We, Dalia Mateus (RivaJazz) (also referred to as “we”, “us”, or “our”) are a registered sole trader in England.
THE PURPOSE OF THIS NOTICE
This Notice is designed to help you understand what kind of information we collect in connection with our products and services and how we will process and use this information. In the course of providing you with products and services, we will collect and process information that is commonly known as personal data.
This Notice describes how we collect, use, share, retain and safeguard personal data and sets out your individual rights; these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data.
PERSONAL DATA WE COLLECT
In order for us to provide our services for you, we will collect and process personal data about you. We will also collect your personal data where you request information about our services, promotions and campaigns.
How do we collect personal information?
- Website cookies
We store a cookie – a small file on your computer – so we can tell who you are if you have logged in to our site and then show you the information relevant to you. We also store on your computer what search preferences you have selected to save you time having to put them in again.
- Google analytics
When you visit our site we use a third-party service Google Analytics to collect standard logging information such as what pages are visited and in which order. We use this to analyse customer and visitor behaviour as a whole and we do not collect, or instruct Google to collect personal information that can identify you.
- Mailing lists
On our site and Facebook Page, you can subscribe to our newsletter. When you do this we collect some information – your email address and name so that we can keep you up to date with RivaJazz’s news and special offers, or in case we need to contact you to get more or clarify the information we do have. You can also sign up to our newsletter mailing list when you have your first session/treatment with us. We will explicitly ask you for permission to do this when do.
You can unsubscribe to our newsletters, and manage your contact preferences at any time by clicking the link at the bottom of every email, or contact our support at firstname.lastname@example.org.
- Online Booking System Shedul.com
When you book a treatment/session with us, you will automatically be sent confirmation of your booking by email or SMS so that you have a record of it and can easily retrieve your booking information in the future. This is a standard part of our services and by using the services you agree to receive these communications.
- Medical History/Consent Forms
On your first day of session/treatment, you are provided with a medical history so we can understand your health conditions and lifestyle in order to give you the appropriate treatments in the long run and also for the purpose of recording your improvements and make a case study. Each person is unique in this field so it helps us, therapists, to understand better the course of techniques and therapies applied.
When you fill in and sign our the medical forms, your data goes into Shedul.com and also into our database of clients (Google contacts and Mailchimp.com – check the Mailing lists above) to be contacted for further news, promotions and updates of the business only.
- Calls, SMS & Email
Any contact made from your end under Phone, WhatsApp, Skype, Facebook Messenger or Email is recorded as a record of Potential Client and followed up to book sessions or treatments. When a client contacts us as mentioned previously and no sessions or treatments are performed, it doesn’t get the data collected into our system. All other contacts will be processed as explained as all the above are contacted on a follow-up structure related to the treatments being agreed.
- Security Protection of Your Data
We make sure that we have appropriate security measures to protect your information. We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law. Note that it is your responsibility to check and ensure that all information, content, material or data you provide on the website is correct, complete, accurate and not misleading and that you disclose all relevant facts.
We may monitor or record your calls, emails, SMS or other communications but we will do so in accordance with GDPR legislation and other applicable law. Monitoring or recording will always be for business purposes, such as for quality control and training (e.g. where you call us), to prevent unauthorised use of our telecommunication systems and website, to ensure effective systems operation, to meet any legal obligation and/or to prevent or detect crime.
- Google Maps & Waze
We also collect personal data such addresses through the use of telematics or similar locational tracking services, where you have agreed solely to the use of our particular services.
For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
WHY DO WE PROCESS YOUR PERSONAL INFORMATION?
We will only collect and use your personal information (as described above points 1 – 4) in accordance with GDPR requirements. Our grounds for processing your personal information are as follows:
1. Consent – Where necessary we will only collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing emails and process any sensitive information about you if we have your consent.
2. Legitimate Interests – We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws, there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
2.1 To communicate with you about the services. We need to keep you informed about your use of the services, for example, sending you a confirmation email of your booking or purchase. This won’t include marketing communications unless you have given us your consent to receive these; and
2.2 To improve our services. We may use your personal information to: personalise aspects of our service; for market research; and to use our smart search services. We constantly aim to improve our services to you and using your personal information in this way helps us to do this. You have a right to object to our use of your personal information for these legitimate interests including where we may use your personal information to create a profile to inform customer demographics. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we are continuing to process your personal information. Please contact our Data Protection Officer if you wish to exercise this right.
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
– The right to be informed about the personal data being processed;
– The right of access to your personal data;
– The right to object to the processing of your personal data;
– The right to restrict the processing of your personal data;
– The right to rectification of your personal data;
– The right to the erasure of your personal data;
– The right to data portability (to receive an electronic copy of your personal data);
– Rights relating to automated decision making including profiling.
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however, if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example, if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health-related matters.
The flow of data within the insurance sector is complex and we ask you to keep this in mind when exercising your ‘rights of access’ to your information. Where we may be reliant on other organisations to help satisfy your request this may impact on timescales.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact our Data Privacy Representative by e-mailing email@example.com.
PROTECTING YOUR DATA
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data with authorised third parties.
DATA PRIVACY REPRESENTATIVE
To ensure data privacy and protection has appropriate focus within our organisation we have a Data Privacy Representative who reports to our senior management team. The Data Privacy Representative is Dalia Mateus, who may be contacted at firstname.lastname@example.org
How long do we keep your personal information?
Last updated Jun 2020
If you are dissatisfied with any aspect of the way in which we process your personal data please contact our Data Privacy Representative. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 0303 123 1113.
HOW TO CONTACT US
If you have any questions regarding this Notice, the use of your data and your Individual Rights please contact our Data Privacy Representative by e-mail at email@example.com or by telephone on 07504 836 397 (Wednesday to Friday: 10 am to 6 pm).