Data controller: Cheryl Binnis, trading as Reset Mind and Massage
Telephone: 07977 230573
Reset Mind and Massage is registered with the Information Commissioner’s Office under registration number: ZA756737
This policy was last updated on 25th May 2020.
Our commitment to your privacy
At Reset Mind and Massage, we take the confidentiality and security of your personal data extremely seriously and are fully committed to protecting your privacy in respect of the information you share with us.
This document outlines how we will process and hold any personal information that we collect from you, or that you provide to us. This includes the nature of that information, how it is used, who we may share it with and how we keep it secure. Additionally, it summarises your rights in respect of the information that we hold about you.
The way we manage your personal data complies with the General Data Protection Regulation (GDPR) and is in line with the following principles, to which we are fully committed:
- We only collect the data we require in order to provide you with the best standard of client care and to meet our regulatory and insurance requirements.
- We never use your data for any purpose other than the purpose we inform you of when we collect it.
- We have taken appropriate technical and organisational steps to protect the confidentiality, integrity, availability and accuracy of your data.
- We keep your data secure at all times, whether it is held on paper or electronically, in line with our Data Security policy, which we update at least annually.
- We do not share your personal data with third parties expect in the exceptional circumstances set out below.
- We only hold your personal data for as long as is necessary for the purposes of the lawful bases on which we collect and hold it.
- We only use your data to market to you directly where we have your consent to do so, and you can withdraw your consent at any time.
What personal data do we collect and how do we use it?
You provide us with information in one or more of the following ways, depending on how you choose to engage with us:
- Through email, over the telephone or by post.
- Engaging in a business contract with us. This includes completing a Client Consultation or Consent form and providing us with information during your treatment sessions.
- Communicating with us via social media.
- Completing the Contact Form on our website.
- By visiting our website and clicking on any links.
We use this data in order to deliver our services of massage therapy, life coaching, hypnotherapy, Neuro Linguistic Programming (NLP) and emotional freedom technique. With reference to the General Data Protection Regulation (GDPR), the lawful bases under which we capture, process and hold your personal data are:
- Legitimate interests – to enable us to run our business professionally, contact you in relation to services you have expressed an interest in, provide you with the high standard of client care you expect and to handle any client complaints or claims.
- Contract – in order to fulfil a contract with you in respect of massage therapy, life coaching, hypnotherapy or NLP.
- Consent – in order to provide you with any marketing updates for which you have actively signed up.
More specifically, we:
- collect your name and contact details in order to contact you to arrange and conduct initial phone consultations, arrange treatment sessions, arrange payment and provide invoices. We may also collect next of kin details so that we can contact them in the event of any issues while you are on our premises.
- collect lifestyle and health information about you in order to provide treatments to you and ensure we provide you with a high standard of care and the most appropriate treatment/ therapy type for you. This data also enables us to identify any health contraindications that mean it may not be safe or in your interests to provide a treatment to you, and any circumstances that mean it may be in your best interests for you to be referred to a different type of health professional.
- make notes and keep a record of the treatments and therapies that we provide to you, including for example, the nature of the services provided, when and where they were provided to you, what you paid, how you responded to the treatment and any after-care/ exercises/ homework actions agreed during the session.
- ask for your consent to receive marketing communications form us via specific communication channels. This is via opt-in boxes for each channel on your client consultation form, and this is entirely optional.
After collecting the above personal information, we hold it in order to maintain a reliable history of your treatment program to ensure a high standard of ongoing care. We will keep your personal data up-to-date by asking you about any changes at the start of each treatment.
We keep this information throughout your treatment program, and generally for 7 years after your last treatment (please see section below on ‘How long will we keep your personal data?’). We hold it for this period of time in line, which is in line with industry best practice, for the legitimate interests of being able to deal with any client complaints, protecting ourselves against any claims and supporting government organisations with their investigations where required.
Where life coaching sessions are conducted online, via WhatsApp or Zoom, these sessions are not recorded and this data is not stored by us.
Will the data be shared with anyone else?
We will not share your personal data with any third parties in the normal course of business.
Any information shared with accountants for normal tax purposes is anonymised and therefore not attributable to you.
The only exceptional circumstances under which we would share your personal data in a form that is not anonymised would be where this is absolutely necessary in order to:
- meet the requirements of government and related organisations (such as HMRC) in relation to their investigations. This includes exchanging information with other companies where required to do so for the purposes of fraud protection and credit risk reduction.
- comply with legal requirements, such as a formal court order, or if there is an overriding public interest in using the information.
- protect our rights, property or safety, that of clients’ and others with whom we are working. This includes preventing serious harm to you or someone else, for example, in order to safeguard an individual or to prevent a serious crime.
