We are committed to maintaining your privacy and ensuring your personal information is protected and never misused.
This policy was created in line with the General Data Protection Act of 2018.
1. About this Policy
• We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk). For the purposes of the GDPR, Noelle Moyler will be the “controller” of all personal data we hold about you.
2. Who we are?
Noelle Moyler provides Personal Training, Workshop and exercises classes within the Hampshire & West Sussex area, contact: email@example.com .
3. What data do we collect?
We will only ask for or collect personal information when you contact us, use our Services or work with us: • personal details which include the following contact information: your name, date of birth, email, postal address, telephone numbers; • Health information to ensure you have no contraindications to exercise or nutrition services to plan safe and effective exercise for you: Including GP details, emergency contact, medical history, lifestyle information and information agreed with you to progress/adapt your exercise prescription and for nutritional advise • bank details (only requested if we need to pay you a refund by BACS) otherwise not required; once the transaction has been completed the details are deleted. • The only personal or sensitive data recorded, as laid out above, is information you will have given willingly to Blueberries and Jellyfish at our face-to-face assessment and 1:1 sessions/classes/workshops or via the contacts page on our website. If you wanted to request to see this information again at any time please put a request to do so in writing to Blueberries and Jellyfish via email: firstname.lastname@example.org and I will respond with a date of when this information will be given to you (normally within 30 days).
4. Reasons/purposes for processing information
Our use of your personal data will always have a lawful basis and will only be processed to enable us to: • provide safe and effective personal training services and nutrition advise; • provide safe and effective workshop education; • provide safe and effective fitness classes • advertise our personal training, classes and workshop services. We will only send you relevant emails regarding these services • to maintain our own accounts and records.
5. Who the information may be shared with:
We will never share your data with a third party or external agencies. In the unlikely occasion that we should need to share your data with any other party, such as a Women’s Health Physiotherapist, we would only do this with your prior written consent.
The website blueberriesandjellyfish.co.uk is powered and hosted by Wix. Wix utilizes cookies to track the pages that visitors to our website look at for statistical purposes only. If you would like to use the automated booking system Wix Bookings or the payments processors PayPal or Stripe (for card payments) via our website/Facebook when booking an appointment or onto an event or workshop etc. then these payments processors and service providers have their own privacy policies which you need to read and ensure you are happy before utilising them. You are welcome to pay by cash or book manually by emailing Blueberries and Jellyfish directly. Wix , Paypal and Stripe will email Blueberries and Jellyfish with any proof of payment and this email will include the treatment /event you have paid for together with your name, address, email, card details and telephone number
6. How we protect your personal data
• We will not transfer your personal data outside the EU without your consent. • Hand written records of each and every assessment, personal training session, class or workshop session attended will be stored in a securely locked facility which only the Data controller has access to. • Personal contact data via email is stored on a password protected computer only accessible by the Data Controller. We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction. • Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be completely secure. • For any payments which we take from you online we will use a recognised online secure payment system. • We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk. • We will retain your personal data for as long as you are a user of our Services or we are working together.
7. Your rights under the GDPR
You have a number of rights in relation to your personal data: • the right to be informed about our collection and use of your personal data; • the right to get copies of the personal data we hold about you; • the right to correct any inaccurate or incomplete personal data we hold about you; • the right to get your personal data deleted; • the right to have your personal data transferred to you in an accessible way (data portability); • the right to object to direct marketing; • the right to object to our use of your data in some circumstances; • the right to limit how we use your personal data.
8. Access to & Removal of your details
You have the right to access a copy of any personal data we hold about you.
You have the right to withdraw your consent to us using your personal data or opt out of marketing communications from us at any time. Please contact email@example.com if you wish to do so.
If you wish to make a complaint about our collection or use of your personal data, please contact us first and we will seek to resolve your complaint.
If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority with whom we are registered, the Information Commissioner’s Office (ICO). Please visit the ICO website for further information about your rights and if you wish to lodge a complaint.