PRIVACY POLICY
GDPR: General Data Protection Regulation Policy. May 2018.
What information is being collected?
As part of visiting our website you might send a contact form, for which we ask you for your name, email and your reason for messaging. This information may be used and stored by Weebly.com as our website provider. Please visit their Privacy Policy to ensure your consent.
Before your first Pilates session your teacher or a receptionist we will need to have a record of your personal details, date of birth, address, telephone numbers, email and relevant medical information relating to your session. You have access to this information at all times. All data will be held behind lock and key.
No client files are left on surfaces for other clients / staff to read. Once files are back at Pilates Republic ltd home studio, paper files will be locked securely.
All notes will be kept secure for a period of 8 years for adults and will then be destroyed if you are no longer attending clinic.
How is it collected?
Collection of data will happen via the website or via pen and paper note taking, secure email, text messages, occasionally photographs, videos, and letters by mail. No personal data will be collected via social media.
Why is it being collected?
Data is collected to customize your workout and ensure information can be accesses for further sessions, so the process of data collection needs to only happen ones.
How will it be used?
Data will be used to personalize your workout, communicate appointments, session information, progress and relevant consented media.
Who will it be shared with?
Data is rarely used to communicate and be shared outside of the studio, or any public space used for sessions. On occasion you may be asked for permission for the information to be shared with another (medical) service for referred treatment/:
Full permission will be requested first.
Personal data will be sent by post or email separately to your treatment information.
Client experiences can be shared with the public with full consent from the client themselves.
What will be the effect of this on the individuals concerned?
There should be no data leakage with regards to clients.
No data is shared with 3rd parties without consented permission.
No data is sold to third parties for business reasons.
No data is held on phones unless encrypted with a pin number / finger print recognition. No phones are left unattended. Lost / stolen phones need to be locked remotely to prevent 3rd parties reading any sensitive information.
All computers / laptops and tablets are locked with pass codes and not left unattended. Only individuals with permission to read notes can access this data.
All paper files are locked by key and kept safe.
Is the intended use likely to cause individuals to object or complain?
Pilates Republic ltd and Sandra Igel take data protection and privacy seriously and promote this philosophy to all the industry in relation to protecting client data.
The data mapping in place should never cause a client to object or complain. Any queries and requirements are taken seriously and honoured.
Banking
We use Natwest Bank to receive/transmit funds transfers and we access information via online banking. Learn more about Natwests security practices and their Privacy Policy here.
Offline Backup
Periodically we backup our online databases and store that information on secure office hard drives that are password protected and kept under lock and key only accessible by directors.
Website
Clicking on links on this website may result in you transferring to another website, where data privacy practices may be different to that of Pilates Republic ltd or Sandra Igel. Visitors should review the other websites' privacy policies, as we have no control over what happens to information that is submitted to or collected by these third parties.
The cookies used on this website record the pages you visit and any interactive elements - such as forms - that you use. They can also record information on the visit date and time as well as internet browser and the device you use to access the site. No information is collected that can identify you personally.
Currently we operate an "implied consent" policy which means that we assume you are happy with this usage. If you are not happy, then you should either not use this site, or you should delete the cookies having visited the site, or you should browse the site using your browser’s anonymous usage setting.
You can find out much more about cookies at www.allaboutcookies.org.
When you visit our website your IP address registers on the host server. Your IP address reveals no information other than the number assigned to you. We do not use this technology to retrieve any personal data against your knowledge or free will (i.e. automatically recording email addresses). Nor does she use it for any purpose other than to help monitor website traffic, or (in case of criminal activity or misuse of our information) to cooperate with law enforcement.
Contact Us
If you have any questions or wish to request deletion from one or more of our databases, as detailed above, please feel free to get in touch.
Sandra Igel, Data Protection Officer for Pilates Republic ltd.
Phone: 07879 337 068
Email: [email protected]
Correspondence address:
84 Charlmont Road
London
SW17 9AB
UK