Data Protection Processing Policy
Transmute Wellbeing Ltd
Last updated 24/5/2018
Download our GDPR and Client Information Form
Your privacy: information we collect about you and how we use it
This policy tells you what to expect when we collect personal information.
Transmute Wellbeing Ltd is the data controller of the personal information we collect.
The Data Protection Act 1998 regulates the use of personal information held by us. This means we must comply with eight data protection principles which say that personal data needs to be:
- processed fairly and lawfully
- processed only for specified and lawful purposes
- adequate, relevant and not excessive
- accurate and, where necessary, kept up to date
- not kept longer than necessary
- processed in accordance with an individual’s rights under the Act
- kept secure
- not transferred to non-European Economic Area countries without adequate protection
This notice contains information about:
- Information we may collect
- How we use personal information
- How long we keep information
- How we keep information secure
- How you can find information we hold about you
- Changes to this fair processing policy
- How to contact us
Information we may collect
The type of information we may collect and process about you is
varied and may include:
- your name, address and age
- who you are
- your e-mail address
- telephone, email, correspondence
- GP Information
In addition, we may collect other information and data about you and your business.
Some information is defined in the Data Protection Act 1998 as sensitive personal data.
This is information about you which relates to:
- your religious beliefs or other beliefs of a similar nature
- any physical or mental health conditions
- your sexual life
It may also include personal information pertaining to the reasons why you are coming into therapy.
Where we collect personal data we will not collect or use it unless it is lawful for us to do so. This may mean we will need your informed consent to use or share it. However, in some cases it will be lawful for us to do so without your consent, if, for example it is necessary as part of our legal duty, or that of a third party, such as our Supervisor or GP. Data would only be shared with your GP if you were going to harm yourself or another person.
How we use personal information
This policy applies to information we collect set out below:
- visitors to our website
- complaints
- people who make enquiries or ask for general help
- others connected to our work
- jobs
How long we keep information
We keep personal information for as long as necessary in line with our published retention and disposal policies. We retain personal information if we need it to meet our legal and operational requirements.
How we keep information secure
We are under a general duty to keep personal data and information confidential. Where we share information we take all reasonable steps to keep it secure, use it fairly and ensure that data protection safeguards are in place. We will not share your data with third parties without your express permission unless required to do so by law.
For the purposes of the Data Protection Act 1998
We collect, handle and keep information secure to ensure we meet the data protection obligations as well as how we maintain the confidentiality, accessibility and integrity of information we hold.
How you find out about information we hold about you
The Data Protection Act 1998 gives you a right of access to personal data we hold about you. These are called subject access requests. In some cases we are not required to provide you with information we hold about you. Where this is the case we will let you know.
You can request information by making a request in writing addressed to Transmute Wellbeing Ltd.
You will also need to let us have a postal or email address so that we can send you the information. We ask that you mark the covering envelope or email as ‘Confidential’.
Administration charge
There is a charge of £5 payable by cheque. This covers costs we are entitled to charge under the Data Protection Act 1998.
We cannot deal with your request until the fee is paid.
How we provide the information
We usually send a hard copy by special delivery post to your residential address or by email. We can make other arrangements in some cases. Please ask Adriana Talaba, the company manager, if you would like to agree alternative arrangements.
Can I see all the information held about me?
You may not be entitled to see all the information held about you if an exemption under the Data Protection Act 1998 applies, such as information that is about another person.
If an exemption applies we will explain which exemption applies and we tell you if we have removed any information from the copy we send you.
Changes to this fair processing policy
We keep this Policy under regular review.
How to contact us
If you would like to ask for information about our policy you can email or write to us. If you would like a copy of this policy in an alternative format please ask.
Visitors to our website:
Third-party cookies
Some services we use to add value and convenience to those who use our website. The browsers may set cookies on our behalf. These services fall into two broad groups: social media and web analytics.
Social media
Some of our web content includes buttons that allow visitors to share content easily with their online networks—using Twitter, LinkedIn and Facebook. When visiting these areas Twitter, LinkedIn and Facebook may set cookies on a visitor’s browser. We do not control the use of these third-party cookies, and any concerns should be checked with the policies of Twitter, LinkedIn and Facebook.
Web analytics
To improve our web-based services we collect and use overall data about the use of our site from a third-party service, Google Analytics. When visitors use our website Google Analytics sets cookies on their browser. We do not control the use of these third party cookies and any concerns should check with Google’s privacy policy.
More information about cookies
To learn more, including how to manage cookies, visit www.aboutcookies.org. If you have any questions or concerns about cookies set by us, please get in touch.
In appropriate cases, personal information may be disclosed to regulators, the Legal Ombudsman, enforcement or government agencies, other regulators or others with a legitimate interest who may keep a record of that information. We only share information where it is lawful for us to do so, such where it is necessary to do so as part of our, or a third party’s, statutory or public function or because the law permits or requires us to.
We may also share personal information with selected third parties which provide relevant services to us, such as outsourced IT services or legal support but only where this helps us to fulfil effectively our legal duties or to ensure the proper administration of the site.
Security
Your credit card transactions are secure. All on-line orders are encrypted and sent through a secure server. Confidential information such as your credit card number will be used only to fulfill your order. To protect your privacy, we will ask you to enter your credit card number, expiration date & card verification code (3 digit number on the back of your card) each time you place an order with us. This way, even if someone else accesses the account information stored on your computer, they will not be able to use your credit card.
Complaints about us
When we receive complaints about us we create a complaint file. Usually the file will contain the identity of the person complaining and other people involved in the complaint.
We use personal information to deal with the complaint. We may also use the information to check and improve our level of service.
In appropriate cases, personal information may be disclosed to other regulators, or others with a legitimate interest who may keep a record of that information. We only share information where it is lawful for us to do so, such where it is necessary to do so as part of our, or a third party’s, statutory or public function or because the law permits or requires us to.
Some data is collected when people sign up to newsletters, act as an organisation’s contact, respond to our consultations or register with us for training, workshops or other communications. We use personal data collected in this way to deliver the service we provide or to improve the service we offer. Those responding to our consultations can opt to have their data kept confidential. We do not use your data for marketing purposes. You are always entitled to request the removal of your data from records held. We are required by the Law Society to retain certain data for specified periods of time.