Our policy complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR).
The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your personal data. We do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org
We hold this data and comply with the lawful reasons as stated below:
– Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject
– Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
– Consent of the data subject
The types of information we collect to you are as follows:
– Contact number
– Email address
– Your personal record card
The reason we collect this information is to make your services with us the very highest quality ensuring we record details of previous services, test details and records of product purchase history.
When, why and how we collect and hold your information
We hold your contact details to ensure that if we need to change your appointment at any time we can let you know. We will collect your information at the time of booking your appointment or if we are checking our records you might be asked to confirm the information we hold.
We will never ask for information which is excessive, or which is not required.
We only use your information to contact you regarding an appointment, to notify you of any changes to ensure your day runs as smoothly as possible. We keep your personal data secure by storing it on a password protected software system, our staff have access it this, but all information is kept securely and our staff are fully trained on the importance of data protection.
Why we would share your information
We are subject to the law like everyone else. Sometimes, we must process your information in order to comply with a statutory obligation.
For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.
This may include your personal information.
Information provided on the understanding that it will be shared with a third party
Our social media allows you to post information with a view to that information being read, copied, downloaded, or used by other people.
– posting a message on one of our pages
– tagging an image
– clicking on an icon next to another visitor’s message to convey your agreement, disagreement or thanks
In posting personal information, it is up to you to satisfy yourself about the privacy level of every person who might use it We do not specifically use this information except to allow it to be displayed or shared.
Once your information enters the public domain, we have no control over what any individual third party may do with it. We accept no responsibility for their actions at any time.
Provided your request is reasonable and there is no legal basis for us to retain it, then at our discretion we may agree to your request to delete personal information that you have posted. You can make a request by contacting us at firstname.lastname@example.org
We invite our customers and staff to connect to our wifi free of charge, we do not collect any information in relation to this.
Job application and employment
If you send us information in connection with a job application, we may keep it for up to [three years] in case we decide to contact you at a later date.
If we employ you, we collect information about you and your work from time to time throughout the period of your employment. This information will be used only for purposes directly relevant to your employment. After your employment has ended, we will keep your file for [six years] before destroying or deleting it.
Use of services by children
We do not sell products or provide services for purchase by children, nor do we market to children.
If you are under 18, you may use our services only with consent from a parent or guardian.
Access to your personal information
Under the new GDPR guidelines you are of course very welcome at any time to view, amend or delete the personal information that we hold on you, simply email your request to our deputy manager Samantha Moore at email@example.com and we will address your request as soon as possible. Please be aware that this could dramatically alter the level of service we can offer you.
Retention period for personal data
Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us:
to provide you with the services you have requested;
to comply with other law, including for the period demanded by our tax authorities;
to support a claim or defence in court.
We may update this privacy notice from time to time as necessary. The terms that apply to you are those stated here. We advise you to print a copy for your records.