Ts&Cs

Introduction & Website Disclaimer

This website (the “Website”) is operated by Creative Occupational Therapy Solutions Ltd (“we”, “us”, “our”).

By accessing or using the Website, you agree to be bound by these Terms and Conditions (“Terms”). If you do not agree, please do not use the Website.

The content on this Website provides general information only. It is not medical, clinical, or professional advice and should not be relied upon as such. Always seek advice from a qualified health professional.

We may update these Terms and our policies from time to time to reflect legal, regulatory, or operational changes. Updates will be posted here with the “Last updated” date. Continued use of the Website indicates acceptance of the revised Terms.

Company Details & Contact

Creative Occupational Therapy Solutions Ltd

Registered office:
8 Shirehampton Close, Webheath, Redditch, B97 5PF

Company number: [Company no.]
VAT: [VAT no.]

Email: otoffice@creativeoccupationaltherapy.co.uk
Tel: 0330 043 3461

These details are provided in line with UK ECommerce Regulations and transparency best practice.

Use of the Website

You may use the Website for lawful purposes only.

You must not misuse the Website (e.g., attempt to gain unauthorised access, introduce malware, or engage in conduct that disrupts service).

We do not guarantee the Website will be uninterrupted or errorfree; access may be suspended for maintenance or updates.

Intellectual Property

All content, trademarks, graphics, and materials on the Website are protected by intellectual property laws.

You may print or download extracts for personal, noncommercial use only, keeping all notices intact.

Any other reproduction, distribution, or commercial use is prohibited without prior written permission.

External Links

The Website may contain links to thirdparty sites for convenience.

We are not responsible for their content or privacy practices.

Exercise caution when using external sites.

Liability

While we aim for accurate, highquality information, we make no warranties as to completeness, accuracy, or fitness for a particular purpose.

We accept no liability for loss arising from reliance on Website content except where such liability cannot be excluded by law.

Privacy & Data Protection (UK GDPR / DPA 2018)

Who We Are (Controller)

For personal data collected via this Website, Creative Occupational Therapy Solutions Ltd is the data controller responsible for deciding how and why your personal data is processed under the UK GDPR and Data Protection Act 2018.

What We Collect

 Contact forms: name, email, phone, message details.
 Appointment or referral enquiries: client name, contact details, basic health/functional information supplied voluntarily.
 Cookies and similar technologies: device identifiers, IP address, pages, preferences—see Cookie Policy below.

We minimise collection and restrict it to what is adequate, relevant, and necessary.

Lawful Bases for Processing

 Consent (Art. 6(1)(a)): for specific optional uses (e.g., marketing communications, nonessential cookies).
 Contract (Art. 6(1)(b)): to respond to enquiries, schedule services, and provide OT services.
 Legal obligation (Art. 6(1)(c)): e.g., tax, health & safety.
 Legitimate interests (Art. 6(1)(f)): site security, fraud prevention, service improvement (balanced against your rights).

 Special category data (health data) is processed under Art. 9(2)(h) (health/social care) and/or explicit consent (Art. 9(2)(a)) when you provide health information via forms; safeguards apply per the DPA 2018.

Your Rights

You have rights to access, rectification, erasure, restriction, objection, data portability, and rights in relation to automated decisionmaking (where applicable).

To exercise rights, contact:
otoffice@creativeoccupationaltherapy.com

You may also complain to the ICO (Information Commissioner’s Office).

Data Sharing & Processors

We may share data with trusted processors (e.g., secure hosting, email delivery, practice management providers) bound by controller–processor contracts that meet UK GDPR requirements, including subprocessor controls.

We do not sell personal data. We only disclose where necessary, lawful, and proportionate.

International Transfers

If we transfer data outside the UK, we will use appropriate safeguards (e.g., adequacy regulations, standard contractual clauses) and conduct transfer risk assessments as required.

Security

We apply appropriate technical and organisational measures (encryption, access controls, secure hosting).

For NHSconnected work, we align with the Data Security and Protection Toolkit (DSPT) standards and incident reporting expectations.

Retention

We keep data only for as long as necessary for the stated purposes, after which it is securely deleted or anonymised, in line with the storage limitation principle.

Cookie Policy (PECR & UK GDPR)

Cookies and Similar Technologies

We use essential cookies to operate the Website and optional analytics/performance cookies to help improve content and usability.

You can find our fully cookie policy here: link to cookie policy

Under PECR, you must be told about cookies and give consent for nonessential cookies. Consent must be active (no preticked boxes); you can withdraw at any time.

We provide a banner and settings to manage preferences.

Following the Data Use and Access Act 2025 (DUAA), certain statistical or functionality cookies may no longer require consent in limited circumstances; however, we will continue to offer transparent controls and respect stricter requirements when applicable (e.g., if operating in EU contexts).

Children’s Privacy

Our website is not directed at children.

Where services involve children, we handle data with enhanced safeguards in line with UK GDPR and relevant guidance.

Complaints

If you have concerns about our handling of personal data, contact:
otoffice@creativeoccupationaltherapy.com

You can also contact the ICO:

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113

DUAA Addendum (Data Use and Access Act 2025)

Overview

The DUAA received Royal Assent on 19 June 2025 and introduces targeted amendments to the UK GDPR and PECR to simplify compliance and support innovation.

Changes are phased between June 2025–June 2026.

Cookies

DUAA permits some statistical/functionality cookies without consent (UKonly scope), but organisations must still provide clear notices and easy optouts.

EU regimes remain stricter.

We maintain consent controls where prudence or crossborder contexts require.

Automated Decisionmaking (ADM)

DUAA broadens circumstances for significant solely automated decisions, but mandates safeguards (information, challenge, human intervention).

We do not rely on solely automated decisions that produce legal/similar effects without required safeguards.

Recognised Legitimate Interests

DUAA clarifies and, in some cases, expands lawful bases (e.g., public interest/safeguarding contexts).

We assess and document our reliance carefully and apply appropriate safeguards for special category data (health).

What This Means for You

We keep our privacy notices, cookie banner, and internal data protection records under review to reflect DUAA changes while maintaining high standards consistent with ICO guidance.

Accessibility & Equality

We strive to make our website accessible and to reflect obligations under UK equality law and WCAGaligned best practices.

Changes to These Terms

We may update these Terms to reflect legal, technical, or business changes.

Updates will be posted here with the “Last updated” date.

Governing Law

These Terms are governed by the laws of England and Wales, and disputes are subject to the exclusive jurisdiction of the courts of England and Wales.

Last updated: 19/12/2025