Your Life in Your Hands
GDPR Data Protection Privacy Notice
GDPR data protection privacy notice – Overview
Who collects the information
The Company is a ‘data controller’ and ‘data processor’ and gathers and uses certain information about you.
Data protection principles
We will comply with the data protection principles when gathering and using personal information, as set out in our data protection policy.
About the information we collect and hold
Appendix A summarises the information we collect and hold, how and why we do so, how we use it and with whom it may be shared.
We may also need to share some of the categories of personal information with other parties, such as external contractors and our professional advisers and potential purchasers of parts or all our business or in a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information as required to comply with the law.
We seek to ensure that our information collection and processing is always proportionate. We will notify you of changes to information we collect or to the purposes for which we collect and process it.
Where information may be held
Information may be held at our offices, and third-party agencies, service providers, representatives and agents. We have security measures in place to seek to ensure that there is appropriate security for information we hold.
How long we keep your information
We keep your information during and after your association with the Company for no longer than is necessary for the purposes for which the personal information is processed.
Your rights to correct and access your information and to ask for it to be erased
Should you wish to contact our Data Protection Officer (DPO) you may do so via email at: firstname.lastname@example.org or by telephone 07932 249497 in accordance with applicable law, if you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our DPO for some but not all the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our DPO will provide you with further information about the right to be forgotten, if you ask for it.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
We hope that our DPO can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.
Changes to this notice
This notice was published on 22nd May 2018 by Shirley Powell and last updated on 24th May 2018. We may change this privacy notice from time to time, when we do we will inform you via email.
- What information we hold about you?
We collect and retain the following information about our clients, subscribers and contacts:
- First name
- Email Address
- Job Description
- Company Name (where applicable)
- Company Address
- Services provided
- Personal telephone number including mobile or home contact numbers
- Work telephone number
- Credit card, bank details or other billing information.
2. How is this information held?
The above information is stored on an encrypted Microsoft Excel and Microsoft Outlook databases. We will treat your information with respect and all information will be kept strictly confidential and stored securely and will not be shared unless you have given prior consent.
These databases are kept on an encrypted Company owned computers and external hard drive. The external hard drive is stored externally in a secure location. In addition to the Microsoft Excel and Microsoft Outlook databases, individuals who subscribe to our newsletter through our website have their information stored on our password protected database. Any individual who is emailed through our Outlook account may also have their email address, first name and surname details stored on our password protected Outlook account.
- Why do we hold this information?
We retain the above information about you in order that we may contact you about the Company’s events, send you invoices, financial statements of account or any updates to our services or terms of conditions.
- How is my information used?
Information is used in order that we may contact you about the Company’s events and news. Additionally, subscribers and clients’ information is used for internal statistical analysis in order to determine subscribers and clients numbers. Information may also be used as part of investigations by regulatory bodies, or in connection with legal proceedings or requests.
- With whom is your information shared?
Your information is shared with the management and staff of the organisation (on a need to know basis), all of whom are required to sign a confidentiality undertaking. Personal medical history from your lifestyle/physical health assessment may be shared with other medical professionals for the purposes of ensuring the completeness of your diagnosis and continuing care plan with your consent.
Your Life in Your Hands
Last Updated 24thMay 2018