Privacy Policy
This privacy notice explains how Anew Lymph Therapies looks after personal information you give us or that we learn about you by having you as a client, and the choices you make about marketing communications you agree we may send you.
This notice explains how we do this and tells you about your privacy rights and how the law protects you.
Topics:
-
What information we collect about you
-
How information about you will be used
-
Marketing
-
Employment
-
How long your information will be kept for
-
Where your information is kept
-
Access to your information and correction
-
Cookies
-
Other websites
-
Changes to our privacy notice
-
How to contact us
What information we collect about you:
We collect information about you when you book an appointment for a service or treatment, visit the studio for a service or treatment, buy a product or apply for a job, whether contact is online, on paper, by email or over the phone.
The information you give us may include your name, address, email address, phone number, measurements, relevant medical history which may suggest that a service or treatment should not go ahead or certain products should not be used (eg allergies, pregnancy, skin conditions), payment and transaction information, IP address and CVs.
For clients under the age of 16, we will only keep and use their personal information with the consent of a parent, carer or guardian.
How information about you will be used
In law, we are allowed to use personal information, including sharing it outside the practice, only if we have a proper reason to do so, for example:
To fulfill a contract with you ie to provide the service or treatment you have requested and to communicate with you about your appointments
When it is in our legitimate interest ie there is a business or commercial reason to do so, unless this is outweighed by your rights or interests
When you consent to it: we will always ask for your consent to hold and use health and medical information.
We will therefore share your information with:
Providers of our studio software system: Setmore & Google Drive
Postal Service: Royal Mail
Suppliers of our website: Wix
We have rigorous data protection and security policies in place with all our suppliers.
We will not share your information with any other third party without your consent except to help prevent fraud, or if required to do so by law.
Marketing
We would like to send you information about products and services which may be of interest to you. We will ask for your consent to receive marketing information.
If you have consented to receiving marketing, you may opt out at a later date.
You have the right at any time to stop us from contacting you for marketing purposes or giving your information to third party suppliers of products or services. If you no longer wish to be contacted for marketing purposes, please contact Serena Tizzi anewtherapies@gmail.com.
Employment
The information we collect about employees, the purposes it is used for and who it will be shared with is set out in our employment contracts and employee handbook.
How long your information will be kept for:
Unless you request otherwise, we will keep your information to contact for a maximum of 2 years from your last visit to the practice.
After 2 years we will delete all your personal information, except for your name, relevant client history (eg allergy test records which we keep for 4 years) and financial transactions (which we are obliged to keep for 6 years).
Information about unsuccessful job applicants will be deleted after four months.
You can ask Serena Tizzi for further information or to see our data retention policy.
Where your information is kept
Setmore online booking system
Setmore ensures that their hosting providers and other cloud service providers are themselves GDPR compliant. All data of EU citizens on Fresha is stored in either:
-
the European Economic Area; or
-
in a country which the European Commission has determined provides an adequate level of protection (including via Privacy Shield agreements); or
-
to service providers who have an agreement with us compliant with the Model Contract Clauses (as defined by the European Union)
Any payment transactions are encrypted. Sending information via the internet is not completely secure, although we will do our best to protect your information and prevent unauthorised access.
Wix - our website host platform
About Data Storage and Data Transfers
Wix can store website visitors data in a number of locations.
website personal information may be stored in data centers located in the United States of America, Ireland, South Korea, Taiwan and Israel. They may use other jurisdictions as necessary for the proper delivery of our services and/or as may be required by law.
Wix is a global company that respects the laws of the jurisdictions it operates within. The processing of the User Customer Data may take place within the territory of the European Union, Israel or a third country, territory, or one or more specified sectors within that third country, of which, the European Commission has decided that it ensures an adequate level of protection (transfer on the basis of an adequacy decision).
Important: Any transfer to a third country, outside the European Union, that does not ensure an adequate level of protection according to the European Commission, will be undertaken in accordance with the Standard Contractual Clauses (2010/87/EU) set out in Appendix 1 of the Wix Data Processing Agreement (DPA) https://www.wix.com/about/privacy-dpa-users
The security of sensitive data is of extreme importance to Wix and we are 100% committed to data protection. See all the security certifications: https://support.wix.com/en/article/security-of-wixs-billing-services-and-pci-compliance received by Wix.com.
Google Drive
We use Google Drive to store contact lists, skin test forms and waitlist details.
Any file uploaded to Google Drive, it is stored securely in the Google world-class data centers. Data is encrypted in-transit and at-rest. If these files are accessed offline, the information is stored onto the device that is being used to access them.
Google accounts come with built-in security designed to detect and block threats like spam, phishing and malware. Your activity is stored using strong industry standards and practices.
Google access private content only when we have the users permission or are required to by law. With the Google Transparency Report (https://transparencyreport.google.com/), you can learn about how the policies and actions of governments and corporations affect privacy, security, and access to information.
Access to your information and correction
You have the right to request a copy of the personal information that we hold about you. This will normally be free, unless we consider the request to be unfounded or excessive, in which case we may charge a fee to cover our administration costs.
If you would like a copy of some or all of your personal information, please contact Serena Tizzi at anewtherapies@gmail.com
We want to make sure that your personal information is accurate and up-to-date. You may ask us to correct or remove information you think is inaccurate.
You have the right to ask us to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it.
E-Newsletters
We email e-newsletters to inform you about products, services and treatments provided by our studio. You have the opportunity to unsubscribe from e-newsletters at any time.
E-newsletters may contain subscriber tracking facilities within the actual email, for example, whether emails were opened or forwarded, which links were clicked on within the email content, the times, dates and frequency of activity. We use this information to refine future email campaigns and provide you with more relevant content based around your activity.
Our Website and Cookies
A cookie is a small text file that is downloaded onto the computers and smartphones used by our website visitors. It can recognise your device and store information about your preferences or past actions while on our website.
We use cookies on our website to help you get the best experience from our website. They help us see what pages you like and the kinds of information you are looking for.
Our website has been set up to ask your permission to store cookies on the device you use to access our website. The Help menu within your browser should tell you how to manage cookies. Useful information about cookies and how to control them can be found at HYPERLINK "http://www.aboutcookies.org" www.aboutcookies.org
Our website also uses cookies that do not require your consent. For example, cookies that are needed to transmit information or provide online services. This includes online forms and shopping baskets.
Sending information via the internet is not completely secure. Although we will do our best to protect your information, we cannot guarantee the security of data transmitted to our site. Our database is encrypted and we use security features to protect data from hackers and cyber attacks.
We will regularly review the personal data our website has stored (for example, names, addresses, contact details and payment details) and securely delete information we no longer need.
Other third-party services [delete if not relevant]
We use Google Analytics to collect visitor numbers and information about how people use our site.
You can opt out of being tracked by Google Analytics. Find out more: HYPERLINK "http://tools.google.com/dlpage/gaoptout" http://tools.google.com/dlpage/gaoptout.
Third-party services used on our website, such as Google Maps and YouTube, may collect data from our website visitors such as IP addresses (these are numbers associated with individual computers and smartphones).
Other Websites
Our website includes links to other websites. This privacy notice only applies to this website so when you link to other websites you should read their own privacy notices.
Changes to our Privacy notice
We keep our privacy notice under regular review and we will place any updates on this webpage. This privacy notice was last updated on 23rd November 2023.
How to contact us
Please contact us if you have any questions about our privacy notice or information we hold about you:
By email: anewtherapies@gmail.com
Or write to us at:
Serena Tizzi
11 Abberbury Road
Oxford, OX4 4EU, UK
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern: www.ico.org.uk/concerns/handling