Privacy Policy – Full

Privacy Policy: “The Small Print”

Purpose:

To comply with the General Data Protection Regulation 2018 (effective from 25 May)

To assure our customers that we store and use their data responsibly.

Version 1.2

Date: 22 January 2019

Based on a advice provided by the Information Commissioner’s Office

Personal Data and Privacy Policy

Introduction to Rachel Dove, Art Therapist

Rachel has over 10 years of experience in the practice of Art Therapy. She set up here personal practice at the beginning of 2019 and uses the website: racheldove.co.uk

Personal Data and Privacy

For Rachel Dove to connect with personal clients and enquiries, we process personal data which relates to our clients. Rachel Dove is committed to maintaining the appropriate confidentiality, integrity and security of personal data that we process by complying with both our legal and ethical obligations in respect of data protection and privacy.   This policy sets out the principles Rachel Dove adheres to when processing personal data and outlines the operational aspects of our various data processing activities.

What Personal Data do we Collect?

Personal data is any information relating to an identifiable living individual.  We collect the following information about individuals:

Personal/contact information: names (including pseudonyms), telephone and email contact details.

Correspondence: information relevant to your specific enquiries and orders.

Other: any other information you choose to provide to us.

Website visitors

The Rachel Dove website uses a secure sockets layer protocol (for more technical information please click: SSL) which protects the data that you send to us.  You can verify this by looking for the green padlock in your browser address bar.   When you hover the mouse over the padlock you will see that it says, “verified by: Let’s Encrypt.” and the address will begin: https://

When any user visits our website, we will also automatically collect certain limited information using cookies to distinguish that user from other users of our website.   This helps us to provide a better experience when you browse our website and allows us to improve our site.   For more information on the cookies we use and the purposes for which we use them click here.

What do we do with your Personal Data?

Rachel Dove Clients

Rachel Dove will use the contact details supplied by clientsto provide them with appropriate services.   All personal data is held in a database that is physically located in the UK.   (Technical note: data held in Contact Form 7 CFDB7).

Contact details may also be used to provide news and information about Rachel Dove and its activities. Clients can opt-out of receiving these notifications or change their preferences at any time using the ‘unsubscribe’ link provided in these emails or by contacting: it@racheldove.co.uk.   Rachel Dove may also use your data to analyse past trends in demand for services.

If you have any concerns about our processing please refer to details of “Your Rights in Relation to Personal Data” below.

Your Rights in Relation to Personal Data

Individuals whose personal data we process have certain rights in respect of that data, including:

  • The law requires us to tell you about your rights and our obligations to you regarding the processing and control of your personal data. We do this now, by requesting that you read the information provided at: knowyourprivacyrights.org
  • You have the right to request access to the information that we hold about you. The regulations say that we need to respond to your request within a month.  We recognise that you would not buy our bread if it was a month old.   So if you wish to request a copy of the personal data we hold about you please email: it@racheldove.co.uk  
  • You have the right to rectification (in other words to correct it if it is incorrect). If you wish to rectify the data, we hold about you please send an email to it@racheldove.co.uk specifying the corrections needed.
  • You have the right to be forgotten (in other words to request that the data be deleted). A request for your data to be deleted can be sent by following the link as noted in point 2 above.
  • You have the right to portability (in other words to request a copy of your data in a format that allows you to transfer to another IT system). After following the process under point 2 above simply click on the “download entries” button and a standard .csv file (can be opened with Excel and other programs) will be downloaded to your computer.

How Rachel Dove Might Share your Personal Data

Rachel Dove will only share personal data with third parties in the following circumstances:

  • Service Providers and Suppliers.  Rachel Dove uses external IT consultants to provide support and development services in relation to our systems and databases.   These consultants may from time to time need to access information which may contain personal data for the purposes of systems testing and development.
  • Other Third Parties. In some circumstance, Rachel Dove may need to share your personal data where necessary with other third parties (including legal or other advisors, regulatory authorities, courts and government agencies) to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.   We require third parties to maintain appropriate security to protect information from unauthorised access or processing

Data Security

Rachel Dove will take appropriate technical and organisational measures to protect the personal data we transmit, store or otherwise process against accidental or unlawful destruction, loss, alteration or unauthorized disclosure or access.

If you have reason to believe that your interaction with us is not secure, please notify us of the problem immediately by contacting us using the details below.

Prior to introducing new systems or technologies relevant to the processing of personal data, Rachel Dove will undertake the necessary impact assessments with a focus on any associated risks.

How Long Does Rachel Dove Retain Personal Data For?

Rachel Dove will only retain personal data for as long as is necessary to provide our services or for as long as we reasonably require retaining the information for our lawful business purposes or comply with a statutory or other legal requirement.

Data Breaches

In the event of any breach of Rachel Dove systems impacting on the security of client or any other individual’s personal data, Rachel Dove will inform the affected individuals at the earliest opportunity describing the nature of the breach, the possible consequences and the measures being taken to remedy the situation in accordance with the applicable law.

Contact Us

Please direct any comments or enquires relating to this policy via email to: it@racheldove.co.uk

Complaints

If you are unhappy with the way in which Rachel Dove processes your personal data, please contact us using the information provided above.

If we cannot resolve the issue to your satisfaction you also have the right to lodge a complaint before the Information Commissioner’s Office (ICO), the UK data protection authority.   Their contact details as are follows: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; Tel: 0303 123 1113 (local rate) or 01625 545 745; or see their website.

Updating this Policy

From time to time we may change our data processing activities.   We will notify you of any changes to this policy as required by law.   We will also post an updated version on our website.

Date: 22 January 2019