For the purposes of the GDPR: General Data Protection Regulation May 2018.
The data “controller” Samantha Palmby.
Data Protection Privacy Statement
Please read the following startement.
Under the EU General Data Protection Regulation 2018 explicit consent is required for use and processing of your information. This includes for the purposes of an emailing list.
This is for purposes of distributing news- letters and relevant documents, in line with my training as a Pilates Instructor and Bowen Therapist. I only use information that may identify you in accordance with GDPR. This requires that I process personal data only if there ais a legitimate basis for doing so and that any processing must be fair and lawful. If I use your data for marketing purposes such as newsletters, this would be subject to you giving me your express consent.
I will protect your information, inform you of how your information will be used, and allow you to decide if and how your information can be shared.
Secure storage - Your data is stored securely and confidentially and used in a safe and an ethical manner, in line with EU General Data Protection Regulations May 2018. It is not shared with other people without your consent. I am committed to ensuring that your information is secure and not disclosed to third parties in accordance with the requirements of the GDPR. I share your data only with your consent, such as writing a confidential report to a specified professional. I seek your consent before sharing your information with another health care provider.
How I collect and store your personal data – I may collect and process your information as follows:-
I use only the data which has been provided by my clients to provide the service that you have requested from me. This means that the legal basis of my holding your personal data is for legitimate interest. I am happy to provide any additional explanation needed. Any requests for this or any complaints should be sent to Samantha Palmby email@example.com. If I need to keep more information, it would only be with your express consent in which case the legal basis of holding this information is consent. Communications between therapists and clients must be retained according to the rules of the CNHC. Registrants of CNHC are required to keep clients records safely for eight years from the date of the clients last visit, or if the client is a child, until his 25th birthday or 26th birthday if the client was 17 when the treatment ended. This means that I, as a registrant of Complementary and Natural Healthcare Council (CNHC) have a legitimate interest in retaining records for this period.
Security – I ensure the information I hold is kept locked up and in a secure location. I protect personal and confidential information held on equipment such as a lap top or hand held devices with encryption. My website uses software to provide encryption technology. Although I use security measures to protect your information against loss, misuse and alteration, as is the case with all computer networks linked to the internet including for cloud data storage, I cannot make absolute guarantees over the security of these Processors and as such I cannot be held responsible for it.
Right to access – You have the right to ask for a copy of your personal information free of charge, in either electronic or paper format. You also have the right to change or amend any incorrect information about you.You have the right to see a copy of personal data that can identify you. You can make a subject access request in writing to Samantha Palmby firstname.lastname@example.org. I will respond within 20 working days from then. My response will include the details of the personal data I hold on you including: how I aquired the information, why I keep it and those with whom I have shared it, if this was subject to your consent.
For the purposes of the GDPR 2018, the data “controller” Samantha Palmby.
Updated 19th May 2018