Privacy Notice – Sole2SoleReflexology
Collection of information
Some information provided to us by clients, and other third parties might be considered private or personal. Without these details we would not be able to carry on our business and provide our services to you. We will only collect such personal information if it is necessary for one of our functions or activities.
Personal information is collected from people in the following situations by Lisa McKenna(Sole2Sole)
If you contact Sole2Sole, I may keep a record of that correspondence.
If you come for a reflexology treatment I will take a personal and medical history which will be processed, stored and destroyed in accordance with GDPR regulations and those advised by my Insurers (Balens) (7 years)
At or before the time the personal information is collected by us we will take reasonable steps to ensure that you are made aware of who we are, the fact that you are able to gain access to the information held about you, the purpose of the collection, the type(s) of organisations to which we usually disclose the information collected about you, any laws requiring the collection of the information and the main consequences for you if all or part of the information is not collected.
Use of information collected and disclosure of personal information to others
We may use or disclose personal information held about an individual for the primary purpose for which it is collected (e.g. provision of our services, including administration of our services, notification to you about changes to our services, record-keeping following termination of our services to you and technical maintenance). We may also use such information for a purpose related to the primary purpose of collection and where it would reasonably be expected by you that we would use the information in such a way. This information is only disclosed to persons outside our business in the circumstances set out in this policy or as otherwise notified to you at the time of collection of the information.
In addition, we are permitted to use or disclose personal information held about you:
Where you have consented to the use or disclosure
Where we reasonably believe that the use or disclosure is necessary to lessen or prevent a serious, immediate threat to someone's health or safety or the public's health or safety
Where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a necessary part of our investigation or in reporting the matter to the relevant authorities
Where such use or disclosure is required under or authorised by law (for example, to comply with a subpoena, a warrant or other order of a court or legal process)
Where we reasonably believe that the use or disclosure is reasonably necessary for prevention, investigation, prosecution and punishment of crimes or wrongdoings or the preparation for, conduct of, proceedings before any court or tribunal or the implementation of the orders of a court or tribunal by or on behalf of an enforcement body.
Security and storage
Sole2Sole places significant importance on the security of all information associated with our customers and contractors. We have security measures in place to protect against the loss, misuse and alteration of personal information under our control.
Personal information is de-identified or destroyed securely when no longer required by us.
Sole2Sole retains the information you provide to us including possibly your contact and credit card details to enable us to verify transactions and customer details and to retain adequate records for legal and accounting purposes. This information is held on secure servers in controlled facilities.
Information stored within our computer systems can only be accessed by those entrusted with authority and computer network password sanctions.
We will investigate your complaint and attempt to resolve any breach that might have occurred in relation to the collection, use or destruction of personal information held by us about you in accordance with the General Data Protection Regulation (GDPR). If you are not satisfied with the outcome of this procedure, then you may request that an independent person (usually the Information Commissioner's Office) investigate your complaint.
Should you wish to read more information on privacy legislation or the General Data Protection Regulation (GDPR) we recommend that you visit the Information Commissioner's Office at https://ico.org.uk/