GDPR Privacy Policy of Totally Treated Massage Therapy
Our Principles of processing personal data are :
-
Fairness and lawfulness. When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.
-
Restricted to a specific purpose. The personal data of Data Subject must be processed only for specific purposes.
-
The Data Subject must be informed of how his/her data is being collected, processed and used.
2. What personal data we collect and process
The Therapist may collect several different types of personal data for various purposes. Personal data may include, but is not limited to:
-
First name and last name
-
Date of birth
-
Health related data
-
GP details
-
Emergency contact details
-
Email address
-
Phone number
-
Address
-
Occupation
In addition, our Data Processors may collect the Internet protocol (IP) address used to connect your computer to the Internet and computer and connection information. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
When you use the contact form on our website, as part of the process, personal data you give us such as your name, address and email address will be collected.
Your personal information will be used for the specific reasons stated below only.
3. How we use the personal data
The Therapist uses the collected personal data for various purposes:
-
To provide you with services
-
To contact you and keep you updated
-
To notify you about changes to our services and/or products
-
To create aggregated statistical data used to improve our services
​
4. Legal basis for collecting and processing personal data
The Therapist’s legal basis for collecting and using the personal data described in this Data Protection Policy depends on the personal data we collect and the specific context in which we collect the information:
-
The Therapist needs to have relevant information to safely carry out a treatment
-
You have given permission to do so
-
Processing your personal data is in The Therapist’s legitimate interests
-
The Therapist needs to comply with the law
5. Retention of personal data
The Therapist will retain your personal information only for as long as is necessary for the purposes set out in this Data Protection Policy as well as it is required by law and by the professional bodies The Therapist is subject to. Current guidelines dictate that client data be kept for a period of 7 years from the time of the last treatment.
The Therapist will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.
Personal data will be stored on the Fresha database when you make a booking.
Fresha is a multinational company. According to their website they store data where possible within EEA. This information can be found in their
​
Personal data may also be kept secure in a paper format.
​
This website is hosted on the Wix platform. Wix provides The Therapist with the online platform that allows us to present products and services to you. Personal data may be stored through Wix’s data storage, databases and the general Wix applications. They store personal data on secure servers behind a firewall. For more information on how Wix manages personal data please refer to their privacy policy.
6. Sharing of personal data
​
The Therapist will share personal information relating to Data Subject if required by law. Data will only be shared with other healthcare providers with the consent of Data Subject. Health data, age, gender, and occupation may be shared with colleagues if The Therapist would like a second opinion regarding treatments offered or for teaching or case study purposes. In this event no identifiable personal data such as name and contact details will be shared without the consent of Data Subject.
7. Data protection rights
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us.
In certain circumstances, you have the following data protection rights:
-
The right to access, update or to delete the information we have on you
-
The right of rectification
-
The right to object
-
The right of restriction
-
The right to data portability
-
The right to withdraw consent
If you would like to access, correct, amend or delete any personal information we have about you, contact us anytime at totallytreatedmassage@outlook.com or by using the contact page found at www.totallytreatedmassage.co.uk
8. Cookies
​
This website uses cookies to enable the proper functioning and security of our websites and to help us offer you the best possible user experience. If you would like to know more about cookies, please click here.
​
We also use Google Analytics which contains cookies, identifiers for mobile devices and similar technology used to collect data. To find out more about how Google uses data when you use our partners' sites or apps, please click here.
​
Among the suggestions provided by following the link above, Google advises that if you would like to avoid cookies, ‘Incognito mode in Chrome allows you to browse the web without recording webpages and files in your browser or Account history (unless you choose to sign in). Cookies are deleted after you've closed all of your incognito windows and tabs, and your bookmarks and settings are stored until you delete them.
9. Updates
​
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.