01952 463876 or 07821 380038

 
 

Privacy Policy

Our Privacy Policy

The Policy in Brief.

We are committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.
We will never sell your personal data, and if we share your personal data, it will only ever be with our partner organisations where necessary, to provide services, such as when using our website for any queries or purchases and only then if we are certain that its privacy and security are guaranteed.
It’s important that you read the full policy to understand what information we hold, how we use it, and what your rights are – but if you don’t have time to read it all now, here’s a quick summary:

We collect information that is personal data (see section 3) 
We collect information from clients and customers
We collect and use personal data for several reasons, this depends on how you interact with us and we only collect the information that we need or that would be useful to us in our quest to provide the best possible service (see section 2)
We do our very best to keep personal information secure (see section 6)
We never sell your data and we will never share it with another company or charity for marketing purposes.We will not share your data, unless we are required by law or to organisations we work with where necessary to provide the right services to you and only then provided that the privacy and security of data is guaranteed (see section 4)
Our website uses cookies – for more information check our cookies policy (see section 11)

Contents
1. Overview
2. Why we process data
3. Categories of data we collect
4. Who your data is shared with
5. How we collect your data and from where
6. How your data is used
7. Our responsibilities
8. Your data rights
9. Access to non-personal organisation data
10. How to raise a complaint about information
11. How we use cookies

1. Overview
We collect, hold and process personal information about our customers to allow us to provide services such as holistic therapies and selling goods on the premesis and on line. There are times when we collect email addresses with consent to send automated receipts, information such as results of readings and workshop or training events you have told us that you are interested in.
This privacy notice tells you what to expect when the we processes your personal information, how it is used, shared and secured.
Your privacy is important to us and we are therefore committed to handling your personal data in accordance with the provisions of the Data Protection Act 1998, General Data Protection Regulation 2016/679, and any subsequent changes to data protection legislation.

2. Why we process data
We collect and use your personal data for several reasons, this depends on how you interact with us.
Some of the reasons are things we must know such as:
Allow to us to deliver an Holistic therapy so that we can make the right decision to go ahead with the therapy, ensuring that any injuries, allergies or history are discussed, as well as any medical conditions that may pose a risk to you regarding the therapy chosen.  
Where relevant Data Protection legislation allows us to process data (Data Protection Act 1998) (General Data Protection Regulation 2016/679).
Company administration and all activities we are required to carry out as a data controller.
Some of the reasons will be to provide a range of services to local people and businesses, which include:

  •  Administering waiting lists for future courses / workshops.
  •  Administering pre-pay club cards to pay for goods or courses.
  •  Supporting and managing our employees, volunteers, agents and any future contractors/therapists.
  •  Update your customer records.
  •  Maintaining our own accounts and records.
  •  Carrying out health and safety tasks.
  •  Managing our property.
  •  Licensing and regulatory activities.
  •  Managing archived records for historical and research reasons.
  •  Understanding what we can do for you and informing you of other relevant services and benefits.

Some of the reasons will be because you have signed up to receive a service we offer or given your consent for us to use your details so that we can:

  • Understand your needs to best provide the services that you request.
  • Asking for reviews and getting your opinion on our services to help us improve.

We may not be able to provide you with a product or service unless we have enough information, or your permission to use your information. We aim to keep your information accurate and as up to date as possible.

3. Categories of data we collect
We will need to collect your personal data for a service you have signed up for (consented to).
No more information will be collected than is required to deliver that service.
Types of personal information we may collect about you may include:

  • Personal details (name, date of birth)
  • Next of kin details
  • Parent or guardian details
  • Lifestyle and social circumstances (only where appropriate)
  • Goods and services
  • Case file information
  • Special categories of data (also known as sensitive personal information), that we may hold about you include:
  •      Physical or mental health details
  •      Social care/support needs
  • Gender
  • Age

4. Who your data is shared with
We work with others to provide you with information about our services and goods.  Our website is managed by an e-commerce site Zupastore; we are members of the Reiki Federation and the Federation of Spiritual Healers, when you make an enquiry or buy on-line. We will only have access to your information on a need to know basis, and your privacy and the security of the information is assessed when a new sharing partner is identified.

Examples are:
Ombudsman for any complaints and membership authorities will pass on your details to us if there is a query via their website for services we provide.

We also share information with third party organisations such as in cases where it is necessary to do so, to comply with the law or where permitted under Data Protection legislation (Data Protection Act 1998) (General Data Protection Regulation 2016/679).
Examples of third parties who we may share your information include (but are not limited to):

  • Health bodies (NHS Trusts, GPs)
  • The Police
  • Regulatory bodies such as the Department of Work and Pensions
  • Care Quality Commission

We ensure that the partners we work with protect your data properly and are only sharing the minimum amount of data we need to, to provide you with a service. Where we need to share sensitive or confidential information such as medical details, we will do so only with your permission or where we are legally required to do so. We may share information to prevent risk of harm to an individual, for example in the case of safeguarding.

