Flow Pilates – Data Privacy Notice
This Notice tells you how I handle your Personal Data and the rights you have when I hold it. This Notice is intended to comply with the provisions of the General Data Protection Regulation EU 2016/679 (GDPR) which governs how Personal Data is processed within the European Economic Area (EEA).
I am always happy to explain anything which this Notice does not make clear to you.
Who am I?
I am Laura Wightman at Flow Pilates and you will find my contact details at the end of this Notice. I am the “data controller” for the purposes of GDPR. This means that I decide how your Personal Data is processed and for what purposes.
What is your personal data?
Personal Data is data that relates to a living individual who can be identified from that data. I might be able to identify you from the data itself or by linking that data to other information I have access to. GDPR tells me how I must process your Personal Data.
How do I process your Personal Data?
I comply with my obligations under GDPR in the following ways:
• by keeping Personal Data up to date;
• by storing and destroying it securely;
• by not collecting or retaining unnecessary or excessive amounts of data;
• by protecting Personal Data from loss, misuse, unauthorised access and disclosure; and
• by ensuring that appropriate technical measures are in place to protect Personal Data.
I use your Personal Data for the following purposes:
• To enable me to provide appropriate pilates classes for your fitness and health condition.
• To keep you update to date about changes in class times and locations etc.
• To inform you of news, events, activities or services which I think you might like to hear about, always relating to Flow Pilates.
• To share your contact details with officials and other authorised people and companies for the purpose of delivering the service I provide.
What is the legal basis for processing your personal data?
• When registering to attend a Flow Pilates class you provide me with your personal data in order to fulfil our contractual obligations with you, therefore the legal basis is contract.
• When completing your registration form, you consent to me emailing you news and information about the classes, therefore the legal basis is consent.
• Where you have given me sensitive information (such as medical data), I will have asked for and you will have given me explicit consent to store and use that information. You always have the right to refuse to give me any information, particularly sensitive information.
Sharing your personal data
Your Personal Data will be treated as strictly confidential and will be shared only with organisations whose services are required in order to provide the services I offer. I will only share your Personal Data with other third parties with your consent. These third parties, in turn, may rely on data processors to provide services that help them help me.
Some third parties I use may operate outside the EEA. In these cases, I will make sure that I have robust contracts in place with those third parties and that adequate safeguards exist to protect and secure your Personal Data.
When you give your consent to my holding of your Personal data you agree to me sharing your Personal Data (including special categories of Personal Data – where we have your explicit consent) with third party processors and sub-processors located both inside and outside the EEA.
How long do we keep your Personal Data?
I keep your Personal Data for as long as you are a member of my classes. After you leave, I will keep your information for no longer than I reasonably need. Usually, this will be for a period of 24 months. This is so that I can provide accurate data in case of any legal / insurance claims or complaints.
Your rights and your Personal Data.
Unless I have an exemption under GDPR, you have the following rights with respect to your Personal Data:
• The right to request a copy of the Personal Data which I hold about you, without any charge.
• The right to request that I correct any Personal Data found to be inaccurate or out of date.
• The right to request that your Personal Data is erased where it is no longer necessary for me to keep it.
• The right to withdraw your consent to the processing I carry out at any time.
• The right to request that I provide you with your Personal Data and, where possible, to send that data directly to another data controller.
• The right, where there is a dispute in relation to the accuracy or processing of your Personal Data, to ask me to restrict further processing.
• The right to object to the processing of Personal Data.
• The right to lodge a complaint with the Information Commissioner’s Office and to seek legal recourse.
If I wish to use your Personal Data for a new purpose, not covered by this Notice, then I will provide you with a new notice explaining this new use. I will do this before I start processing for the new use. I will set out the relevant purposes and processing conditions. Where and whenever necessary, I will seek your prior consent to the new processing.
If you have a problem, complaint or, if there is something you don’t understand, please contact me first using the following:
Laura Wightman at firstname.lastname@example.org.
You can contact the Information Commissioner’s Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
Cookies are small text files which are downloaded onto your computer, mobile or other device when you visit a web site. They are used for many different reasons, a few common ones are to store your preferences, track items in a shopping cart or remember your username and password when you ask a site to ‘remember me’. If you would like to find out more we recommend visiting www.allaboutcookies.org/.
I use some cookies when you browse this website to ensure the site runs properly and to help us improve your experience when browsing. None of the information we gather via cookies identifies you as an individual – it is all entirely anonymous.
By using this website you are agreeing to the terms and information set out in this policy including the usage of the following cookies:
|Google Analytics||We use Google Analytics to understand how people use our site. The data it collects helps us see things like how many people visit our site, which country they are from, how many pages they visited, how fast our site loaded, and so on. All data collected is completely anonymous, it does not identify you as an individual in any way. Most websites use some sort of analytics program like this.|
|Wordpress||Persistant||1 year||WordPress is the Content Management System (CMS) that runs this website. It uses a cookie when logging in and out and is essential for proper website operation. It is only set if you are a registered user, so for most people it is not set at all. User data is all anonymous.|