Association of Naturopathic Practitioners

Privacy Policy

1               Introduction

We are the Association of Naturopathic Practitioners of 25 Percy Circus, London WC1X 9EU (“the ANP”). References to “we”, “our” or “us” means ANP. Please contact us if you have any questions about this Privacy Policy or the information we hold about you.

This privacy policy is about how the ANP collects, processes, stores and shares your personal data as a member of the ANP (“Member”). We are the controller of your personal data. This means that we are responsible for deciding how we collect, store and use personal information about you.

This Privacy Policy only relates to personal data collected by the ANP via the ANP website, application forms, emails and telephone calls.

This Privacy Policy has been prepared in accordance with the Data Protection Act 2018 which implements the General Data Protection Regulation (or such UK legislation intended to replace or supersede it) (“Data Privacy Laws”). Defined terms used in the Privacy Policy have the meanings set out in the Data Privacy Laws.

You can contact us by post (using the above address), by phone on: 0203 319 9315 or by email:

Users should be aware that if they access other websites, using the links provided, these are outside our control.  If they provide personal data to other companies, the privacy policies of those companies determine the uses to which that information is put and the ANP Privacy Policy will no longer apply.

2               Purpose of data

The data we collect from Members is the data required to provide professional services to Members, communicate with Members and validate and verify the legitimacy of applicants.  The data held by ANP is collected at the time of application by Members and includes name, home address, clinic address, email, phone number(s), website, certificates of qualifications and records of continued professional development.

3               Disclosures ‑ Sharing of data

External data sharing

We may disclose your personal information (including to our trusted third parties listed below):

  • Name, email address and telephone number are shared with our external regulator, The General Naturopathic Council (“GNC”) for the purposes of registering practitioners on a public register and confirming your status as a fully qualified, voluntarily regulated practitioner (if you hold a membership with the GNC);
  • Membership numbers are shared with Balens (our insurance Broker, for the purpose of confirming membership details and verifying the legitimacy of insurance applicants); and
  • Name, details of membership and details of relevant qualifications is shared upon request on behalf of a Member with external companies that provide practitioner services to verify qualification and status claims.

Internal data sharing

Your personal data may also be disclosed to:

  • ANP employees;
  • ANP representatives;
  • service providers we use to deliver aspects of our service such as database or email software facilities; and
  • internal administrators for the purpose of verifying payments and refunds.

4               RETENTION OF PERSONAL data

We will keep your personal data for no longer than we need it for the purposes we have explained in this Privacy Policy. Applicants to ANP accepted or otherwise are kept on record for up to three years.  Applicants who have been barred, banned or otherwise excluded from membership are kept on record to prevent renewed access to the Association in keeping with the interests of public safety.

To determine the appropriate retention period for your personal data, we will consider the amount, nature and sensitivity of your personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

If a dispute arises between us, we will keep your personal data for the purposes of responding to and dealing with this dispute and this may mean that we keep your personal information for longer than as set out above.

5               Device specific data

The following information may be collected through your device and browser:

5.1           Your devices IP address (collected and stored in an anonymized format);

5.2           Your email address including first name and surname (if contained within the email address);

5.3           Device type (unique identifiers) and browser information; and

5.4           Geographic location (country only).

6               Digital Log data

Our servers automatically record information which is created using our software.  Data includes:

6.1           Referring domain;

6.2           Pages visited;

6.3           Geographic location (country only);

6.4           Preferred language used to display information; and

6.5           Date and time when pages were accessed or created.

7               Consent

ANP membership is an optional process.  By joining ANP, Members will be asked to provide their consent via their application to receive information relating to the activities of ANP in the form of newsletters, regulatory updates, upcoming seminars, webinars, events, training, special offers and information relevant to the profession. Such information will only be sent electronically to Members if explicit consent has been obtained to receive such information and consent can be withdrawn at any time in line with the procedure set out below.

8               Opting out

Opt out mechanisms are in place on all ANP mailings and communications.  Users can choose to opt out at any time by clicking the opt‑out button at the bottom of mailings or emailing ANP directly with a request to opt out.

9               Use Made of Personal Information

Personal information provided to the ANP will be used for the purposes of providing services to our Members.  Any personal information which is collected by the ANP will be used by the ANP only in accordance with current Data Privacy Laws.

In addition, personal information may be used for statistical analysis. Anonymised personal data only will be used for such statistical analysis to: (a) monitor details of how many new members there are per month; and (b) for the purposes of producing other internal statistics.

Personal data will be collected and processed by the ANP for the following purposes:

9.1            to process your membership;

9.2          Administrative purposes including preparation of invoices, adding details of your membership to the practitioner directory listed on our website and for the purpose of checking your qualifications. Your details will be publicly available on our Membership Directory. You can opt out of the Membership Directory and make your details private by updating the privacy settings on your account.

9.3           to validate and confirm your insurance application;

9.4           to validate and confirm your rights to access free and discounted offers with external companies (membership details are not shared with external companies);

9.5           to validate and confirm your status (at your request) to external companies;

9.6           to process CPD certificates;

9.7           to register your attendance at ANP events; and

9.8           to record complaints or misdemeanours.

Processing personal data for the above purposes may entail sharing the information with employees, contractors, agents and professional advisors and regulators of the ANP.

Written agreements exist between the ANP and such parties that there must be no further disclosure of such personal data.