- process a complaint or claim made by you. In this case, we may share your data with our professional insurers and the professional assoiciations with which we are registered (ACCPH or ISRM).
How do we ensure your personal data is secure?
We have a Data Security policy and procedures which we implement to ensure you personal data is protected, whether it is held on paper or digitally. The personal information you give us is stored:
- When in paper form – in locked, fire resistant filing cabinets in an office that is locked when not in use. Only authorised personnel have access to this office and filing cabinets.
- When in electronic form:
- in password protected documents on a laptop which is also password protected and never leaves the secure Reset Mind and Massage office premises.
- contact details and email correspondence are also stored on a mobile phone in order to enable us to communicate effectively with clients whether we are on the premises or offsite. This phone is password protected and stored appropriately during and after the working day.
- this laptop and phone can only be accessed by authorised personnel.
- All electronic devices (laptops and phones) are protected by high quality cybersecurity/ antivirus
- Backups of electronically held data are stored on encrypted hard drives.
Access to all of your personal data, whether in paper or electronic form, is restricted to authorised personnel only.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our utmost to protect your personal data, via all the measures set out in our Data Security policy, we cannot guarantee the security of your data transmitted to us via our website or via email. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long will we keep your personal data?
In line with industry best practice we hold your personal data for:
- 7 years after your last treatment, or
- until your 25th birthday where your last treatment took place before you were 18 years of age.
- longer than the above only where necessary in order to support any ongoing complaint, claim or regulatory investigation.
After these times periods have elapsed, your personal data is disposed of securely by being burned or shredded.
What rights do you have in relation to the personal data we hold about you?
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- To request a copy of the personal data which Reset Mind and Massage holds about you
- To request that we correct any personal data if it is found to be inaccurate or out of date
- To request that your personal data is erased where it is no longer necessary for Reset Mind and Massage to retain such data
- To withdraw your consent to the processing at any time
- To transmit your data to another data controller without hindrance from us
- To object at any time to the processing of personal data concerning you
- To lodge a complaint with the ICO
If you would like to access your data you must make a subject access request in writing to cheryl @resetmindandmassage.co.uk.
You can exercise your Individual Rights at any time. If your request is considered repetitive, unfounded or excessive, we may charge a reasonable administration fee for this. Please contact the Data Controller via the contact details at the start of this policy.
For more information about your rights in relation to your personal data, privacy and data-sharing issues, you can consult the Information Commissioner’s website http://www.ico.gov.uk or call them on 0303 1231113.
We may use social media websites to promote our services to those to clients and potential clients who use social media and choose to follow us. If you do not wish to see such information, please do not ‘follow’ or ‘like’ our respective social media accounts and adjust your display and social media privacy settings accordingly.
Links to third party and external websites
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout
You may refuse to accept cookies by activating the setting on your browser. However, this may mean that you are not able to access parts of our site. To find out more about cookies visit www.allaboutcookies.org.
What are cookies?
Cookies are small text files containing a string of characters that can be placed on your computer or mobile device that uniquely identify your browser or device. The cookies used on our website contain random strings of characters alongside minimal information about the state and session of the website; this does not collect or disclose any personal information about you as a visitor.
What are cookies used for?
What types of cookies does this site use?
There are generally four categories of cookies: “Strictly Necessary,” “Performance,” “Functionality,” and “Targeting.” Our website may include the use of all four categories of cookies. You can find out more about each cookie category below.
Strictly Necessary Cookies. These cookies are essential, as they enable you to move around the Service and use its features, such as accessing logged in or secure areas.
Functionality Cookies. These cookies allow us to remember how you’re logged in, whether you chose to no longer see advertisements, whether you made an edit to an article on the website while logged out, when you logged in or out, the state or history of website tools you’ve used. These cookies also allow us to tailor the website to provide enhanced features and content for you and to remember how you’ve customised the website in other ways. The information these cookies collect may be anonymous, and they are not used to track your browsing activity on other sites or services.
Targeting Cookies. When applicable, we or our advertising partners or other third party partners may use these types of cookies to deliver advertising that is relevant to your interests. These cookies can remember that your device has visited a site or service, and may also be able to track your device’s browsing activity on other sites or services other than ours. This information may be shared with organisations outside our website, such as advertisers and/or advertising networks to deliver the advertising, and to help measure the effectiveness of an advertising campaign, or other business partners for the purpose of providing aggregate Service usage statistics and aggregate Service testing.
Terms and conditions of website usage
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
- Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
- This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited.
- All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
- Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
- From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
- Your use of this website and any dispute arising out of such use of the website is subject to the laws of England and Wales.
If you have a complaint regarding the use of your personal data then please contact us by email on email@example.com and we will do our best to help you. If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO), you can contact them on 01625 545745 or 0303 1231113.