PLEASE READ CAREFULLY – IF YOU DO NOT ACCEPT THESE TERMS, YOU ARE ADVISED NOT TO USE THE HEALING HUB
This policy was last updated: 1st June 2020
Use of this website, www.thehealinghub.uk, constitutes your legal agreement to the terms contained herein and your acceptance of this policy is deemed to occur upon your first use of the website.
1) Policy Statement
By providing us with your data, you warrant that you are over 16 years of age.
2) About Us
The Healing Hub is owned by Transformationalist Limited
Registered Office at 2a The Quadrant, Upper High Street, Epsom, Surrey,KT17 4RH
Registered in England and Wales under company number 12492711
E-mail Address is firstname.lastname@example.org
VAT Number is 348 1332 09.
If you need to contact The Healing Hub, please write to the above address, email email@example.com or call us on +44 (0)20 3600 1112.
Where we manage personal data, we identify as a Data Controller and recognise and act on our obligations under applicable data protection laws.
The person responsible for Data Protection is Nikki J Owen.
3) What Data do We Collect?
Personal data that you provide to us is retained and processed in accordance with UK data protection legislation. We do not hold personal data for longer than is necessary and it will be processed only in relation to the purpose for which is originally collected, on a lawful basis.
Types of personal information collected:
- information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type, referral source, length of visit and number of page views);
- any other information that you choose to send to us; and
- any other information (including your opinions, preferences, suggestions, issues, requirements, ideas, feedback)
Sources of personal information collected:
Contact: We use a contact form to collect your first and last name, email, job title, company and telephone number as well as your message, so that we can contact you and provide details of our services to you, provide support and deal with general company enquiries. Data is held on the grounds of being legitimate to our business interests.
We also use a contact form to collect information for registering interest in attending our events including webinars. The data collected is your first and last name, email, job title, company and telephone number as well as what event you are interested in attending. We will use this information to contact you and provide details of the event and hold this data on the basis of being legitimate to our business.
Phone calls: Phone calls to us may be recorded and any data relating to the call may be retained by us. The data will be held on the basis of being for our legitimate business needs or in order to fulfil our contractual obligations if you are a client of ours.
Social Media: We use social media to engage with users on Facebook, Twitter and LinkedIn pages. We do not keep any specific data that identifies you as an individual user but hold details of our followers on these platforms. You should refer to the Privacy Policies of these channels to understand how they treat your data in relation to linking to our site.
Case Studies and Testimonials: We may contact you for a testimonial in relation to our services that may be used on our website or social media. Your comments may be added to our testimonial page but no personal data is shown.
We do not market this website at those under 18 years old. Consistent with the GDPR we will never knowingly request personally identifiable information from anyone under the age of 16 years old.
Information we get from other sources
From time to time, we may need to obtain information from third parties about you. This will only apply where it is necessary to provide our services and as permitted by law.
4) How we use your personal information
Your information will be used by us to enable us to provide our services to you. We act as a Data Controller (see below) of your information and undertake to protect your personal and sensitive data in a manner that is consistent with the requirements of the General Data Protection Regulation (GDPR). We will take reasonable measures to ensure the secure storage of your data.
Personal data submitted on this website will be used as follows:
- to administer the website;
- for internal record keeping purposes;
- to improve your browsing experience by personalising the website;
- to follow up with email enquires;
- to communicate with you and make arrangements in relation to a course or booking that you have made with us;
- to send statements and invoices to you;
- to send you general (non-marketing) communications;
- to send you communications in relation to an event or webinar you have enquired about or registered to attend;
- to send you email notifications which you have specifically requested;
- to send to you marketing communications, where expressly agreed;
- to provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
- to ask for feedback and reviews or to conduct market research;
- to improve the services that we offer;
- to deal with enquiries and complaints made by or about you relating to the website.
Users of this website do so at their own discretion and provide any such personal details at their own risk.
5) Sharing Information
We may disclose your personal information if we are required to do so by law, in connection with any legal proceedings, and in order to establish, exercise or defend our legal rights, or if otherwise legally permitted.
We may use Data Processors who act on our instruction in relation to the management of your data and they must adhere to all data protection laws and regulations. We will ensure that any Data Processors used only operate on our written instructions and comply with their obligations under the GDPR.
