Privacy and GDPR Policy
- Introduction and Scope
The aforementioned regulations seek to protect and enhance your rights as a data subjects, and cover the safeguarding of personal data, protecting the user against the unlawful processing of personal data and the unrestricted transfer of personal data within the EU.
Please be aware; GDPR does not apply to information already accessible in the public domain, for example, Companies House data, or domain registration information.
In this policy document, “we”, “us” and “our” refer to the data controller listed in Section 2.4 of this document.
1.1 LINCOLNREFLEXOLOGY.CO.UK is committed to safeguarding the privacy of visitors to our website (https://www.lincolnreflexology.co.uk) and general service users, in accordance with the General Data Protection Regulation (GDPR) 2018.
1.2 This Privacy Policy applies to all cases in which LINCOLNREFLEXOLOGY.CO.UK is acting as a data controller responsible for the processing and safeguarding of personal data of website visitors and service users.
1.3 Upon first visiting our website, you will be asked to agree to the terms presented in this policy document, and to the use of cookies. Continued use of our website after the privacy/cookie notice implies consent has been granted by the user (YOU).
- Who we are
If you believe information is missing or incorrect in this section, or does not adequately describe the service provider, you should discontinue use of this website immediately.
2.1 Who are we?
LINCOLNREFLEXOLOGY.CO.UK is a Permanent Makeup Artist, and an Aesthetics, Laser and IPL practitioner.
2.2 Physical address
Our principal place of business is at 423 Brant Rd, Waddington, Lincoln. LN5 9AL
2.3 Contact methods
You can contact us via any of the following methods:
(a) By post to
Lincoln Permanent Makeup, 423 Brant Rd, Waddington, Lincoln. LN5 9AL
(b) Use of our website’s contact form on the following URL
https://www.lincolnreflexology.co.uk
(c) By telephone
07736 392043
(d) By email
lincolnpermanentmakeup@gmail.com
2.4 Data Protection Officer
Our data protection officer/data controller Is Sheena McBryde and contact details for the aforementioned controller are as detailed above in section 2.3.
- Collection of YOUR personal data
3.1 User provided information
LINCOLNREFLEXOLOGY.CO.UK will collect direct information provided by you (via contact forms, for example) to provide quotations and bookings, make telephone contact, or to email you concerning any information you may request.
3.2 Automatically collected information
Whilst visiting our website, some additional personal data may be collected, including but not limited to personally-identifying information like Internet Protocol (IP) addresses, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information concerning the timing, frequency and pattern of your service use.
3.3 How YOUR data on our website is collected and stored
Data will be collected on our website in the following ways:
- a) Via web contact forms on our website
- b) Via Google Analytics tracking
Google use cookies to offer this service and their privacy policy is available at: https://www.google.com/policies/privacy/
All data is stored on Google’s secure servers.
- c) Via web server tracking software provided with our web hosting
All data is stored on our web host’s secure servers and will be made available in association with a relevant data protection request.
- d) Via browser cookies
Website visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using our website.
Further information on browser cookies and how to manage them can be found in section 12 of this document.
3.4 How YOUR data is manually collected during our consultation and stored
1. a) Name, address, email and telephone numbers
1. b) Medical Information which could contra-indicate your suitability for treatment
1. c) Protocol Notes and images pre and post treatment
1. d) All paper documents are stored in a secure locked file cabinet
- Use of YOUR personal data
4.1 Lawful basis for data processing
Your personal data will only be used only to provide or enhance a service that you have initiated or requested.
LINCOLNREFLEXOLOGY.CO.UK will never use your personal data for operations outside the defined scope of our working arrangement or contract, unless legally required to do so.
4.2 Legal obligations
Should it be legally required to divulge your personal information to a higher authority such as law enforcement organisations or our Insurers, YOU as the user will be notified of any such data transfer.
- Transfer of YOUR personal data
If it is necessary to utilise your details for a third-party service such as Google Analytics, this data transfer will only take place upon your direct instructions in writing or email. No transfer will take place without your consent.
5.2 Third party conformity
Should any transfer occur, LINCOLNREFLEXOLOGY.CO.UK expect all third party organisations to adhere to the same data protection regulations.
5.3 Data transfer outside of EEA
Should data transfer concerning YOU be necessary to an organisation outside of the European Economic Area (EEA), YOU will be notified beforehand and must consent before any data transfer takes place. No data transfer will take place without prior consent.
5.4 External data transfer via hyperlinks
This website may include relevant hyperlinks to external websites not controlled by LINCOLNREFLEXOLOGY.CO.UK. Whilst all reasonable care has been exercised in selecting and providing any such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do we continually verify the safety or security of the contents which may be provided to you. No personal data will ever be passed to external websites via hyperlinks as detailed above.
