IMPORTANT TERMINOLOGIES FOR USERS
Any information related to a natural person or ‘Data Subject’ that can be used to directly or indirectly identify the person. Data Subject A natural person whose personal data is processed by a Data Controller.
The entity that determines the purposes, conditions and means of the processing of personal data.
Any freely given, specific, informed and explicit consent by statement or action signifying agreement to the processing of the personal data by the user “Data Subject”.
Any operation performed on personal data, whether or not by automated means, including collection, use, recording, etc.
WHAT INFORMATION WE COLLECT FROM YOU
There are two types of information that we collect from you on our website. One is done manually and the other one is done on automatic basis. The data we collect manually are:
• Email Address
• Contact Number (telephone and mobile number)
• Message (through contact form)
Please note that we do not ask you to share this information with us for personal gains. Users share this information with us through contact form, we only receive this data from the users. Users are requested to give consent in their messages sent through content form to allow us to use their name and email address to respond them. Information that is collected on an automated basis are:
• IP Address
• Browser Type
• Session period (time the user was on this site)
• Search history
Please note that this information is collected automatically and we do not collect it to misuse it or contact the user directly with his or her consent. Furthermore, we also request the in-house customers who visit the clinic to fill in our health questionnaire to better understand the customer’s health history and requirements.
The Site may use cookie and tracking technology depending on the features offered. Cookie and tracking technology are useful for gathering information such as browser type and operating system, tracking the number of visitors to the Site, and understanding how visitors use the Site. Cookies can also help customise the Site for visitors. Personal information cannot be collected via cookies and other tracking technology, however, if you previously provided personally identifiable information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.
Distribution of Information
I may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. I may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorised transactions; or, (3) investigating fraud which has already taken place. The information is not provided to these organisations for marketing purposes.
HOW WE PROCESS THIS INFORMATION
The personal information of the users will be processed as per company’s standard procedures while keeping the privacy and secrecy of individual’s data and not disclosing or misusing it. The information received through contact forms, emails, or phone calls are used to provide professional fitness and therapy services to the users. We only use this information to process the orders of the users. For-example, if someone wants to book an appointment for his or her therapy session or fitness session, we will use their name and email for appointment purposes and to brief the users in future for follow-ups if and when required. Users will have the option to withdraw consent after receiving our services and opt not to receive any follow-up calls or emails. However, once they withdraw we will not be able to provide any information or services to the users/clients. We also process the information from the health questionnaire of the customer to offer the most suitable services.
WHY WE PROCESS THE PERSONAL INFORMATION
Monitoring of user activity
The response of users (customers) are also processed with a purpose to monitor overall engagement of the user on this site and report if something unusual happens. In most cases, spam users allocate bots to configure encrypted data from the site, to stop such activities that may harm the site of data of other users, a continuous evaluation of automatic data (such as IP Address and search history) is monitored. It helps us identify whether the user is a natural person or an unidentified spammer or fake bot.
We also process your personal information to process your appointments seamlessly and to notify you about the status of your appointments with the doctor. Consumer Engagement – We might also send you promotional emails, such as discount codes and vouchers on our different hair related services to maintain a healthy customer-client engagement. Users will have the option to opt-out from receiving any such emails from us by simply clicking the unsubscribe button at the end of any email sent by us.
Retention period refers to the time period for which we keep your data stored on your servers, computers, manually written questionnaires or insurance policies. Eastbourne Pilates removes all the data of users “data subject” after a period of 7 years. Furthermore, if you (user) wants us to remove their data from our website and servers because they do not wish to use our services anymore they can always contact us with their concerns at email@example.com and we will make sure to take care of any query or concern requested by the user.
You must be 18 years or above to avail the services from this website. You can only use our website if you are above the required age or under the surveillance of a Parent or Guardian. We do not collect any personally identified information from minors and in the event if we accidently do so we immediately delete it from our servers and systems.
We have not faced any data breach on our website ever. However we will report any unlawful data breach of this website’s database to all the relevant individuals and authorities within the prescribed time period 72, only if it is obvious that personal information or data stored in an identifiable manner has been stolen or breached.
SHARING OF INFORMATION TO THIRD-PARTIES
Eastbourne Pilates does not share your personal information with any third-party. We respect the privacy of our clients and thus ensure to maintain the confidentiality of personal information. We do not sell, share, modify, amend or distribute your personal information to any Third-party. We are obliged to maintain professional and ethical secrecy of our customers.
USER’S RIGHTS UNDER GDPR
Right to Erasure
Users have the right to contact us if they want us to delete their information from our servers. If you are not comfortable about your data being stored with us, you can always send us a request to remove your personal information and we will erase it from our servers. Furthermore, you will not be able to sign-in or continue with using our services or products.
Right to be informed
User’s right to know how we process your information/data.
Right to access
User’s right to ask us of what information we hold about you on our systems.
Right to data portability
User’s right to receive the personal data which you have shared with us, in a structured and machine-readable format to transfer to another data controller with your own consent and/or under any binding contract.
We respect the privacy and personal choices of our users. As an individual user, you can always opt-out or unsubscribe any time if you do not want to receive any promotional emails. We try to cater the unsubscribe requests of our users in a timely and prompt manner. You can always click on the “unsubscribe link” in any of our emails to not receive any further emails in future.
LEGAL OBLIGATION TO DISCLOSE PERSONAL INFORMATION
Eastbourne Pilates does not collect sensitive personal data, furthermore we only collect personal information for a lawful purpose, which is directly related to the website’s activities and necessary for that purpose. We only ask for information that is significant for the successful processing of your queries and concerns. We do not process any personal information without the consent of the users. Users have a free will to give consent for the use and processing of their personal data in order to receive great user experience. We do not disclose the personal information of the users to anyone else without prior consent, however there are some exceptions in which we might disclose your data such as:
• For certain purposes to do with criminal justice or the taxation system
• For processing personal data in connection with regulatory activities.
• Personal data is exempt from the non-disclosure provisions if you are required to disclose it; by or under any UK enactment; by any rule of common law; or by an order of a court or tribunal in any jurisdiction.
HACKING AND VIRUSES
Our data is kept safe on secure servers and databases, however, it is an established fact that data over the internet is never safe. Therefore, we do not take any responsibility for the loss/stealing of data due to unethical hacking or introduction of viruses into our systems. We are liable to report such incidents to the relevant law-enforcement authorities.