PRIVACY POLICY

Frances Norgate | Nourished & Found | francesnorgate.com
Last updated: 22/04/2026

Who I am
I’m Frances Norgate, a qualified Nutrition and Lifestyle Advisor trading as Frances Norgate / Nourished & Found. My website address is francesnorgate.com. You can contact me at hello@francesnorgate.com.
For the purposes of data protection law, I am the data controller for the personal information collected through this website and my associated services.

What information I collect and why

Information you give me directly
When you download a free guide, book a Blood Sugar Audit, or book a discovery call, I collect your name and email address. I use this information to deliver what you’ve requested and to send you follow-up emails with relevant nutritional health information. The legal basis for this processing is your consent — you provide this when you tick the checkbox on my sign-up forms.

When you contact me via email I collect your name, email address, and any information you include in your message. I use this to respond to your enquiry. The legal basis is my legitimate interest in responding to communications directed to me.

When you become a paying client I collect additional health information necessary to provide nutritional therapy support. This includes health history, dietary information, lifestyle factors, and relevant medical information. Health data is a special category of personal data under GDPR and I process it only with your explicit consent, provided through a client consent form before we begin working together. I will sign up to Practice Better — a GDPR-compliant client management platform — to store this information securely when I take on clients.

Information collected automatically
My website is built on WordPress using the Kadence theme. Like most websites, it automatically collects certain technical information when you visit — including your IP address, browser type, pages visited, and time spent on the site. This is processed through WordPress and any analytics tools active on the site.
I use Google Search Console to monitor how my website performs in search results. This involves Google processing certain data about visitors to my site in accordance with Google’s own privacy policy.
My website uses cookies. See the cookies section below for full details.

Email marketing — MailerLite
I use MailerLite to manage my email list and send newsletters and automated email sequences. When you sign up through any form on my website, your name and email address are transferred to and stored by MailerLite on servers within the European Economic Area.
MailerLite is GDPR compliant and acts as a data processor on my behalf. You can view MailerLite’s privacy policy at mailerlite.com/legal/privacy-policy.
You can unsubscribe from my emails at any time using the unsubscribe link in any email I send you. Unsubscribing removes you from future marketing emails but I may retain your email address to record that you have opted out.

Booking — Calendly
I use Calendly to manage appointment bookings for Blood Sugar Audits and discovery calls. When you book through Calendly, your name, email address, and any information you provide in the booking form are collected and processed by Calendly. Calendly is GDPR compliant and acts as a data processor on my behalf. You can view Calendly’s privacy policy at calendly.com/legal/privacy-notice.

How long I keep your information
Email subscribers — I keep your information for as long as you remain subscribed. If you unsubscribe I will retain a record of your email address to honour your opt-out preference.
Enquiry emails — I keep correspondence for up to two years unless there is a reason to retain it longer.
Client health records — once I take on clients, I will retain health records for a minimum of eight years from the end of the therapeutic relationship, in line with professional body guidance. For clients who are minors this period extends to eight years after their eighteenth birthday.
Booking records — I retain records of appointments for up to two years for administrative purposes.

Who I share your information with
I do not sell your personal data to anyone.
I share your data only with the third party service providers named in this policy — MailerLite, Calendly, and when applicable Practice Better — solely for the purposes of providing my services to you.
I may be required to disclose your information if required by law or by a regulatory or professional body.

Cookies
My website uses cookies — small text files stored on your device when you visit. The cookies used on francesnorgate.com include:
Strictly necessary cookies — these are required for the website to function and cannot be switched off. They include cookies set by WordPress for basic site operation.
Analytics cookies — these help me understand how visitors use my website so I can improve it. I use Google Search Console which processes certain visitor data. If I add additional analytics tools I will update this policy accordingly.
Third party cookies — embedded content from third parties such as Calendly booking widgets may set their own cookies. These are governed by the respective third party’s privacy policy.
You can control cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of this website.

Your rights
Under UK GDPR and EU GDPR you have the following rights regarding your personal data:
The right to access — you can request a copy of the personal data I hold about you.
The right to rectification — you can ask me to correct inaccurate or incomplete information.
The right to erasure — you can ask me to delete your personal data in certain circumstances.
The right to restrict processing — you can ask me to limit how I use your data in certain circumstances.
The right to data portability — you can ask me to provide your data in a portable format.
The right to object — you can object to me processing your data where I rely on legitimate interests as my legal basis.
The right to withdraw consent — where I rely on your consent to process your data, you can withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact me at hello@francesnorgate.com. I will respond within one month.

Complaints
If you are unhappy with how I handle your personal data you have the right to complain to the relevant supervisory authority.
If you are based in the Republic of Ireland or the European Union: the Data Protection Commission (DPC) — dataprotection.ie — 01 765 0100.
If you are based in the United Kingdom: the Information Commissioner’s Office (ICO) — ico.org.uk — 0303 123 1113.
I would always appreciate the opportunity to address your concerns directly before you contact a supervisory authority, so please do get in touch with me first if you have any questions or concerns.

Changes to this policy
I may update this privacy policy from time to time. Any changes will be posted on this page with an updated date at the top. I encourage you to review this policy periodically.

Contact
For any questions about this privacy policy or how I handle your personal data:
Frances Norgate hello@francesnorgate.com francesnorgate.com