You will be informed of any other Data Controllers who have access to your data and who may determine processing activities separately to us, or as a Joint Data Controller.
Our website is hosted by 20i
We will only send you emails about our services, i.e. direct marketing, with your express consent. You have the option not to give consent or to withdraw consent at any time. You may withdraw your consent for us to contact you by contacting us at to firstname.lastname@example.org
Non-personally identifiable visitor information may be provided to third parties for marketing, advertising or other uses.
The Healing Hub cannot guarantee or verify the contents of any externally linked website and users click on external links at their own risk. The Healing Hub and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social media platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are subject to our terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate and/or engage with them with due care and caution in regard to their own privacy and personal details. This website nor its owners will not ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
The Healing Hub uses social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised that before using such social sharing buttons, that they do so at their own discretion, and should consider that the social media platform may track and save requests to share a web page, through the users’ social media platform account.
6) Retaining your Data
We keep your personal information in accordance with our Data Retention Policy which reflects our needs to provide services to you as contracted and also as required to meet legal, statutory and regulatory obligations. The need to hold information is regularly reviewed and information/data will be disposed of when no longer required.
7) Data Security and Storage
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. All electronic transactions you make to or receive from us will be encrypted using SSL technology.
Any information that you supply to us may be stored and processed at our office premises and on servers used for 3rd party processing (see above list). Your data may be transferred in accordance with the relevant data protection laws.
8) Data Subject Rights
Subject Access Requests
The General Data Protection Regulation (GDPR) gives individuals, known as ‘data subjects’, the right to access personal data that is held by organisations by a subject access request (SAR). We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. To make a SAR request email us at email@example.com
Right to rectification
Data subjects have the right to request that we amend or change personal information that we hold about you, that is inaccurate or incorrect.
Please let us know if the personal data which we hold about you needs to be corrected or updated.
Right to erasure
Data subjects have the right to ask us to delete personal information from our systems without giving any reason and at any time. We will act on any request without delay.
Right to restrict processing
Data subjects have the right to rectification or erasure of personal data in the following circumstances:
- Personal data is not accurate;
- The processing of data is unlawful – data subjects may request that processing is restricted;
- Data is required to exercise legal rights or defend legal claims;
- Data is unlawful but there may be lawful grounds for processing, which override this right.
Right to data portability
Data subjects have the right to obtain and transfer their data to different service providers.
Right to object
Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data with a lawful purpose.
Right not to be subject to decisions based on automated processing
We do not use any automated processing that results in any automated decision based on a data subject’s personal information.
Using your rights
If you wish to invoke any of these rights, you should contact the person responsible for data protection by emailing us at firstname.lastname@example.org
9) Data Breaches
We will report any unlawful breach of data as required by the GDPR within 72 hours of the breach occurring, if it is considered that there is an actual, or possibility, that data within our control including the control of our data processors, has been compromised. If the breach is classified as ‘high risk’ we will notify all data subjects concerned using an appropriate means of communication.
We will report any relevant breaches to the ICO, see below.
10) Cookies Policy
What are Cookies?
Cookies are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server, to provide the user with a tailored experience when navigating the website.
We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to: help facilitate your interaction with the site. We will use the persistent cookies to: enable our website to recognise you when you visit; and for personalisation purposes.
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
The types of Cookies are:
- Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
- Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
- Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
- Other unclassified Cookies.
Cookies we use
The Cookies we use are shown in this table below.
Guidelines for the processing and handling of data is available from the Information Commissioner’s Office, the UK supervisory authority on data protection, see ico.org.uk.
Information is also available at www.ec.europa.eu/ipg/basics/legal/cookies/index_en.html.
11) Important Information
Questions and queries
If you have any concerns about how we handle your data, you can contact the Data Controller by sending an email to email@example.com
Changes to this policy
If you want to raise a concern about the use of your data, you can contact us by email to firstname.lastname@example.org Alternatively, you can formally raise a concern or complaint to the Information Commissioner’s Office (ICO) directly on 0303 123 1113, or see the options for reporting issues on https://ico.org.uk/concerns/
Third Party Rights
Jurisdiction and Governing Law