At Willow Massage Therapy I am committed to complying with the General Data Protection Regulation (GDPR) 2018.
I want you to be confident that your personal data is kept safe and secure and to understand
how I use it to offer you a better and more personalised experience.
What data do I collect and how do I use it?
When you book an appointment by whatever means, your email address and name are required to secure the booking. These details including your phone number if you provide one will be entered onto the booking portal of my website. The online secure server of my website will store this information, no one other than myself has access to this.
In addition to the booking information a certain amount of personal data is collected by me through my Registration Form; Lifestyle & Health Questionnaire completed during the consultation at your first appointment. This will include; full name, address, email address and phone number. Additionally, I obtain health and medical data from you that will assist in providing a tailored and safe service. If I need to consult your GP before a treatment can go ahead, then your consent is required. The further information I obtain is kept in paper format only. At follow up appointments I will ask you to provide information relating to any change in your health, lifestyle and feedback from your previous appointment if necessary. All of this generates your paper file which is stored in a locked file, in my locked therapy room. It never leaves my therapy room and is never stored electronically.
I do not hold or store any financial information about you. For accounting purposes, the detail’s I hold are your name, the date of your appointment, how the payment was made and the amount.
The only electronic payments’ I receive are PayPal and Bank Transfer, these are processed by your PayPal and Bank Accounts therefore the only information I receive is what you provide in the reference such as your name and / or the PayPal account the payment came from. These organisations will have their own GDPR policies that you will need to refer to.
If you no longer wish to be treated by Willow Massage Therapy, you can ask for your records to be destroyed, if this request is not received your records will be retained for eight years following our last date of contact.
Who has access to my data?
I am a sole trader; the sole person working at Willow Massage Therapy therefore the only person who has or needs access to your Registration Form; Lifestyle & Health Questionnaire and Follow Up appointment details. I do not share, sell or exchange your information with any external parties for the purposes of marketing or profiling, or for any other reason.
How is my personal data protected?
I take all reasonable precautions to maintain your personal data in a secure environment. This includes, but is not limited to; the use of password protection for my computer, PC files and apps’, and my mobile phone. Your paper file is secured in a locked fling cabinet, in a locked room in a building that requires intercom access.
Whilst I strive to protect all of the personal information you have provided to the best of my ability; I cannot fully guarantee the security of any information and therefore you provide the data at your own discretion.
Email, phone and social media communication
I may, from time to time, use your phone number to contact you about urgent changes to your appointment, to reschedule or informing you of an available appointment. If you do not wish to be contacted by phone please inform me at your first appointment.
If you engage with me on Social Media, for example, liking my Facebook page, then you are agreeing to receive notifications via that media platform. If you wish to turn off such notifications please consult the help section of that particular platform. The only personal information that I may ask from you over Social Media is your email address (and only through private message, never publicly) and this is simply so that we can communicate with you more effectively and efficiently.
My booking platform is set up to automatically send out an email when a booking is made, notifying you of time and date, and a reminder email 24 hours before your appointment. If you do no wish to receive these emails, please inform me at your first appointment.
Like most other websites, my website stores limited information about you in the form of cookies (files which are sent to your computer or other access device) which I can access when you visit my site in future. It may also collect your device’s IP address as part of the basic functioning of the website. I do this to allow the website to function properly and to collect anonymous information about how the website is used through Google Analytics, in order to improve my services.
Links to other websites
I cannot be held responsible for the practices employed by websites or social media accounts, nor the information/content contained in them, which are linked to or from the Willow website and social media accounts. Please remember that when you use a link to go from Willow’s website or social media account to another website/social media account, my Privacy Notice is no longer in effect. Your browsing and interaction on any other website/social media account, including those that have a link to my website, is subject to that organisations own rules and policies. Please read over their rules and policies before proceeding.
Legislation deems me to be the ‘controller’ of the personal data that I hold. Therefore, I am responsible for how it is used by me. As a ‘data subject’ you have a number of rights in relation to your personal information under data protection law. If I receive a request from you to disclose the personal data that I hold on you, I will respond to you within 30 days, at no charge to you. My contact details, and how to contact me, can be found at the end of this policy statement.
Under the GDPR you have the following rights as an individual regarding your data:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling.
If you would like to find out more about these rights, or if you would like to report a breach of them then you can contact the ICO (Information Commissioners Office) at ico.org.uk or call their helpline on 0303 123 1113.
Updates to this Policy
I may review this policy at any time and changes will be notified to you by us posting an updated version here on my website and/or by contacting you by email. We recommend that you regularly check for changes and review this policy when you visit our website. If you do not agree with any aspect of the updated policy you should promptly notify me and cease using Willow Massage Therapy.
Last updated: April 2019
T; 07728 371238
Post; Suite 2 The Lodge, Carriers Fold, Wombourne, South Staffordshire WV5 9DH.