10             our purpose and legal basis for using your personal data

Purpose Personal data Lawful basis
To operate and maintain the security of our services and our website. Data that you provide to us which directly identifies you, including your name, email address and phone number. Legitimate interests (the proper administration of our website and business).
To provide you with the services. Data that you provide to us in order for us to provide you with the services, including your name, email address phone number and IP address. Performance of a contract (details are necessary for us to be able to provide the services to you).
For the purpose of publication in our practitioners  directory Data that you provide to us relating to your professional capacity that may in turn identify you as an individual, including clinic address website. Consent
To verify that you meet our membership requirements and that you have the necessary qualifications Certificates of qualifications / records of continued professional development Legitimate interests of ANP only taking on members with the requisite qualifications
To recognise you and analyse how you, and other users, navigate the Website and what type of content you are interested in, and to manage and improve the Website by testing new features. We do this by using cookies (see Cookies section of this policy for details) [Data that indirectly identifies you such as your IP address, approximate geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.] This data does not include anything that allows us to identify you by name or contact details Consent

11             Verifying, updating and amending your personal information

If, at any time, a user wants to verify, update or amend their personal data they may write to:

Association of Naturopathic Practitioners

25 Percy Circus, London WC1X 9EU

0203 319 9315

Verification, updating or amendment of personal data takes place within 10 working days

12             Storage of personal data

Data is stored in a secured, encrypted, cloud based database.  Payments are processed according to the requirements of 12.9 PCI DSS v3.2 in accordance with PCI security standards.

13             Processing of data

Personal and financial data is processed and handled via Amazon Web Services (AWS), the world’s largest cloud provider with recognised certifications and audits PCI DSS Level 1, ISO 27001, FISMA Moderate, FedRAMP, HIPAA and SOC 1, SOC 2 and SOC 3 audit reports.

All personal data is fully backed up and stored in highly secure AWS data centres with 24/7 infrastructure monitoring, with immediate notification and recovery in place in the event of a data breach.

PayPal is used to process payments for memberships and sponsorships.  All PayPal transactions are subject to the PayPal privacy policy.  All data handled by PayPal is handled securely by a single data controller for administrative purposes.

14             Cookies

A “cookie” is a small text file that is placed on a user’s computer hard drive by a website.  There are several types of cookie and the most common are often referred to as ‘session’ cookies.  These are used to keep track of information needed by a user as they travel from page to page within a website.  These cookies have a short lifetime and expire within a few minutes of the user leaving the site.

Other types of cookies can be used to track internet activity after the user has left a website.  These are usually sponsored by organisations external to the website being visited and are generally known as ‘third party’ cookies.  These usually have a long lifetime with several months being quite common.  They are ‘harvested’ and ‘refreshed’ whenever the user visits a page where the same or a similar cookie is being used.

Google Analytics

We use Google Analytics to analyse your use of our Website. Google will store, use, and evaluate the information to compile reports on the activity generated by our Website. By using our Website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of our policy. Google also does a number of things with your data in its own right. You can read about how Google uses your data here. Google will transfer your data to the United States and possibly other countries. You can learn about that, and how to exercise your rights in respect of those transfers, here. You can manage what Google does with your data at the Google Ad Settings page. Google also offers browser plugins to block Google Analytics, which you can download here.

The ANP uses benign, short lived ‘session’ cookies to tell whether a website user has logged in, where to find details that can be used to pre‑fill parts of on‑line forms and to personalise the user’s visit to the website.

ANP cookies do not analyse visits to other website or any searches undertaken whilst on the ANP website.

15             The ANP uses cookie free technology that uses Internet Protocol (IP) information exchanged during the course of normal web activity combined with data enhancement technology to get detailed analytics information.Links to Third Party Websites

This Privacy Policy applies solely to the personal data collected by the ANP and does not apply to third party websites.

The ANP is not responsible for the privacy policies of third party websites.  The ANP advises users to read the privacy policies of other websites before registering any personal data.

16             Security

The ANP holds your personal data in accordance with the security provisions of the UK data protection legislation.

If you have any questions about security please contact the ANP on 0203 319 9315.

17             Notification of Changes

The ANP will notify all users of any changes it makes to its Privacy Policy.  If the ANP decides to change its Privacy Policy, it will post such changes on this page so that you are always aware of how the ANP uses your personal data.

18             Transfer of your personal data to other countries

We will not transfer your personal data outside the EEA at any time. However, please see the section on Google Analytics in our Cookies section of this policy for the use of personal information by Google.

19             Use of your personal data for automated decision-making

We do not make any automated decisions using this information.

20             Your rights over your data

Data Privacy Laws give you certain rights in respect of the data that we hold about you. Below is a short overview of those rights:

  • With some exceptions, you have the right to have a copy of the personal data that we hold about you. Where the data is data that you have given to us, you have the right to receive your copy of it in a common electronic format, and to provide copies of it to other people if you wish. Access to the personal data we hold on you is free of charge however, we may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs;
  • You have the right to have the personal data we hold about you corrected if it is factually inaccurate;
  • In some circumstances, you have the right to have personal data that we hold about you erased (the “right to be forgotten”). This right is not generally available where we still have a valid legal reason to keep the data (for example, if we are obliged to do so by law);
  • You have the right to require us to stop using your personal data for marketing purposes. You can exercise this right by clicking the “Unsubscribe” link in every non-transactional email footer;
  • You also have the right in some circumstances to request that temporary restrictions are placed on how we process your personal data. For example, if we are processing it on the basis of our legitimate interest and you contest our assessment that our interest is not overridden by your fundamental rights and freedoms; and
  • If we are processing your personal data on the basis of your consent, you have the right to withdraw that consent at any time, in which case we will stop that processing unless we have another legal basis on which to continue.
  • If you need to contact us in respect of any of the above rights, please email In order to protect you and others, we may require you to prove your identity before you exercise these rights.
  • If you are unhappy with how we have handled your personal data, you have the right to complain to your local data protection authority, which in the UK is the Information Commissioner’s Office. You can reach them through their website at or you can contact them on 0303 123 1113.