This privacy policy explains how I, Dr Louise Mercer of Mindfulness Helps, collect, store and use your personal data.
It has been drawn up in accordance with the EU GDPR and is effective from May 25th 2018.
It will explain
I only collect data from individuals who have paid for services from Mindfulness Helps.
If prior to May 25th 2018 you subscribed to receive my Newsletter and updates but had not at any time purchased my services I can confirm your data is now deleted.
Using the Website Contact form or emailing me directly
If you have not previously paid for any of my services as detailed above and you contact me using the website contact form or by emailing me directly I will deal with your enquiry and once those actions are completed those emails are securely archived. I will not add your personal details to my data base or use your personal details in any further way.
I do not sell or distribute any data.
With your consent I collect your personal data to provide updates about dates, times and venues of future sessions, curated articles about the practice of Mindfulness and access to audio tracks on my website.
If you attend and pay for Drop In session you are given the option to complete a consent form to receive by email any or all of the following
Your written consent is the lawful basis I have to store and use your personal data.
The only data stored is your full name and email address.
Your data is only used for the explicit purposes you have consented to.
I scan and store your consent forms electronically using iCloud Drive/Apple Inc. the data is encrypted in transit and on the servers.
The paper copy is stored under lock and key at my home address.
I use Go Daddy™ to host my website and provide email marketing, they securely store your personal data and deliver these emails.
Each GoDaddy™ email contains tracking technology that collects and sends me data. This data records that an email has been delivered, viewed or engaged with, and assists me in improving the quality of the content of my emails.
I do not sell or distribute any of your personal data.
All devices used to access your data are password protected
You can withdraw your consent and unsubscribe at anytime by using the UNSUBSCRIBE button on each email.
You can update your name, email and your preferences about what you receive, including disabling the tracking technology, using the PREFERENCES button on each email.
You have the right to be informed of what data I hold.
You have the right to access free of charge a copy of this data in paper or electronic form within 1 month of your request to do so.
You have the right to ask for correction of any inaccuracies.
You have the right to ask for erasure of your data unless I have a legal obligation to retain it.
To book a place on a Mindfulness Helps course you are required to complete an application form and you are issued with an invoice.
The data on this form and invoice is all necessary for me to deliver the course in a safe and effective manner and to fulfil the contractual obligations of the purchased course.
This contractual necessity is the legal basis I have to store and use your data.
At the first session of the course you will have the opportunity to view and check the accuracy of the data I hold about you.
I will use your data:
In an emergency the data I hold may be shared to protect your vital interests.
Your data will be retained for the legally necessary time period determined by my insurance provider and HMRC
If you apply using the online website contact form your application data is securely collected and sent by email to me by GoDaddy™ who host my website
Your application form data is stored as an encrypted password protected document on iCloud Drive/Apple Inc.
The paper copy is stored securely under lock and key at my home address.
The invoices are stored as encrypted password protected documents on iCloud Drive/Apple Inc.
Paper copies are stored under lock and key at my home address
The invoice data is also stored securely by Paypal who is the Payment Service Provider
I have no access to any details of your payment method
I do not sell or distribute any of your personal data.
All devices used to access your data are password protected
You have the right to be informed of what data I hold.
You have the right to access, free of charge, a copy of this data in paper or electronic form. This will be provided within 1 month of your request.
You have the right to ask for correction of any inaccuracies.
You have the right to ask for erasure of your data, unless I have a legal obligation to retain it.
With your consent I collect your personal data to provide updates about dates, times and venues of future sessions, curated articles about the practice of Mindfulness and access to audio tracks on my website.
If you have completed a Mindfulness Course you are given the option to complete a consent form to receive by email any or all of the following
Your written consent is the lawful basis I have to store and use your personal data.
The only data stored for this purpose is your full name and email address.
Your data is only used for the explicit purposes you have consented to.
I scan and store your consent forms electronically using iCloud/Apple Inc. the data is encrypted in transit and on the servers.
The paper copy is stored under lock and key at my home address.
I use Go Daddy™ to host my website and provide email marketing, they securely store your personal data and deliver these emails.
Each GoDaddy™ email contains tracking technology that collects and sends me data. This data records that an email has been delivered, viewed or engaged with, and assists me in improving the quality of the content of my emails.
All devices I use to process your data are password protected.
I do not sell or distribute any of your personal data.
You can withdraw your consent and unsubscribe at anytime by using the UNSUBSCRIBE button on each email.
You can update your name, email and your preferences about what you receive, including disabling the tracking technology, using the PREFERENCES button on each email.
You have the right to be informed of what data I hold.
You have the right to access, free of charge, a copy of this data in paper or electronic form. This will be provided within 1 month of your request.
You have the right to ask for correction of any inaccuracies.
You have the right to ask for erasure of your data, unless I have a legal obligation to retain it.
My website uses Cookies
This is my full Cookie policy
https://mindfulness-helps.com/cookie-policy
My website has an SSL certificate provided by GoDaddy™
A Secure Sockets Layer (SSL) certificate protects any information I collect on the website from being intercepted.
SSL encrypts information between your browser and my Web server, so personal information is disguised, stays secure, and goes directly to me. An SSL certificate adds the "https://" your browser bar when on the website site, so you know it's safe to submit your personal info.Your browser will also display a padlock icon (the location depends on the browser).
GoDaddy ™
GoDaddy ™ provide me with the following services
They have updated their privacy policy to bring it in line with the EU GDPR and are compliant with the E.U-U.S and Swiss-U.S. Privacy Shield Frameworks.
https://uk.godaddy.com/agreements/showdoc.aspx?pageid=PRIVACY
iCloud/Apple Inc.
I use iCloud Drive to store data
Application forms and invoices are individually encrypted and password protected
All data stored on iCloud Drive is encrypted in transit and encrypted on the server
Apple is compliant with the EU GDPR
This is an overview of iCloud security provided by Apple
https://support.apple.com/en-gb/HT202303
PayPal
Paypal is used as a Payment Services Provider
Paypal is compliant with the EU GDPR
This is the Paypal privacy policy