WHO ARE WE:
We (Earthlife Ltd) are a Wellbeing & Fitness company based in Kew, TW9, offering clients in the nearby area with wide range of Complementary Therapies, Beauty Treatments and Workshops, as well as Fitness Classes for adults and teens.
WHY DO WE HAVE THIS POLICY:
We have reviewed and updated our policies, processes and procedures to comply with the General Data Protection Regulation (EU) 2016 / 679 (“GDPR”) and have updated this Privacy Notice accordingly.
We know that privacy is very important to our customers and as such we want you to understand why we need to collect personal information, how we use that information and to feel confident we’ll protect it. We’ve tried to set this out as simply as possible below.
When we refer to ‘personal information’ in this policy we mean information that identifies you (or could do so), such as your name, address, email address, contact number.
Below we’ve detailed what personal information we’ll collect when you interact with us and the reasons why we collect it. We’ll then use your personal information for these reasons. We only get data from you, not from a 3rd party.
How do we store your personal information:
We want you to feel confident about using our services, so we take our legal obligations to safely store and protect your personal information seriously. We’re constantly reviewing our processes and procedures to protect your personal information from unauthorised access and use, loss and/or destruction.
Contact information collected via this website:
- When you contact us via any of the forms on this website you consent to giving us the information you provide, which will be held on our web server hosted by TSOHost, and on our own computers. Access to both of these is restricted to members of staff that require the information to deal with your enquiries and access to both systems is password protected.
- What we collect: when you call us we may ask you for your name, address, phone number and email address.
- Why we collect it: For performance of contract. We ask for your name so we can speak to you in a friendly way and your phone number and email address, so that we can get back to you on any queries or if there is a problem with your booking. We may ask you if you would like to go on our mailing list for Newsletter and if so, your email address would also be used to send out our Newsletters approximately 6 times a year.
- What we collect: Card details for payment
- Why we collect it: For performance of contract. If you are providing payment details over the phone, we would need the address of where your card is registered and also your card details to be able to authorise the payment. Card details are not written down or kept on file.
- What we collect: the first time you attend for a treatment, we’ll ask you to fill in a consultation form. The form will ask for details such as your name, address, dob, email address, mobile number and relevant health history.
- Why we collect it: Legal obligation. In order to give professional treatments, we need to gather and retain potentially sensitive information about your health. This information will only be viewed and used by the therapists that are treating you.
We will NOT share your information with anyone else (other than within our practice, or as required for legal process) without explaining why it is necessary, and getting your explicit consent.
By law we have to keep basic information about our clients (including Contact and Identity Data) for six years after they cease being customers for tax purposes. However, it is an obligation to our insurers and professional body that we retain all personal data including Contact, Identity and Sensitive Data for a minimum of seven years from the date of the last treatment provided by us. In the case of under 18’s, we are required to keep records for 7 years after the person turns 18.
DISCLOSURES OF YOUR PERSONAL DATA:
We sometimes use other companies to provide some of our services or to provide services to us. So that they can do this, we may need to let them process your personal information.
We may have to share your personal data with the parties set out below for the purposes set out
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.
- Email marketing service to send out Newsletters.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example cookies used for load balancing to manage server traffic demand.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. Primarily used for people who log into our website.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
PROTECTING YOUR PERSONAL DATA
We are committed to ensuring that your personal data is secure. In order to prevent unauthorised access or disclosure, we have put in place appropriate procedures to safeguard and secure the information we collect from you. Consultation Forms are kept for 7 years after your last treatment and are stored in lockable lockers and only our therapists and receptionists have access to them.
We may contact you by phone, email or SMS in relation to:
- Appointment times
- Special offers and promotions (you may unsubscribe from these at any time)
- Newsletters, if you have signed up for them (you may unsubscribe from these at any time)
What are your rights:
GDPR gives you the following rights:
- The right to be informed: To know how your information will be held and used (this notice).
- The right of access: To see your therapist’s records of your personal information, so you know what is held about you and can verify it.
- The right to rectification: To tell your therapist to make changes to your personal information if it is incorrect or incomplete.
- The right to erasure (also called “the right to be forgotten”): For you to request your therapist to erase any information they hold about you (also see Therapist’s Rights below)
- The right to restrict processing of personal data: You have the right to request limits on how your therapist uses your personal information
- The right to data portability: under certain circumstances you can request a copy of personal information held electronically so you can reuse it in other systems.
- The right to object: To be able to tell your therapist you don’t want them to use certain parts of your information, or only to use it for certain purposes.
- Rights in relation to automated decision-making and profiling.
- The right to lodge a complaint with the Information Commissioner’s Office: To be able to complain to the ICO if you feel your details are not correct, if they are not being used in a way that you have given permission for, or if they are being stored when they don’t have to be.
Full details of your rights can be found at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you wish to exercise any of these rights, please use the contact details given above.
If you are dissatisfied with the response you can complain to the Information Commissioner’s Office; their contact details are at: www.ico.org.uk
- If you don’t agree to your therapist keeping records of information about you and your treatments, or if you don’t allow them to use the information in the way they need to for treatments, the therapist may not be able to treat you
- Your therapist has to keep your records of treatment for a certain period as described above, which may mean that even if you ask them to erase any details about you, they might have to keep these details until after that period has passed
- Your therapist can move their records between their computers and IT systems, as long as your details are protected from being seen by others without your permission.