At North Kent Hypnotherapy, we are committed to respecting the privacy of our clients, our contacts, and all visitors to our website (the ‘website’).
We intend to ensure any data we hold is kept secure, managed respectfully and only used for the purposes for which it has been provided.
What information do we collect?
We may collect personal information from you in the course of our business, including when you contact or request information from us, when you engage our services, when you use our website, or as a result of your relationship with one or more of our staff or clients.
Information provided by you:
You may choose to provide us with personal information, for example, by asking us to contact you, signing up for a newsletter, purchasing a product or service, or by becoming a client.
This may include contact information (e.g. title, name, address, telephone number and/or email address), financial or payment related information (such as appointments, invoices and payment receipts) and any other personal information you choose to provide us.
If you become a client, we will also keep session notes, which may include special categories of data (e.g. health information, religious or philosophical beliefs) as appropriate to your matter.
Information logged automatically:
Web servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your web browser.
Information from third parties:
We may receive information from third parties, such as social media or other public sources. Our clients may also provide us information about you in the course of their work with us, for example if you have a connection with them (e.g. being a family member).
On what basis do we use this information?
Under the European Union’s General Data Protection Regulation (GDPR) law, we are permitted to use your personal data if there is a lawful basis to do so.
We use your personal information on the following bases:
- To perform a contract, such as delivering our products and services; or
- Where you have provided your consent; or
- To comply with legal and regulatory obligations; or
- For legitimate business purposes; or
- To protect your vital interests e.g. if you were unfortunate enough to fall ill on our premises
Where we process any special category information (e.g. health information, religious or philosophical beliefs) as part of our client records, this will be on the following bases:
- your explicit consent e.g. as part of client contract; or
- to protect your vital interests or someone else’s vital interests; or
- where you have made the information public; or
- for the establishment, exercise or defence of legal claims; or
- for the provision of health care e,g, counselling and hypnotherapy
How is this information used?
We use your information to:
- provide and improve our services and products to you;
- maintain and develop our relationship with you and our clients;
- maintain the security of our website and data
- facilitate our internal business operations;
- fulfil our legal requirements and professional obligations;
monitor and analyse our business to provide the best client experience;
promote and market our website and services
We may not be able to do these things without your personal information.
How long is this information kept?
We keep your personal information only for as long as required by us:
- to provide you with the services you have requested;
- to comply with the law, including our accounting obligations;
- to support a claim or defence in court;
- to fulfil our legitimate business interests
We operate in a solution-focussed modality, so session notes will generally be destroyed 6 months after a course of treatment finishes, unless required as above.
How is this information shared?
We may share your information with third parties where:
- you have consented for us to do so;
- we are under a legal, regulatory or professional obligation to do so;
- legal proceedings require us to exercise or defend our legal rights;
- to protect your vital interests or someone else’s vital interests
- suppliers are processing data on our behalf under contract (such as our payment providers,
- email service provider, advertising and analytics providers, and review collection service);
Our suppliers may be based (or store or process information) in the UK or elsewhere including outside of the European Economic Area (the “EEA”). This may mean your information is transferred from a location within EEA to outside the EEA, or vice-versa.
In the event that retirement, merger or restructuring passes control of the business to a new owner, we may need to pass your information to the new owners.
For the avoidance of doubt, we will not sell, rent or otherwise make personal information commercially available to any third party, except with your prior permission.
They are placed by software that operates on our servers, and by third party services, such as Google Analytics, Facebook and Twitter, who may use that information to further help us analyse the popularity and use of our site, and to enable us to appropriately target and measure the effectiveness of our advertising.
The generic information generated about your use of our website (including anonymised IP address) may therefore be transmitted to and stored by third parties, such as Google and Facebook, on servers in the United States.
You may also have the right to request that we:
- Provide you with a copy of your personal information that we hold
- Update your personal information where it is out-of-date or incorrect
- Delete personal information that we hold
- Restrict the way in which we process your information
- Consider any valid objections to our processing of your personal information
- Provide information you have given to us to a third party provider of services (where our lawful basis for processing is consent or contract and where processing is automated)
You may also have the right to submit a complaint to a supervisory authority in your jurisdiction.
Please be aware that these rights are not absolute, so will not apply in all cases or to all information that we hold about you. For example, we may need to continue to hold and process information to establish, exercise or defend our legal rights, or to fulfil our legal and accounting obligations under the Companies Act.
We provide an unsubscribe option in every marketing email, so you can easily opt out at any time without contacting us.
Otherwise, to object to the processing of your personal information, withdraw a previously given consent, or provide up-to-date and accurate information, please contact us using the details below, and we will take all reasonable care to respect your wishes in accordance with our legal obligations.
We will respond to your request within the applicable statutory time period, and inform you if the right you wish to exercise applies to the particular circumstances of your request.
Please note that if we are not sure of your identity, we may require you to provide further information in order for us to confirm who you are.
We may update this privacy notice from time to time as necessary to keep it in line with current legislation and industry best practice.