Where we suspect any fraudulent activity. Information may be shared with:

  • Her Majesty’s Revenue & Customs (HMRC)
  • The Police
  • Health bodies (NHS Trusts, GPs)

We do not share your data with third countries or international organisations. 

5. How we collect your data and from where

Face to face:
Most of our business is done this way. We keep a record of your contact in order to assist on the delivery and record findings for your progress on the outcomes of the services we provide to you. Any such records that include any personal information will be kept securely.

Telephone calls:
We do not record or monitor any telephone calls you make to us. Any card payment details are input securely using Paypal, keyed in during the transaction and are not stored once completed. 

Emails:
If you email us we may keep a record of your contact and your email address for our record keeping. We will not include any confidential information about you in any email we send to you unless sent securely or you have agreed to us contacting you with this information. We would also suggest that you keep the amount of confidential information you send to us via email to a minimum.

On paper:
You may complete a client record, consent form, course booking form or note for processing / ordering items not in stock. You may write us letters and send these in on paper.

Online:
You may complete online forms, make requests, or make online payments to us.

On systems:
We may log any information you provide to us on a computer system to help us keep track of your request, track your appointments or any actions we need to complete. We may add your information to systems where we are required to by law.

From other sources:
We may receive information about you from other organisations or agencies such as:
Providers of goods and services
Local and central government (e.g. Department of Work and Pensions, HMRC)
Licensing authorities
Health bodies (NHS Trusts, GPs)
The Police
Care Quality Commission

6. How your data is used
Information which you have provided to us will be stored securely. It will be used for the purposes stated when the information was collected, and not reused for different purposes or sold on to others.

Your data will be placed in an appropriate system, such as locked filing systems that hold information about you or a secure data-base. These are used to provide or administrate our services. 
We do not have any assessments that result in an automated decision being made about you or could be seen as profiling. You can ask us to explain what this means, should you require it.

7. Our responsibilities
Everyone working for us has a legal duty to keep information about you confidential and secure, for specific purposes and only for as long as necessary. Legislation and best practice guidance that we abide by is:

  • Data Protection Act 1998/General Data Protection Regulation 2016/679
  • Human Rights Act
  • British Standard and International Standard (BS/ISO) 15489-Records Management

Where we share information with other bodies or agencies, we will ensure the confidentiality and security of your data. This will normally be done by having a contract and confidentiality clauses in place. We may in the future, carry out data privacy impact assessment each time we start a new project, to help us build in security and privacy to protect your information.

We will keep your information in line with legislation and guidance on records retention periods. We will not keep your information longer than it is needed. We will dispose of paper records or delete any electronic personal information in a secure way.
We do not share your data with private companies, unless they have a contract with us to provide a service on behalf of us. For example, a company who will deliver goods on our behalf can only use the data we give them for this purpose and they must delete it after the task has been done.

8. Your data rights
Under the Data Protection Act 1998/ General Data Protection Regulation 2016/679 you have rights of how your personal and special category (known as sensitive) information is used. Please see the Information Commissioners Office guidance.

* You have the right to be informed of how we are processing your data. This policy explains this in detail.
* You have the right to ask for incorrect data to be rectified.
* You have right to request the deletion or removal of personal data where there is no reason for its continued processing.
* Where you have signed up to a service which relies on your consent alone (i.e the services is not covered by a statutory duty) you have the right to withdraw your consent.
* The right of access to your data (from 25th May free of charge). All requests for access must be made in writing to us, the contact details are below:

9. Access to non-personal organisation data
We sometimes receive sets of non-personal data This is a report of the website views on a daily basis, orders per day, week or month for example or performance data from Facebook, Paypal or Yell.com. 

If you have a different question you can make a request for non-personal information which Jehandra holds as part of their work under the Freedom of Information Act 2000 or the Environmental Information Regulations 2004.

10. How to raise a complaint about information
If you have a complaint in relation to a request to see a copy of your records or a freedom of information request, please contact us in the first instance to request an internal review of our response.
For Data Protection and Freedom of Information complaints, you can use the contact details at the bottom of our website pages.

If you follow this procedure and are still not happy, you may wish to contact The Information Commissioner's Office:

Post:
The Information Commissioner's Office
Wycliffe House
Wilmslow
Cheshire
SK9 5AF
Telephone: 08456 306060
Email:
casework@ico.org.uk

11. How we use cookies
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

12. Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.