Cheltenham Holistic Health Centre. www.chhc.co.uk
We are committed to safeguarding and ensuring the privacy and security of your personal information.
This Policy explains what happens to personal data that you provide to us, or which we collect during your use of our website, including how we use it and when we may disclose it.
Data Protection Legislation means:
(i) Until 25 May 2018, the Data Protection Act 1998; and
(ii) Unless and until the General Data Protection Regulation ((EU) 2016/679) (GDPR) is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK; and then
(iii) Any successor legislation to the GDPR or the Data Protection Act 1998.
If you do not accept this Policy, you must not use this site.
Personal information we may collect:
We may collect and process personal information from you, such as your name, address, telephone numbers, and email addresses, when you complete registration or inquiry forms on our website. In addition to personal information, we may collect information about your company and its activities.
Contact data/Enquiry data. We may process contact details that you provide to us (“contact data”). This contact data may include your name, address, telephone number, and email address, and may be provided through our website.
The purpose for us collecting your contact data is so that we may communicate and respond to you, meet our legal obligations and develop our relationship with you,
We may use this contact data to contact you to discuss your use of our website, and how our website and content performed and functioned for you. We may also use this data to contact you to: (a) respond to any enquiries you make (b) provide you with a copy of our websites updates (c) conduct, improve and develop our relationship with you,
Market research data: We may process information that you provide to us for the purpose of carrying out direct marketing and improve our website, conducting market research, informing you of new products or those we believe you may be interested in (“market research data”). The notification data may be processed for the purposes of direct marketing and market research.
The legal basis for this processing is consent.
Correspondence data: We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping.
The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
Notification data: We may process information that you provide to us for the purpose of subscribing to our newsletters (“notification data”). The notification data may be processed for the purposes of sending you newsletters.
The legal basis for this processing is consent.
Other processing activities: In addition to the specific purposes for which we may process your personal data set out above, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Disclosing your information:
If we buy another business or sell any of our business or our business as a whole, to the relevant buyer; our partner service providers. We may share your data to our partners who manage and support the technology we provide through our web site.
We may use third party service providers to help us operate our business and our web site or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Our professional advisers. We may disclose your personal data to our professional advisers insofar as reasonably necessary for the purposes of managing risks, obtaining professional advice and managing legal disputes.
Where we provide your personal data to any third party. Where we share your personal data with any third party, we will ensure this processing is protected by appropriate safeguards including a suitable data processing agreement with that third party.
To comply with legal obligations. In addition to the specific disclosures of personal data detailed above, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation we have to comply with, or in order to protect your vital interests or the vital interests of another individual.
Transfers of your personal data outside of the European Economic Area (EEA):
Where your personal data is transferred outside of the EEA, we will ensure that either (a) The European Commission has made an “adequacy decision” with respect to the data protection laws of the country to which it is transferred, or (b) we have entered into a suitable data processing agreement with the third party situated in that country to ensure the adequate protection of your data. In all cases, transfers outside of the EEA will be protected by appropriate safeguards.
A cookie is a small text file that is placed on your computer’s hard drive by your web browser when you first visit our website. The cookie allows us to identify your computer and find out details about your last visit to the site. Most internet browsers accept cookies automatically, but usually you can alter the settings of your browser to erase cookies or prevent automatic acceptance if you prefer. If you choose not to receive our cookies, we cannot guarantee that your experience with the site will be as quick or responsive as if you do receive cookies.
The information we collect by using cookies is not personally identifiable; it does not include information about your computer settings, your connection to the internet e.g. operating system and platform, IP address, your browsing patterns or geographical location.
The cookies we use are provided by Google Analytics and WordPress CMS and are as follows:
_gat – This cookie does not store any user information, it’s just used to limit the number of requests that have to be made to doubleclick.net.
_ga – which is used to identify unique users and it expires after 2 years.
_gid – which is used to identify unique users and it expires after 24 hours
PHPSESSID – To store a simple message when a form is submitted that can be displayed on a different page. No personal information is stored in this cookie.
Storage, Safeguards and Security:
We may transfer your personal information outside of the European Economic Area (EEA) for processing and storing. By using our website and providing your personal information to us you agree to this transfer, storing or processing. You may refuse or withdraw such consent at any time by contacting us and if this will affect our ability to provide you with products or services we will let you know within a reasonable period of time.
Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Unless we contact you and obtain your consent for us to retain your personal data for a longer period, we will retain and delete your personal data as follows:
Contact data will be retained for 2 years following the date of our last contact or dealing with you, at the end of which period it will be deleted from our systems.
Correspondence data will be retained for 2 years following the date of our last contact or dealing with you, at the end of which period it will be deleted from our systems.
Website data will be retained for 2 years following the date of our last contact or dealing with you, at the end of which period it will be deleted from our systems.
Enquiry data will be retained for 2 years following the date of our last contact or dealing with you, at the end of which period it will be deleted from our systems.
We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Whilst we take all reasonable steps to keep your personal information safe and secure, no data transmission over the internet can be entirely secure, so we do not guarantee the security of your personal information and/or use of the Site. We use reasonable endeavours to protect the security of your personal information from unauthorised access or use by using encryption technology.
Our website might include links to third party websites, including tuotempo, which is our online booking system. You should review the privacy policies of external websites before sending them any personal data. We do not accept any responsibility or liability for any third party policies.
Data Protection Legislation provides you with the following rights in relation to your personal information:
the right to access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to object to processing;
the right to data portability;
the right to complain to a supervisory authority; and
the right to withdraw consent.
If you wish to review or receive copies of the personal information we hold about you please contact us using the details set out in the ‘Contact Us’ section, below. We will provide the first copy of your personal information free of charge, unless your request is unfounded or excessive. You are entitled to receive your personal information in a structured, commonly used and machine-readable format. We may charge a small administration fee in relation to fulfilling additional requests for access to your personal information.
If any of the personal information we hold about you is inaccurate or incomplete you may request that we correct it or you may request that any processing of your personal information is restricted (i.e. because it is inaccurate, the processing is unlawful or you have objected to the processing). If processing is restricted for these or any other reasons we may still store your personal information.
You may request that your personal information is erased where: it is no longer necessary for us to retain it for the purpose it was collected; you have withdrawn consent to the processing if your consent was required; the processing relates to direct marketing; or your personal information is being processed unlawfully. However, please note that it may necessary to continue to retain some of your personal information so that we comply with our legal obligations and in relation to claims made against or by us.
You may object to the processing of your personal information if the legal basis for our processing relates to a task performed in the public interest; in the exercise of official authority vested in us; that it is necessary for the purposes of our legitimate interests or those of a third party; or for statistical purposes. If you so object, we will stop any such processing unless we can demonstrate compelling legitimate grounds for the processing and those grounds override your interests, rights and freedoms, or the processing relates to a legal claim.
You may request that we stop processing your personal data for direct marketing at any time. For example, you may unsubscribe from any of our newsletters by clicking on the “Unsubscribe” link in the email promoting each issue of the newsletter. However, we may retain your email address to ensure that our newsletter is not sent to you after you have unsubscribed.
You have the right to refuse consent, or withdraw consent previously provided, to the disclosure of your personal information at any time by contacting us. If this will affect our ability to provide you with goods or services we will notify you as soon as is practicable.
We regularly email website news and information updates to those customers who have specifically subscribed to our email service (positively opted in). All subscription emails sent by us contain clear information on how to unsubscribe from our email service. These emails are stored and processed in a Mailchimp database.
We never sell, rent or exchange mailing lists
In accordance with the Privacy and Electronic Communications (EC Directive) Regulations 2003, we never send bulk unsolicited emails, (popularly known as Spam) to email addresses.
All emails sent by us will be clearly marked as originating from us. All such emails will also include clear instructions on how unsubscribe from our email service and any future emails. Such instructions will either include a link to a page to unsubscribe or a valid email address to which you should reply, with “unsubscribe” as the email subject heading.
By post: Cheltenham Holistic Health Centre, Camargue House, 32 Wellington Road, Cheltenham, Glos, GL52 2AG, England.
By telephone: +44 (0) 1242 584140
By email: email@example.com
By Web: https://www.chhc.co.uk/contact-us/
We will consider your question or complaint and respond to you in a reasonable timeframe.
If you are not satisfied with the outcome of your complaint you make contact the Information Commissioner’s Office at www.ico.org.uk/complaints or by telephone to +44 (0) 303 123 1113.