Your privacy is important to us!
We want everyone who interacts with us to feel confident and comfortable with how any personal information you may share or have shared with us will be used and know how we look after it. The requirements are that this is in a ‘concise, fair, open and transparent manner’. If you have any concerns that we are not delivering on this then please do get in touch.
Privacy and Cookies Policy
Our policy has been updated in line with new GDPR (general data protection regulation) requirements needed from 25 March 2018, as well as the data protection act and the privacy and electronic communications regulation.
As ever, we are committed to treating you with respect and openness.
1. How we collect information about you
We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post or phone calls. We need to make sure we share information that you need to know when you book on / attend a course and that you understand why we may ask for certain pieces of information.
When you call us to find out more about the courses we offer: if you ask us to call you back, send you a prospectus or go on our email list, we will ask you for relevant info so we can do what you have asked of us.
When you book on a course: either on the website or over the phone. We will ask for relevant details including name, address, email, phone number, current therapy.
When you visit our website: you can sign up for our free content or just subscribe to our newsletter.
We gather general information which might include which pages you visit most often and which services, events or information is of most interest to you. We may also track which pages you visit when you click on links in emails from us. We also use “cookies” to help our site run effectively. The first time you visit the site there should be a pop up that asks if you are OK with this (if you have not seen that recently it is likely because you have already agreed to this on a previous visit to the site). You are able to clear your cookies at any point or you can decline to accept them. There is a chance the website may then work slightly differently in places. There are more details below – see ‘Cookies’.
We do use google analytics on our website which will track things like when visits are made to the website, the pages people land on and then click to and how long people stay on there (please see google anylytics if you want more information about this). This does not store your personal data, other than noting your IP address. We do this so we can get an idea of the sort of information people generally are looking for so we can optimise our site. In truth, we rarely have time to actually do all that much with all this information and it is also true that you can sidestep this by using private browsers or declining cookies.
2. What we Collect and Why
Personal information we collect includes details such as your name, date of birth, email address, postal address, telephone number and credit/debit card details (if you are making a purchase or donation), as well as information you provide in any communications between us. You will have given us this information on registering for an event, ordering something on the website or over the phone or in some instances in person. We will mainly use this information:
- To process any payments and provide the services or goods that you have requested.
- To update you with important administrative messages about a class or services or goods you have requested.
- To keep a record of your relationship with us.
- To contact you about our work and any other products or classes you may be interested in as well as helpful content about CST or therapies in general relevant to training in CST.
We will not pass on your details to anyone else. There has never yet been an occasion where we have even contemplated this – if there ever was please rest assured we would ask your permission first.
3. How we store your data
We have a couple of places where your information may be stored:
- Office database: we have a database that was designed and written for us specifically for the things that we need to do. This includes things like printing out participants lists for classes (we always ask if you want to go on this first), getting the name you want on any certificates issued and preparing invoices, etc. This is password protected and held in the cloud.
- Dotmailer: this is the emailing service we use to send bulk emails (much easier, prettier and more efficient than sending them one at a time). In here, if you have signed up to our online course or mailing list from the website, done a course, or talked to us in person or on the phone and given us permission to contact you, via an intro class or something other, then we store your email address, first and sometimes (not always) your last name, the level of core curriculum you have reached so that we can send emails relevant to your level of training. You can unsubscribe at any time. This button is on every email we send.
- Perhaps in the office: When we took over from the previous business owners we inherited some physical records. We have gradually weaned ourselves off them and are in the final throws of getting rid. Any older data that is stored from here is because we do get calls, from time to time, from people who have done courses a long time ago, who can’t remember what course they did, and it is the easiest way of finding them again. Once this is stored digitally it will all be password protected, like everything else is.
- If we take payment details from you they are shredded as soon as they have been processed by our small but perfectly formed cross shredder and then used as bedding by Milo the hamster (information correct as at 25 May 2018). Payment information online is taken either via our worldpay account if you choose to pay by card, or you can send a BACS or cheque; the online booking process through sitewizard will record this so we know who to chase and who to thank. We do not store anything except the amount you paid and the way you paid it.
- In the UK, we produce a networking directory periodically to enable students to contact each other. You are eligible to be in this after CST2 unless, again, you request otherwise. It is available from the Resources page of the site and is password protected.
While I think we are improving this gradually, I have always felt I am a bit rubbish at it. You will not get daily, weekly or even monthly emails from us. You may get a flurry when you initially sign up so we can share things we hope you will like about us, or after you have done a course (eg some reminder emails we have developed to help you remember everything in a class – we will have mentioned these to you at a course and you can opt out at any time). After that you will usually get something relevant to where you are at in your training (or not yet) in the form of general updates, new classes scheduled, blog posts etc., as often as we get round to it, probable fairly dependant on how busy we are. Dotmailer (the emailing service I mentioned) does know whether or not you open them so we can see if what we write seems to be interesting or not. We have also begun to automatically email anyone who has not opened anything in a longer period of time and see if they still want to be subscribed to our email list. This GDPR time has been a helpful focus to find out that some of you have do not.
Again, you can unsubscribe at any time. We have no wish, amazingly, even before 25 May 2018, to email anyone who does not want to be in touch with us. Just let us know.
We do also, currently the record is about once a year, send out a newletter we call the Therapeutic Pulse. It takes a lot of time to put it together so it doesn’t happen all that often. But many of our customers say they really appreciate receiving it. We can only send it if we have your postel address so it is typically for anyone who has already done a course with us or given us their address for this purpose in the past. Again, of course if you don’t want to receive it then let us know.
We have a Facebook page, a Twitter, Instagram and Linkedin account. But you have to have signed up to them to see any of our posts and social media promotions. We do not make any record of who is using / interacting with us and do nothing with any of that possible data. I cannot speak for the apps themselves of course…………….. (isn’t that partly where all of this has come from? )
Your Right to be Removed:
Of course you can be removed from our email list or postal list at any point. Just let us know. What we cannot remove are details of money you have spent with us – HMRC want to know – but only for seven years right?
5. Sharing your Information
We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor do we sell any information about your web browsing activity.
6. Keeping your information safe
We take looking after your information very seriously. We password protect all digital information and have locks on filing cabinets for all files.
The transmission of information via websites is beyond our immediate control but we have done all that we can to ensure we have chosen providers that have all the apporpriate measures in place. If you have any concerns, please let us know.
Our websites may also contain links to other sites, primarily, therapists who have trained with us. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that these folk may collect personal information about you via a website or if you see them for treatments. Please be aware that this privacy statement does not cover the information practices of those websites.
7. Your rights
You have various rights in respect of the personal information we hold about you. If you wish to exercise any of these rights or make a complaint, you can do so by contacting us at 196 Surrenden Road, Brighton, BN1 6NN, by email at firstname.lastname@example.org or by phone on 0800 690 6966. You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office, https://ico.org.uk/
Request access to your personal information: You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making. You can make a request for access free of charge. Please make all requests for access in writing, and provide us with evidence of your identity.
WIthdraw consent: If you have given us your consent to use personal information (for example, for marketing), you can withdraw your consent at any time.
Change / Update: You can ask us to change or complete any inaccurate or incomplete personal information held about you.
Remove: You can ask us to delete your personal information where it is no longer necessary for us to use it, if you have withdrawn consent, or where we have no lawful basis for keeping it.
Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
So, in short, we are doing our best to comply to all the regulations and will continue to do so.