure that we can supply the services requested by the client, including facilitating invoicing and payment.

Necessary for the performance of a contract.

Clients, their employees and contractors

Contact information, including name, address, telephone number and e-mail address.

Marketing communications 

Consent required for use in any Capacity at Work white paper or newsletter.

Suppliers, partners, subcontractors and their employees

Contact information, including name, address, telephone number and e-mail address; bank details.

To enable compliance with obligations under relevant contracts, including logging and payment of invoices.

Necessary for the performance of a contract

Business contacts

Contact information, including name, company name, job position, address, telephone number and e-mail address, including those available via business networking websites, such as LinkedIn.

Business networking 

Legitimate interests of all parties 

1. The legitimate interests of both the Company and its business contacts is to network in the context of business.


2. It is necessary to exchange, keep and otherwise process contact information in order to network in the context of business. 


3. There is normally a positive action taken by all parties to provide their contact details during networking with the expectation that such contact details, including personal data, may be used by the recipient for business networking.

Event contacts

Contact information, including name, company name, job position, address, telephone number and e-mail address, including those available via event websites such as Meetup and EventBrite.

Event registration, communication of future events and any future newsletter.

Consent required for any Capacity at Work events communications.

7. Where we store your data


We store all your personal data on a secure system that is within the European Economic Area (EEA). Should we need to transfer your data outside the EEA, we will ensure they have adequate levels of protection of personal data by the European commission; or we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or we may transfer data to US based providers that are part of the Privacy Shield. 


By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.

If we give you a password, you must keep it confidential. Please don't share it. Although we try to provide protection, we cannot guarantee complete security for your data, and you take the risk that any sending of that data turns out to be not secure despite our efforts.


We only keep your personal data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it.  In any event, we will conduct regular reviews to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.


8. Disclosing your information

The following categories of recipients may receive your personal information and process it for the purposes outlined in this Privacy Statement:

  • Third party companies, agents, contractors, service providers or related companies (including payment processors) if this is necessary to provide you with our products and services, respond to your enquiries or for any other related purposes. These are the third parties that have access to your information:

  • Dropbox - storage and access of documents

  • Microsoft Office 365 – storage and access of documents 

  • Google Analytics, Google Maps (for the contact page map) – cookies use on site (for more information on cookies see please see our Cookie Policy ;

  • third parties who support our information technology or handle mailings or events on our behalf;

  • law enforcement agencies, other governmental agencies or third parties if we are required by law to do so, or in other limited circumstances (for example if required by a court order or regulatory authority, or if we believe that such action is necessary to prevent fraud or cyber-crime or to protect the Site, our technology assets or the rights, property or personal safety of any person);

  • other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity; and

  • any successor in interest, in the event of a liquidation or administration of Connected Life Limited.


Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.

9. Your rights

At any time, you have the right:

  • to be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from whom it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);

  • to request access to or a copy of any personal data which we hold about you;

  • to rectification of your personal data, if you consider that it is inaccurate;

  • to ask us to delete your personal data, if you consider that we do not have the right to hold it;

  • to withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent);

  • to ask us to stop or start sending you information (e.g. our blog/newsletter/social media) at any time by using the below contact details;

  • to restrict processing of your personal data;

  • to data portability (moving some of your personal data elsewhere) in certain circumstances;

  • to object to your personal data being processed in certain circumstances; and

  • not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.

  • Lodge a complaint with a Regulatory organisation (e.g. UKCP or BACP) preferably after consultation with ourselves.  However, you have the right to lodge a complaint directly with one of the Regulatory organisations.


Any request for access to or a copy of your personal data must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will comply with our legal obligations as regards your rights as a data subject.


We will correct any incorrect or incomplete information and will stop processing your personal data, or erase it, where there is no legal reason for us to continue to hold or use that information.


We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change by emailing


To enforce any of the foregoing rights or if you have any other questions about our site or this Privacy Policy, please contact


10. Links to other sites

Please note that our terms and conditions and our policies will not apply to other websites that you visit via a link from our site. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

11. Changes

This Policy was last updated on 31st May 2021. If we change our Privacy Policy, we will post the changes on this page. 

12. Automated Decision-Making and Profiling

We do not undertake any automated decision-making, including profiling. 

13. Copyright Notice

This Privacy Notice has been created for Connected Life Limited trading as ‘Capacity at Work’.


Connected Life Limited trading as ‘Capacity at Work’ has the right to edit the text contained within this notice as they require, as long as it remains solely for the use of Connected Life Limited.


Any redistribution or reproduction of part of all of the contents, in any form, is prohibited.  You are forbidden from distributing or commercially exploiting this content, without our express written permission. 

bottom of page