Natural Connection needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts and other people the organisation has a relationship with or may need to contact.
This policy describes how this personal data must be collected, handled and stored to meet the business’ data protection standards — and to comply with the law.
Ana Veloso is the Data Controller and will ensure that all personal and sensitive information collected will be dealt in accordance with The Data Protection Act 1998.
Why this policy exists
This data protection policy ensures Natural Connection:
• Complies with data protection law and follow good practice
• Protects the rights of customers and partners
• Is open about how it stores and processes individuals’ data
• Protects itself from the risks of a data breach
Data protection law
The Data Protection Act 1998 describes how organisations — including Natural Connection — must collect, handle and store personal information.
These rules apply regardless of whether data is stored electronically, on paper or on other materials.
To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.
The Data Protection Act is underpinned by eight important principles. These say that personal data must:
1. Be processed fairly and lawfully
2. Be obtained only for specific, lawful purposes
3. Be adequate, relevant and not excessive
4. Be accurate and kept up to date
5. Not be held for any longer than necessary
6. Processed in accordance with the rights of data subjects
7. Be protected in appropriate ways
8. Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection
The Information Collected
When you book an appointment, I collect personal details such as your name, email and telephone number. This information is used to identify you and contact you about the appointments and services you have booked.
To provide a safe and effective treatment I also need to collect information such as your medical background and lifestyle choices. This information is only used to make sure your treatment is as effective as possible.
When you buy a gift voucher, I collect personal details such as your name, email, recipient’s name and possibly a postal address. This information is used to identify you and provide the service you have requested.
When you provide your personal information in the course of booking an appointment, completing your treatment intake form, making a payment or contacting me about my services, you are giving your consent to collect that information and use it for that specific purpose. I will not use your personal information for any secondary reason, like marketing, unless I have asked you consent to do so.
Accessing and updating your information
You have the right to review the personal information stored about you and your treatment sessions at any time. You also have the right to request for the information to be updated or amended if your data is not accurate or up to date. If you believe that this might be the case, please email me as soon as possible and I will promptly correct any information found to be inaccurate
To action any of these rights at any time please email firstname.lastname@example.org with your request.
Unless required to do so by law, Natural Connection will not otherwise share, sell or distribute any of the information you provide without your consent.
Data Handling & Storage
Personal Information and Sensitive Information collected by Natural Connection is handled and stored in accordance with the guidelines set out in the General Data Protection Regulation (GDPR). Natural Connection will never lease, distribute or sell your personal information to any third parties.
Data stored on paper is kept in a secure place, in a locked drawer or filing cabinet where unauthorised people cannot access it.
Data stored electronically, is protected from unauthorised access, accidental deletion and malicious hacking attempts. It is protected by strong passwords that are changed regularly and never shared. If data is stored on removable media (like a CD or DVD), these will be kept locked away securely when not being used. All servers and computers containing data are protected by approved security software and a firewall.
Personal Information and Sensitive Information which is not associated with our financial records is securely destroyed 6 years after your most recent appointment. In the case of minors, the time period is extended to 6 years after they reach the age of majority.
Personal Information which is associated with our financial records will be deleted 6 years following the end of the accounting year to which the records relate.
This website may contain links to other websites of interest. However, once you have used these links to leave this site, you should note that I do not have any control over that other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
To protect your personal information, I take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
This policy will be updated as necessary to reflect best practice in data management, security and control and to ensure compliance with any changes or amendments made to the Data Protection Act 1998.
In case of any queries or questions in relation to this policy please contact the Natural Connection Data Protection Officer.
Questions & Contact Information
To request your information to be updated, amended or deleted, or if you have any questions about how your information is collected, stored and used, please email email@example.com.
If, for any reason, you are unhappy with how your data is handled, please raise your concerns with Natural Connection, so that I can seek a resolution. If you are still not satisfied, then you have the right to complain to the Information Commissioner’s Office (ICO).