It is very important that your information is kept private and for this reason You in Mind (Holistic Therapies & Training) ('You in Mind') will not sell, trade or rent your personal information to others unless you have given us your permission. The information is gathered when you book a course with us or fill in one of our forms.
We keep personal information of our customers private. If we ask for feedback on our courses we will always ask if we can show this on our site and only do so if you explicitly give permission. We do not show your email address on the web site.
Any information which is obtained through analysis of server logs and through the use of "cookies" placed on user machines will remain private. A cookie is a piece of software that a Web server can store on a PC to identify the User should they visit the website again. While not all of the information that we collect from Users is personally identifiable, it may be associated with personally identifiable information that Users provide us through our website.
Personal information provided by you is retained as long as the purpose for which the data was collected continues. It is then archived or destroyed unless its retention is required to satisfy audit, legal, regulatory or accounting requirements or to protect You in Mind's interests.
THE PURPOSE OF THIS NOTICE
This Notice is designed to help you understand what kind of information we collect in connection with our products and services and how we will process and use this information. In the course of providing you with products and services we will collect and process information that is commonly known as personal data.
This Notice describes how we collect, use, share, retain and safeguard personal data and sets out your individual rights; these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data.
WHAT IS PERSONAL DATA?
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, gender and contact details.
Personal data may contain information which is known as special categories of personal data. This may be information relating to and not limited to, an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to sexual orientation.
Personal data may also contain data relating to criminal convictions and offences.
For the purposes of safeguarding and processing criminal conviction and offence data responsibly, this data is treated in the same manner as special categories of personal data, where we are legally required to comply with specific data processing requirements.
PERSONAL DATA WE COLLECT
In order for us to provide our services for you, we will collect and process personal data about you. We will also collect your personal data where you request information about our services, promotions and campaigns.
How do we collect personal information?
We may obtain personal information from you by telephone or through our website, or other similar devices, channels or applications operated by us.
You may provide us with personal data when completing contact forms, when you contact us via the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.
We make sure that we have appropriate security measures to protect your information. We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law. Note that it is your responsibility to check and ensure that all information, content, material or data you provide is correct, complete, accurate and not misleading and that you disclose all relevant facts.
We will collect your personal data when you visit our website, where we will collect your unique online electronic identifier; this is commonly known as an IP address.
We will also collect electronic personal data when you first visit our website where we will place a small text file that is commonly known as a cookie on your computer. Cookies are used to identify visitors and to simplify accessibility, and to monitor visitor behaviour when viewing website content, navigating our website and when using features.
We may record your communications with us when contacting our team.
A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.
A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.
For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
WHY DO WE NEED YOUR PERSONAL DATA?
We may use your personal information:
- To enable you to access and use the services;
- To personalise and improve aspects of our services;
- For research, such as analysing market trends and customer demographics;
- To communicate with you, including some or all of the following:
4.1 Sending you information about products and services which we think may be of interest to you. If you agree, we will contact you (depending on your contact preferences) via email, post, telephone, sms, or by other electronic means such as via social and digital media this may include new product launches, newsletters and opportunities to participate in market research
4.2 Sending you a confirmation email of your booking or purchase from our web site - when you book a course with us, you will be sent confirmation of your booking by email (or SMS if requested) so that you have a record of it and can easily retrieve your booking information in the future. This is a standard part of our services and by using the services you agree to receive these communications.
WHY DO WE PROCESS YOUR PERSONAL INFORMATION?
We will only collect and use your personal information (as described above points 1 - 4) in accordance with GDPR requirements. Our grounds for processing your personal information are as follows:
- Consent - Where necessary we will only collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing emails and process any sensitive information about you if we have your consent.
- Legitimate Interests - We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
2.1 To communicate with you about the services. We need to keep you informed about your use of the services, for example sending you a confirmation email of your booking or purchase. This won’t include marketing communications unless you have given us your consent to receive these; and
2.2 To improve our services. We may use your personal information to personalise aspects of our service or for market research. We constantly aim to improve our services to you and using your personal information in this way helps us to do this. You have a right to object to our use of your personal information for these legitimate interests including where we may use your personal information to create a profile to inform customer demographics. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we are continuing to process your personal information. Please contact our Data Protection Officer if you wish to exercise this right.
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
- The right to be informed about the personal data being processed;
- The right of access to your personal data;
- The right to object to the processing of your personal data;
- The right to restrict the processing of your personal data;
- The right to rectification of your personal data;
- The right to erasure of your personal data;
- The right to data portability (to receive an electronic copy of your personal data);
- Rights relating to automated decision making including profiling.
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
The flow of data within the insurance sector is complex and we ask you to keep this in mind when exercising your ‘rights of access’ to your information. Where we may be reliant on other organisations to help satisfy your request this may impact on timescales.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact the Data Privacy Officer by e-mail in the first instance at email@example.com
PROTECTING YOUR DATA
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data with authorised third parties.
How long do we keep your personal information?
Last updated May 2018
If you are dissatisfied with any aspect of the way in which we process your personal data please contact our Data Privacy Officer. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 0303 123 1113.
HOW TO CONTACT US
If you have any questions regarding this Notice, the use of your data and your Individual Rights please contact our Data Privacy Officer by e-mailing firstname.lastname@example.org in the first instance.
We may also use your information to notify you of the latest Solace services, news and our exciting new courses we offer. If you do not want to receive such marketing communications, please send an email to email@example.com
We may permit selected third party partners or affiliates of ours to provide you with information about their products and services which may be of interest to you, as long as you have consented to receive marketing communications from our selected third parties for such purposes.
You may opt out from receiving marketing communications at any time by notifying us in writing, contacting us at firstname.lastname@example.org