Jenny Lee Shiatsu

Privacy Policy and Cookie Policy
Compliant with the EU General Data Protection Regulation (GDPR)

At Jenny Lee Shiatsu, your privacy matters. This policy explains how personal data is collected, used, and protected when you visit this website or contact me.

1. Responsible for Data Processing
Data Controller 
Jennifer Brickman
Jenny Lee Shiatsu
c/ Bruc 88, 5º 9ª
08009 Barcelona, Spain
Email: [email protected]
As the owner of this website, I ensure that personal data is handled in line with GDPR and Spanish data protection laws.

2. What Personal Data Is Collected
This website is informational. It does not use contact forms, booking systems, newsletters, or online payments.
The only personal data I may receive is if you contact me directly by email, phone, or WhatsApp. In that case, I may receive:

  • Your name
  • Your email address or phone number
  • Any information you choose to include in your message

This information is used solely to respond to your inquiry.

3. Cookies and Website Use
This website is hosted by Jimdo, which may automatically collect basic technical data needed for website functionality and security, such as:

  • Browser type
  • Device type
  • Anonymised IP address
  • Pages visited

No Google Analytics, marketing cookies, or tracking tools are used.
You can manage or disable cookies at any time through your browser settings.

4. Purpose of Processing

  • Personal data is processed only for:
  • Responding to inquiries
  • Managing communication with you
  • Meeting legal requirements

No data is used for marketing, profiling, or advertising.

5. Legal Basis for Processing
Data is processed under the following GDPR bases:

  • Art. 6(1)(b) — to respond to your request or inquiry
  • Art. 6(1)(c) — to comply with legal obligations
  • Art. 6(1)(f) — legitimate interest in maintaining website functionality and security


6. Data Sharing
Your data is not shared with third parties except:

  • Jimdo, as the website hosting provider
  • Legal authorities if required by law

Jimdo operates under GDPR‑compliant data protection standards.
No data is shared for marketing or advertising.

7. Data Retention
If you contact me, your message may be stored in my email or phone for as long as needed to manage your request.
I do not maintain client databases or mailing lists.

8. Your Rights
Under GDPR, you may:

  • Request access to your personal data
  • Request correction or deletion
  • Request limits on how your data is used
  • Request a copy of your data in a portable format
  • Raise concerns with the Spanish Data Protection Agency (AEPD)

To exercise any of these rights, contact me at the email listed above.

9. Security Measures
Appropriate technical and organisational measures are taken to protect your data from loss, misuse, or unauthorised access.

10. External Links
This website may contain links to external sites (e.g., social media). I am not responsible for the privacy practices of those websites.

11. Updates to This Policy
This Privacy Policy may be updated to reflect legal or technical changes. The latest version will always be available on this page.

12. Client Data Collected During In‑Person Sessions
Before the first session, clients complete and sign a Consent and Data Protection Form. This form collects:

  • Name
  • Address
  • Contact details
  • ID/NIE/Passport number
  • Signature confirming informed consent

This information is required for:

  • Identifying the client
  • Managing appointments and communication
  • Meeting legal and insurance obligations
  • Maintaining accurate client records

All client forms are stored securely and are not shared with third parties unless required by law.
They are kept only for the legally required retention period for health‑related services in Spain, after which they are securely destroyed.
Clients may request access, correction, or deletion of their data at any time by contacting me directly.