Dated: May 2018
KAREN BASHFORD PRIVACY NOTICE
We Karen Bashford (also referred to as “company”, “we”, “us”, or “our”) are a sole trader, providing coaching services, Hypnotherapy and Tarot Readings to clients. The registered address is 27 Stuart Road, Warlingham, Surrey CR6 9JH .
THE PURPOSE OF THIS NOTICE
This Notice describes how we collect, use, share, retain and safeguard personal data.
This Notice sets out your individual rights; we explain these later in the Notice but in summary these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data.
WHAT IS PERSONAL DATA?
The term “personal information” is defined as information that you voluntarily provide to us that personally identifies you and/or your contact information, such as your name, phone number, and email address.
Personal data may contain information which is known as special categories of personal data. This applies to information relating to and not limited to an individual’s health and finances.
Information We Collect About You and How We Collect It
In order for us to provide coaching services to you, we will collect and process personal data about you, including information pertaining to your health and finances, e.g. when you visit our website or social media channels.
You may provide us with personal data when completing online contact forms, make online requests for newsletters, when you contact us via the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.
Health and finance information is a special category of information which falls under “Explicit Consent”. New EU data regulation requires consent to be “explicit” and evidenced by “a statement or by a clear affirmative action”. In accordance with this, our company will ask you to provide evidence accordingly, by asking you to sign a separate “sensitive data “consent form.
We will collect your personal data when you visit our website, where we will collect your unique online electronic identifier; this is commonly known as an IP address.
We may also collect electronic personal data when you first visit our website where we will place a small text file that is commonly known as a cookie on your computer. Cookies are used to identify visitors and to simplify accessibility, and to monitor visitor behaviour when viewing website content, navigating our website and when using features.
How We Use Your Information
We may use your date for different legitimate reasons and business purposes, including provision of coaching, hypnotherapy and tarot reading services, research, presentations, publications and media activity. We do not share your information, except in the way described here, and in all cases the information is anonymised to maintain client confidentiality.
It is a condition of my Insurance Policy, to take and retain my written client notes and completed questionnaires from clients. The policy wording notes:
“The records shall be kept for at least 7 years following the last occasion on which treatment was given”.
In accordance with this policy, your data will be stored securely for 7 years.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored in a technically and physically secure environment. Unfortunately, the transmission of information via the internet is not completely secure.
Although we take reasonable measures to protect your information, we cannot guarantee the security of your personal information transmitted to our Website or via email. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website or via email.
Additionally, you release us from any and all claims arising out of or related to the use of such intercepted information in any unauthorized manner.
International Transfers of Personal Data
Data is held outside of the EEA through the use of AWeber an email marketing and auto responder provider.
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018, and include
– The right to be informed about the personal data being processed;
– The right of access to your personal data;
– The right to object to the processing of your personal data;
– The right to restrict the processing of your personal data;
– The right to rectification of your personal data;
– The right to erasure of your personal data;
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
Karen Bashford is the registered Data Controller under the Data Protection Act.