Privacy Policy
Last Updated: 24/06/2025
This Privacy Policy explains how Path To Radiography (“we”, “our”, or “us”) collects, uses, and protects your personal data. By using our website or services, you agree to the practices outlined below.
We are committed to safeguarding the privacy of our users and clients in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Path To Radiography supports individuals who wish to pursue a career in radiography. We provide coaching, academic guidance, training, placement sourcing, and recruitment preparation services. We operate primarily in the UK and work with a range of educational institutions, healthcare providers, and recruitment partners.
2. What Information We Collect
We collect the following types of personal data:
a. Information You Provide to Us:
● Full name
● Date of birth
● Contact information (email, phone number, address)
● Educational history
● Career background
● Personal statement or application documents
● Identification documents (where necessary)
● Payment information (processed securely via third-party platforms)
b. Information We Collect Automatically:
● IP address and device information
● Usage data (pages visited, time spent, form submissions)
● Browser type and operating system
3. How We Use Your Data
We process your personal data for the following purposes:
● To provide our services (e.g., coaching, university/college application support, placements)
● To communicate with you (confirmations, reminders, updates)
● To process payments and generate invoices
● To liaise with educational institutions or hospitals on your behalf
● To send marketing updates (only if you have opted in)
● To improve our services and user experience
● To comply with legal obligations
4. Legal Basis for Processing
We only process your data when we have a legal basis to do so. This includes:
● Consent: You have given explicit permission
● Contractual necessity: Data is needed to fulfil our service agreement with you
● Legal obligation: Required for compliance with UK law
● Legitimate interest: For operational purposes, such as improving our service delivery and safeguarding against fraud
5. Data Sharing and Third Parties
We may share your information with the following third parties when necessary to deliver our services:
● Partner colleges, universities, and UCAS advisers
● NHS Trusts and private hospitals for placement coordination
● Payment processors (e.g., Stripe, PayPal)
● Legal or government bodies where required by law
We never sell or rent your data.
All third parties we work with are GDPR-compliant and required to handle your data with the same level of protection we do.
6. Data Retention
We retain your personal data only as long as is necessary for the purposes outlined above:
● Enquiries: Up to 12 months
● Client data: Up to 6 years after the last service provided
● Financial records: Retained in accordance with HMRC requirements (minimum 6 years)
After this period, your data will be securely deleted or anonymised.
7. Your Rights
Under the UK GDPR, you have the following rights:
● Access: Request a copy of your data
● Rectification: Correct inaccurate or incomplete data
● Erasure: Request deletion of your data
● Restriction: Limit how we use your data
● Objection: Object to certain data uses, including direct marketing
● Portability: Transfer your data to another provider
● Withdraw consent: If we are relying on your consent to process your data
To exercise these rights, contact us at hello@pathtoradiography.co.uk.
8. Cookies and Website Analytics
Our website uses cookies to improve performance and user experience. We may use Google Analytics to track anonymous usage data such as page views and session length. You can disable cookies via your browser settings.
9. Data Security
We use appropriate technical and organisational measures to secure your data, including:
● Encrypted communications (SSL/TLS)
● Secure cloud-based storage with restricted access
● Regular audits and data protection reviews
● Staff confidentiality agreements and training
However, no system is completely secure. While we take steps to protect your data, we cannot guarantee its absolute security.
10. International Transfers
We do not transfer your data outside the UK or EEA unless it is strictly necessary, and appropriate safeguards are in place (e.g., standard contractual clauses with non-UK partners).
11. Children’s Privacy
Our services are intended for individuals aged 16 and above. We do not knowingly collect personal data from children under 16 without parental consent.
12. Updates to This Policy
We may revise this Privacy Policy from time to time. The latest version will always be available on our website with a "Last Updated" date.