Retreat Harrold Logo

Privacy Policy

WEBSITE PRIVACY POLICY

KEY DETAILS:

The Retreat (Harrold) Ltd ("We") is/are committed to protecting and respecting your privacy.

This policy (together with our terms of use [https://app.shedul.com/online_bookings] and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
The rules on processing of personal data are set out in the General Data Protection Regulation (the 'GDPR').

1. Definitions

Data controller - A controller determines the purposes and means of processing personal data.
Data processor - A processor is responsible for processing personal data on behalf of a controller.
Data subject - Natural person
Categories of data: Personal data and special categories of personal data
Personal data - The GDPR applies to 'personal data' meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier (as explained in Article 6 of GDPR). For example name, passport number, home address or private email address. Online identifiers include IP addresses and cookies.
Special categories personal data - The GDPR refers to sensitive personal data as 'special categories of personal data' (as explained in Article 9 of GDPR). The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual. Other examples include racial and ethnic origin, sexual orientation, health data, trade union membership, political opinions, religious or philosophical beliefs.
Processing - means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Third party - means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

2. Who are we?

The Retreat (Harrold) Ltd is the data controller. This means we decide how your personal data is processed and for what purposes. Our contact details are: The Retreat (Harrold) Ltd, 72 High Street, Harrold, Bedfordshire MK43 7BH. For all data matters contact Gail Walker on 01234 721187.

3. The purpose(s) of processing your personal data

We use your personal data for the following purposes:

*To communicate your appointment times and dates to you and any amendments or cancellations of these.
*To allow us to make bookings on your behalf.
*To ensure that there are no health issues which would contraindicate to your treatments booked for you.
*To communicate any special promotions, new treatments, events and marketing information to you.
*To ensure that we have a continuation of your health, and treatment history details for HMRC and Insurance purposes.
*To ensure that any clients attending treatments at our Club Towers facility are able to enter the premises unrestricted (we supply a simple list of names and times to their reception desk each morning for those booked in for treatments).


4. The categories of personal data concerned
With reference to the categories of personal data described in the definitions section, we process the following categories of your data:
Personal data: Name, address and contact details including phone numbers and email addresses, date of birth, doctor's details, health records, treatment details, payments received details (but not payment card information).
We have obtained your personal data from information you provide to us initially by telephone or face to face or through our website when making your first booking with us and thereafter from the Client Information Record that you complete prior to your first treatment. We do not access any publicly accessible sources.

5. What is our legal basis for processing your personal data?
a) Personal data (article 6 of GDPR)

Our lawful basis for processing your general personal data:
Consent of the data subject;

Processing necessary for the performance of a contract with the data subject or to take steps to enter into a contract

Processing necessary for compliance with a legal obligation

Processing necessary to protect the vital interests of a data subject or another person

More information on lawful processing can be found on the ICO website.

6. Sharing your personal data

Your personal data will be treated as strictly confidential, and will be shared only with staff who work within the business. We will also provide Towers Health & Racquets Club Reception and Management the list of appointments due in each day for treatments at our salon on their premises. This information is strictly limited to your name and time of appointment.

7. How long do we keep your personal data?

[We keep your personal data for no longer than reasonably necessary for a period of 7 years in order to be able to provide information to the HMRC or our Insurance Company in case of any legal claims/complaints; for safeguarding purposes only.

8. Providing us with your personal data

You are under no statutory or contractual requirement or obligation to provide us with your personal details, however failure to do so will have the following consequences, depending on the information withheld:

* We may be unable to carry out any treatments on you.
* We may be unable to communicate any appointment times or confirmation texts or emails to you.
* We may not be able to communicate any information which may be of interest to you regarding special promotions, new treatments or marketing information.

9. Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
The right to request a copy of the personal data which we hold about you;
The right to request that we correct any personal data if it is found to be inaccurate or out of date;
The right to request your personal data is erased where it is no longer necessary to retain such data;
The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable i.e. where the processing is based on consent or is necessary for the performance of a contract with the data subject and where the data controller processes the data by automated means);
The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
The right to object to the processing of personal data, (where applicable i.e. where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics).

10. Transfer of Data Abroad

WE DO NOT TRANSFER PERSONAL DATA OUTSIDE THE EEA.

11. Automated Decision Making

WE DO NOT USE ANY FORM OF AUTOMATED DECISION MAKING IN OUR BUSINESS.


12. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

13. Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

14. How to make a complaint

To exercise all relevant rights, queries or complaints please in the first instance contact our DATA PROTECTION OFFICER, Gail Walker on 01234 721187.

If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.



COOKIES AND HOW WE USE THEM

What is a cookie?
A cookie is a small file placed on your computer's hard drive. It enables our website to identify your computer as you view different pages on our website.

Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.

How we use cookies:
We may use cookies to:

* Analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.

* Identify whether you are signed in to our website. A cookie allows us to check whether you are signed in to the site.

* Test content on our website. For example, 50% of our users might see one piece of content, the other 50% a different piece of content.

* Store information about your preferences. The website can then present you with information you will find more relevant and interesting.

* To recognise when you return to our website. We may show your relevant content, or provide functionality you used previously.

Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.

Controlling cookies:
You can use your webs browser's cookie settings to determine how our website uses cookies. If you do not want our website to sore cookies on your computer or device, you should set your web browser to refuse cookies.

However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.

Unless you have changed your browser to refuse cookies, our website will issue cookies when you visit it.


LINKS FROM OUR SITE

Our website may contain links to other websites.

Please note that we have no control of websites out the www.RetreatHarrold.co.uk domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy.

Always be wary when submitting data to websites. Read the site's data protection and privacy policies fully.

Privacy Policy Updated 8th March 2018.