top of page

Privacy Policy

A legal disclaimer

This Privacy Policy explains how your personal data is collected, used, and protected when you engage with NB3 or access this website. NB3 is operated by Shannon Eastman. I am committed to handling your data with clarity, discretion, and integrity.

Information We Might Gather

  • Contact Information: name, email address, phone number

  • Booking Information: session details, payment confirmation

  • Personal Information You Provide: information shared through intake forms, emails, or sessions across areas such as health, work, relationships, and personal history. 

  • Essential Technical Data: IP address, browser type, and website usage (via cookies)

How Your Data Is Used

Your data is used to:

  • Deliver NB3 forensic diagnostic services

  • Communicate with you regarding bookings and enquiries

  • Prepare for and conduct sessions

  • Provide follow-up materials and recommendations

  • Improve website functionality and user experience

 

Your data is not bought or sold.  The personal information you share during the diagnostic process is deleted from NB3 servers at the end of our 3rd and final session. 

We process your data under the following lawful bases:

  • Contractual necessity: to deliver services you have booked

  • Legitimate interests: to operate and improve NB3 services

  • Consent: where you voluntarily provide sensitive personal information

We proactively delete your personal data from our 3 sessions together, while keeping your email and name on record. 

Confidentiality

All personal information shared as part of the NB3 process is treated as confidential.

However, NB3 is not a medical, legal, or regulated therapeutic service.  Information shared does not fall under clinical confidentiality frameworks. We will not disclose your information to third parties without your consent, except where required by law. We will delete thoroughly any personal information relayed during our work together. 

Data Security and Storage 

We confine sensitive data to our 1:1 sessions, and use paper and pen to take notes, under an alpha-numeric code that does not include any data to identify you personally. Intake forms invite the minimal amount of personal information as a proactive step to minimise risk, while we ensure encrypted laptops are used to secure information we do hold, until that information is deleted a few weeks later from our servers.  We take reasonable steps to protect your data from loss, misuse, or unauthorised access.

Third-Party Services 

We may use trusted third-party providers for:

  • Payments (e.g. Stripe)

  • Scheduling (e.g. TidyCal)

  • Email communication

  • Session Delivery (e.g. Zoom)

These providers process your data in accordance with their own privacy policies.

Your Rights 

Under GDPR, you have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion of your data

  • Restrict or object to processing

  • Request data portability

To exercise these rights, contact: shannon@nb3.io

bottom of page