Privacy Policy

Last Updated On 19-Sep-2022
Effective Date 19-Sep-2022

Sandra Grosso Feeding and Speech is an independent Speech and Language Therapy Practice that delivers Speech and Language Therapy services to clients of all ages with a range of Speech, Language and feeding/ eating and drinking and swallowing (dysphagia) difficulties.

The practice has a registered website www.sandragrossofeedingandspeech.comThe practice is owned and directed by Sandra Grosso, Speech and Language Therapist. For purposes of the applicable Data Protection Laws, Sandra Grosso trading as Sandra Grosso Feeding and Speech assumes the function of Data Controller, determines the purposes for which, and the manner in which, your Data is processed and supervises compliance with General Data Protection Regulation (GDPR).


  1. This Privacy Policy describes the policies of Sandra Grosso Feeding and Speech, United Kingdom of Great Britain and Northern Ireland (the), with registered office 85 Great Portland Street, First Floor, London, W1W  7LT on the collection, use and disclosure of your information that we collect when you use our website ( com ) (the “Service”). By accessing or using the Service, you are consenting to the collection, use and disclosure of your information in accordance with this Privacy Policy. If you do not consent to the same, please do not access or use the Service.
  2. This privacy policy applies between you, the User of this Website and Sandra Grosso trading as Sandra Grosso Feeding and Speech, the owner and provider of this Website (the website that you are currently accessing,, and any sub-domains of this website unless specifically excluded by their own terms and conditions)
  3. This privacy policy applies only to the actions of Sandra Grosso trading as Sandra Grosso Feeding and Speech and Users with respect to this website. In this context, User/s refers to any third party that accesses the Website and is not either (i) employed by Sandra Grosso trading as Sandra Grosso Feeding and Speech and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Sandra Grosso trading Sandra Grosso Feeding and Speech and accessing the Website in connection with the provision of such services;
  4. Sandra Grosso, trading as Sandra Grosso Feeding and Speech takes the privacy of your information very seriously. This privacy policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the Website.
  5. We may modify this Privacy Policy at any time without any prior notice to you and will post the revised Privacy Policy on the Service. The revised Policy will be effective 180 days from when the revised Policy is posted in the Service and your continued access or use of the Service after such time will constitute your acceptance of the revised Privacy Policy. We therefore recommend that you periodically review this page.

You may contact Sandra Grosso trading as Sandra Grosso Feeding and Speech by email at


  1. You have the right to:


  1. Know what Data has been collected about you and/or your child and how this Data has been processed;
  1. Withdraw consent and ask for your personal Data and that of your child to be deleted (Erasure);
  2. Make changes to inaccurate or incomplete Data;
  3. Object to our use of your Data
  4. Restrict our use of your data- the right to “block” us from using your Data or limit the way we can use it;
  5. Data portability– the right to request that we move, copy or transfer your data.
  1. To make enquiries or exercise any of the rights detailed above, please contact us via this email address:
  1. If after 28 days you are not satisfied with our response to the complaint you made in relation to your Data, you may be able to refer your complaint to the Information Commissioner’s Office (ICO), which is the UK’s data protection authority. The ICO’s contact details can be found on their website


  1. Sandra Grosso Feeding and Speech (SGFS) is committed to protecting the privacy of all client’s information and strictly adheres to the Data Protection Acts 1998 and 2003, as well as the new General Data Protection regulation (GDPR) legislation which replaces the Data Protection Act effective 25th May 2018.
  2. The requirements of compliance with the GDPR vary with the type of data being collected, about whom and for whom.
  3. SGFS complies with professional guidelines from the Royal College of Speech and Language Therapists, The Health and Care Professionals Council and The Association of Speech and Language Therapists in Independent Practice. The practice is registered with the Information Commissioners Office (ICO).
  4. Article 5 of the GDPR legislation outlines the following Data protection principles that concern Speech and Language Therapists:
  • Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.
  • Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with these purposes.
  • Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  • Personal data shall be accurate, and, where necessary, kept up to date.
  • Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
  • Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. 


What is the legal basis for processing personal information?

  1. SGFS processes your healthcare data under the lawful basis of the provision of health or social care or treatment (GDPR Article 9-2-h). We are legally permitted to store and use your health data and communicate this with other professionals involved in your care for health- related purposes (assessment, diagnosis, and treatment), because we are bound by the confidentiality rules of our own professional bodies.
  2. SGFS processes your personal data under the lawful basis of ‘legitimate interests’ (GDPR Article 6-1-f). As with any healthcare provider, when you employ the services of SGFS, there is an implied understanding that we will not be able to assess and treat you safely and appropriately unless you or others give us the relevant information to do so. We will always discuss it with you prior to us gaining information from other sources. We will request your verbal consent to us gaining this information.


  1. SGFS collects and stores personal information as part of conducting professional Speech and Language Therapy services. We collect Data both that is given to us by you or by others when you contact us through the Website, by telephone, by post, e-mail or through any other means, and data that is collected automatically when you access this website.
  2. The data received and held generally falls under the following core headings: clinical records, healthcare records, financial records, general administrative records and educational records, including:
  • Personal information including name, address and date of birth;
  • Contact information such as email address, home address and telephone numbers;
  • Contact details for next-of-kin;
  • Information you provide by filling in treatment consent forms, case history forms, radiology reports, registration forms, questionnaires;
  • Correspondence, such as clinic letters and reports, print outs of emails etc
  • Information you provide when you are referred by another clinician or when you refer yourself;
  • Clinical observations
  • Audio/ video recordings
  • Clinic letters and reports from medical or other professionals involved in your child’s care;
  • Financial information, such as bank account and sort code details, debit/ credit card numbers etc as part of the payment process and/or when you make payments to us;
  • Private insurance policy details


When you access the Website, we will collect your Data automatically, for example:

  • We will collect your Data automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, and how we use them on the Website, please refer to the Cookies policy adjacent to this one on the Website;
  • We automatically collect some information about your visit to the Website. This information helps us to make improvements to Website content and navigation;

How is the information you collect about me used?

  1. Information we collect is used to provide you with the best experience and service when using our service;
  • SGFS will never share your information with other organisations for commercial, marketing or market research purposes;

We require your information for the following reasons in particular:

  • To respond to an enquiry/ request you have made via the Website, such as requesting an appointment for a consultation;
  • To provide you with information you may have requested, such as a copy of a report;
  • To contact you about payment.
  • It is our professional duty as therapists to liaise with all relevant health professionals involved in you/your child’s care. It is also best practice to share all information regarding you/your child’s care (RCSLT, Communicating Quality Live, 2016)

We will endeavour to ask your permission/ consent prior to sharing your information with other people, with the exception of when we are required to share the information by law and/or in situations where we believe a client/ child, parent or carer is at risk of harm (Safeguarding). In such situations, we have a legal and professional responsibility to escalate all concerns to the relevant authorities. This can be done without prior consent.


  1. We will use technical and organisational measures to safeguard your Data, for example
  • Access to your information is controlled by a password;
  • We store your data on secure servers;
  • We use anti-virus software to protect data from cyber-attack
  1. Technical and organisational measures include measures to deal with any suspected Data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let know immediately by contacting us via this email address:
  2. Detailed information on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems is available from Get Safe Online. Please visit Get Safe Online is supported by HM Government and leading businesses.


  1. Unless a longer period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined in this privacy policy, or until you request that the data is deleted. Deleted data may persist on backup systems for legal, tax or regulatory reasons.


  1. This website provides links to other websites, which this privacy policy does not encompass. We are not responsible for the content or security of other websites and have no control over them.