5.5 Use of pre and post treatment images.
We may use your images for marketing purposes, this is done anonymously and NO personal data is associated with such images and they are posted in a manner where facial recognition software cannot be used to identify you.
- Your rights as a data subject
At any point whilst LINCOLNREFLEXOLOGY.CO.UK is in possession of, or processing your personal data, all data subjects have the following rights as dictated by EU laws and regulations:
Right of access – you have the right to request a copy of the information that we hold about you.
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
Right to erasure – in certain circumstances you can ask for the data we hold about you to be erased from our records.
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
Right of portability – you have the right to have the data we hold about you transferred to another organisation.
Right to object – you have the right to object to certain types of processing such as direct marketing.
Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
6.2 Refusal of access
In the event that LINCOLNREFLEXOLOGY.CO.UK refuses your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge this refusal, or lodge an official complaint to the ICO (see Section 13).
- Transparency of data held
LINCOLNREFLEXOLOGY.CO.UK is legally obligated to provide the data we have collected concerning YOU at any time. You may request the following information:
Information concerning how we collected the data.
Contact details of the data protection officer, if applicable.
The purpose of the processing your information, in addition to the legal basis for processing.
The categories of personal data collected, stored and processed.
Recipient(s) or categories of recipients that the data is/will be disclosed to.
How long the data will be stored.
Details of your rights to correct, erase, restrict or object to such processing.
Information about your right to withdraw consent at any time.
How to lodge a complaint with the supervisory authority (ICO).
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
The source of personal data if it wasn’t collected directly from you.
Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
7.2 Verification requirements
To access what Personal data is held, identification will be required for verification. This may be a copy of your current driving licence, your passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If LINCOLNREFLEXOLOGY.CO.UK is dissatisfied with the materials provided, further information may be sought before personal data can be released.
- Consent and withdrawal of consent
Through agreeing to this privacy notice you are consenting to LINCOLNREFLEXOLOGY.CO.UK processing your personal data for the purposes outlined. You can withdraw consent at any time by emailing or phoning the data protection officer detailed in this document.
- Data retention policy
LINCOLNREFLEXOLOGY.CO.UK will process personal data during the duration of any treatments and will continue to store only the personal data needed for seven (7) years to meet any legal/insurance obligations. After this period any personal data no longer required or dormant will be deleted.
- Data storage
Data collected by this website is held primarily in the United Kingdom using different (multiple) servers. However, data is backed-up to servers across Europe via cloud storage backup solutions. All servers are located in locations that are required to comply with the same data protection regulations.
10.2 Transparency of data storage by third party providers
As defined in sections 4 and 5, your data may be transferred LINCOLNREFLEXOLOGY.CO.UK to a third party service to enhance your user experience or to provide client services. Companies that may have access to some of your data and the data they are able to process is as follows:
Google (Analytics) – Email address and website address
Mailchimp – Email address, first name, last name
Setmore Booking System – Email address, first name, last name, Telephone Numbers, Address.
- Amendments
We may update this policy without notice. The most recent version will always be available on our website.
11.2 Keeping up to date with this policy
Website users should check this page occasionally to ensure you agree with any changes to this policy.
- Cookies
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
12.2 Data contained within cookies
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
12.3 Storage of cookie data
Information provided in these cookies may be stored by LINCOLNREFLEXOLOGY.CO.UK in an encrypted MySQL database if it’s necessary the operation or our website. Cookies will also be stored by YOU, should your browser be set to use them.
12.4 Refusing and deleting cookies
Most modern browsers allow you to refuse to accept cookies and also allow you to delete cookies.
The methods for doing so vary from browser to browser, from version to version, and can be dependent on operating system. You can however obtain up-to-date information about blocking and deleting cookies via the following:
https://support.google.com/chrome/answer/95647?hl=en (Chrome)
https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox)
http://www.opera.com/help/tutorials/security/cookies/ (Opera)
https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer)
https://support.apple.com/kb/PH21411 (Safari)
https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge)
12.5 The impact of blocking cookies
Blocking all cookies will have a negative impact upon the usability of many websites, and should you block cookies on our website, you will not be able to use all of the features of our website.
- Complaints
In the event that you wish to make a compliant about how your personal data is being handled, you have a legal right to complain. If you do not get a response within 30 days of your correspondence, you can initiate a complaint to the ICO.
ICO
Address: Wycliffe House, Water Lane, Wilmslow, SK9 5AF
Telephone: 0303 123 1113
Email: https://ico.org.uk/global/contact-us/email/
The latest version of this document is dated 25th May 2018.