This page outlines the Privacy Policy for North London Massage Therapy. On this page, we explain how we collect and use personal data. Our access and handling of this information is subject to the General Data Protection Regulations (GDPR). This replaces the Data Protection Act of 1998.
The data we collect:
Why we collect this data
How we use your data
How we protect your data
Your rights regarding your data
Handling of data breaches
Outside of documents pertaining to matters we have handled, we generally do not retain anything except contact names, email addresses and telephone numbers (i.e. the information provided with consent). As such, the information we retain is generally low risk.
In the unlikely event that there is a personal data breach that represents a risk to individuals or their businesses, we will inform the Information Commissioners Office (ICO) within 72 hours of becoming aware of it.
Embedded content from other websites
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
The data we collect:
- When you make a booking and attend a course of treatment, we will collect some personal information so that we can record your appointment and manage your treatment session appropriately. This information includes your name, contact phone number, email address and information about any relevant health conditions or allergies.
Why we collect this data
- We need your personal contact information so that we can identify you in our booking system and contact you with any updates about your appointment. We also need to gather some information about any relevant health conditions that might affect your comfort and safety during a session.
How we use your data
- Your personal contact information will be used to identify you as the guest for any session that you book with us. We may also use your contact details to update you about your booking and get your feedback after a completed session. With your consent, we may also use your contact details to keep you updated on news and special offers via our mailing list or other electronic marketing (e.g. social media).
- Information about any relevant health conditions or allergies will be used to ensure your comfort and safety during any treatment or service we provide.
How we protect your data
- Personal information may be stored in a number of locations, depending upon the nature of the information and how it was acquired (e.g. provided to us in person, or online via a booking form, email, social media, etc.). We only use secure, GDPR-compliant third party data processors for handling personal information for our booking system, mailing lists, or for processing payment information via a secure payment gateway. Any personal information that we hold is retained in a password-protected, encrypted system.
Your rights regarding your data
- You have the right to request access (i.e. copies of) all your personal information held by us. We will provide this information within thirty days of having received your request. Where applicable, you can have your data in a portable format.
- You have the right to ensure any information we retain is accurate. You can inform us of any changes to your personal information and we will update our records.
- You have the right to have your personal information erased, provided it is no longer required for the handling of any unresolved matter or legal proceeding.
- You have the right to restrict the use of your information under certain circumstances. This means that while we retain the information, it will not be processed until those circumstances are addressed.
- You also have the right to object against the use of your personal information, for example by withdrawing consent to be contacted for direct marketing purposes.
Handling of data breaches
- A data breach is any occasion where security measures have been deliberately or accidentally circumvented in order to access, alter, disclose or destroy personal information.
Outside of documents pertaining to matters we have handled, we generally do not retain anything except contact names, email addresses and telephone numbers (i.e. the information provided with consent). As such, the information we retain is generally low risk.
In the unlikely event that there is a personal data breach that represents a risk to individuals or their businesses, we will inform the Information Commissioners Office (ICO) within 72 hours of becoming aware of it.
Embedded content from other websites
- Some pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.