Privacy Policy

This privacy policy sets out how Juliette O’Hea, who owns the business ArthritisFirst, gathers, uses, and secures any information that you share with her. Juliette is both the appointed data collector and controller and she can be contacted via the website or at

This policy has been developed in accordance with the new EU General Data Protection Regulation (GDPR), that came into effect on the 25th May 2018.

What data is collected

Personal data you share on your consent form may include your  email address, telephone numbers, correspondence address and your GP and hospital consultant(s).

Relevant details regarding your health you would have shared on your health assessment questionnaire. She does not hold any of your sensitive data e.g. race or religious beliefs or bank details. She does not obtain any information when you visit her website. She will only use your details to assess your current health status and to contact you about the exercise classes and any relevant health information. She will never  pass on your personal information to other organisations.


Please be assured that she takes her responsibilities for looking after your personal data very seriously in order to protect your privacy and security. To prevent unauthorised access or disclosure, she has put in place suitable physical, electronic and administrative procedures to safeguard the information she collects and uses. In the unlikely event of a data breach, she will inform you at the earliest opportunity.

Retention of data

Her policy is to review all data held on individuals on a regular basis and to destroy any information 2 years after you were last seen unless you contact her to the contrary.

Updating your personal information

If you do not want to be kept on her email database and would like to opt out from the ArthritisFirst email list, please contact her by telephone or email.  Your personal data will then be erased from the system and she will no longer contact you.  Conversely you can opt back in at any time.

Your rights under the GDPR

You have the following rights over your data and its use:

  • The right to be informed about what data she is collecting on you and how she will use it
  • The right of access – you can ask to see the data she holds on you
  • The right to rectification – you can ask that she updates or corrects your data
  • The right to object – you can ask that she stops using your data for a particular purpose
  • The right to erasure – you can ask her to delete the data she holds on you
  • The right to restrict processing – you can ask that she temporarily stops using your data while the reason for its use or its accuracy are investigated.

All requests related to your rights should be made to Juliette.

You can find out more about your rights on the Information Commissioner’s Office website.

Juliette may change this notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

Effective from 25 May 2018, updated 3rd October 2021