privacy policy
In accordance with the General Data Protection Regulation (GDPR) which came into force on the 25th May 2018, the information below shows how your data will be stored, used and protected by Anna Taylor.
This Privacy Policy describes how we collect, use, protect, process and share your personal data when you book classes, workshops, training courses or private sessions with me, directly with me or otherwise interact with me.
We may update this Privacy Policy at any time to ensure we can carry out the services we provide in the most effective and efficient way possible. If we make changes we will notify you by revising the date on our published document on our website or for more substantial changes, by contacting you via email to seek consent.
1.The identity of the controller
You are hereby informed that the Data that you provide is collected, used, protected and processed by Anna Taylor and her administrative staff.
2.Collection of Data
Your data is collected when you browse our website, contact us via email, phone or in person or through our website and when you submit information in the form of booking or health forms.
Data we collect falls into the following categories:
Identification information (name)
Contact information (email, phone)
Medical information (the information provided in health forms supplied by clients)
Browsing information
Transaction history
Data is gathered directly from you from direct communication with us, i.e. client health / intake form, registration form, health questionnaire, emails, phone calls, booking for events, transactions.
2.1. Information you provide to us
We process data you provide directly to us, in particular when you complete a registration form, client intake form or class booking form.
For example, we collect data when you create a booking, register for an event or a course, or otherwise communicate with us.
The data may include the following as well as any other type of information that we specifically request you to provide to us through our booking or client intake forms, such as:
Name
Address
Date of Birth
Phone no
Email
Contact in case of emergency
Medical history
Transaction history
3. How we use the Data
We may use information about you for the following purposes:
Medical history – to be aware of your medical history to ensure that you are best served in group classes and one-to-one sessions.
Process transactions including confirmation / receipts of payments, invoicing for payment for services requested.
To inform you about when courses that you have or regularly book onto are taking place, or of any class cancellations due to unforeseen circumstances.
To send email updates about forthcoming yoga and mindfulness offerings including classes, workshops, courses and retreats (if specific Respond to enquiries made via www.mindbodybalance.co.uk or or by telephone.
Monitor and analyse trends, usage and activities in connection with our services
4. How we share your data
Your data is not shared with anyone else. The only people who have access to your data is myself and admin staff where applicable.
In response to a request for information if we are required by, or believe disclosure is required by, any applicable law, regulation or legal process, including in connection with lawful requests by law enforcement, national security, or other public authorities.
5. The period of data retention
Our insurance providers require us to retain all records for a period of 7 years after the last appointment, or in the case of minors, for 7 years after their 18th birthday. We use this timeframe for all of our data. After 7 years have elapsed without use, files are destroyed.
We hold transaction data indefinitely on our online system to provide best customer service.
6. Security
We are committed to taking appropriate measures designed to keep your data secure. Our technical, administrative and physical procedures are designed to protect data from loss, theft, misuse and accidental, unlawful or unauthorized access, disclosure, alteration, use and destruction. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received.
7. Your rights
Under the General Data Protection Regulations 2018 (GDPR) individuals have the significantly strengthened right
Obtain details about how their data is processed by an organisation or business
Obtain copies of personal data that an organisation holds on them
Have incorrect or incomplete data corrected
Have their data erased by an organisation, where, for example, the organisation has no legitimate reason for retaining the data
Obtain their data from an organisation and to have that data transmitted to another organisation (Data Portability)
Object to the processing of their data by an organisation in certain circumstances
Not to be subject to (with some exceptions) automated decision making, including profiling.
8. In the event of a Breach
Every precaution will be taken to avoid a breach of your data, but if such a breach should occur, it will be documented, assessed as to its severity and appropriate action taken. The Data Protection Commissioner will be informed and you will be contacted to help you take steps to mitigate the risks to yourself, if it is deemed a severe enough breach as to put you, your identity, your financial means etc. at risk.
Should you have any questions in relation to how your data is stored, please do contact me on anna@mindbodybalance.co.uk.
Last updated 25 May 2018