At The Practice Rooms, we understand that we have a responsibility to protect and respect your privacy and look after your personal data.
This Privacy Notice, inclusive of our General Terms and Conditions, explains what personal data we collect, how we use your personal data, reasons we may need to disclose your personal data to others and how we store your personal data securely.
Our policy complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR).
For clarity, The Practice Rooms may be both data controller and data processor for your personal data under certain circumstances. In this document, "we", "our", or "us" refer to The Practice Rooms.
We must advise that this policy is subject to change, so please check our website on a regular basis for any further changes.
The Practice Rooms provides therapeutic rooms for talking and holistic therapists to rent on an ongoing basis. The Practice Rooms have centres across the UK.
The Practice Rooms have a registered address at 141 Englishcombe Lane, Bath, BA2 2EL.
Our company number 7311013.
Data protection laws state that we are only able to process personal data if we have valid reasons to do so. The basis for processing your personal data includes, but is not limited to, your consent, correspondence of a membership contract, to enable billing and remittance, and to contact you for customer service purposes.
We collect personal data in the following ways:
During initial enquiries, the personal data that we may collect from you may includes your name, email address, phone numbers, and professional background. We collect the data you have given to us in order to reply with the information you need.
We record your request and our reply in order to increase the efficiency of our business.
When joining as a member of The Practice Rooms, we may also collect from you your home/work address, website and copies of your qualification certificates, insurance certificate, and professional membership.
Whether correspondence is from initial enquiries, or ongoing membership, we record personally identifiable information associated with any correspondence we have with you so as to be able to track our communications with you to provide a high quality service.
Once a member, your ongoing monthly direct debit is set up through GoCardless and used according to our instructions. We do not ever have access to this sensitive personal information. Should you ever send your bank details directly to us, the information is passed on and the correspondence is then deleted immediately.
We use information about you in the following ways:
Personal data collected from initial enquiries may be stored for up to 1 years so as to be able to affectively respond to you should you contact us again.
We will keep your personal data for the duration of the period you hold a membership contract with The Practice Rooms. We shall retain your data only for as long as necessary in accordance with applicable laws.
On ending your membership, we may keep your data for up to 1 years. We may keep it for research or statistical purposes. We assure you that your personal data shall only be used for these purposes stated herein.
We may not be able to delete your data before this time due to our legal and/or accountancy obligations.
Your personal data is stored on a secure online database which is accessible to everyone working for of The Practice Rooms. This is inclusive of all Practice Managers, General Management, Head Office staff, and the Director of The Practice Rooms.
We follow accepted ISO standards to store and protect the personal data we collect, including the use of encryption if appropriate.
Personal information is stored on an online database called Highrise. All data is encrypted via SSL/TLS when transmitted from servers to browsers. The database backups are also encrypted.
Although personal information is stored on this database, Highrise does not share that data or generally know what type of data being store. The data is only used by the account owner and invited users as we intend to use it.
For membership fee payments by Direct Debit, the information you provide us is held by GoCardless and used according to our instructions. We do not ever have access to this sensitive personal information.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping the password confidential. We ask you not to share a password with anyone.
For the avoidance of doubt, we do not and never shall sell your personal data to third parties for marketing or advertising purposes.
We may pass your personal data to third parties for the provision of services on our behalf (for example processing your payment). However, we will only ever share information about you that is necessary to provide the service and we have specific contracts in place, which ensure your personal data is secure and will not be used for any marketing purposes.
We may share your personal data if we are under a duty to disclose data in order to comply with any legal obligation or to protect the rights, property, or safety of The Practice Rooms, our customers, or others. This includes but is not limited to exchanging information with other companies and organisations for the purposes of fraud protection, credit risk reduction and dispute policies. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our contractual obligations with you. It may also mean that we shall be unable to provide our services or process the cancellation of your service.
You have the right to object to our use of your personal data, or ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as your right to be forgotten. There may be legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly.
Our Privacy Notice shall be made clear to you at the point of collection of your personal data.
We will not contact you for marketing purposes unless you have given us your prior consent.
You must maintain the accuracy of your information and ensure all your details, including but not limited to, name, address, phone number, e-mail address and payment details are kept up to date at all times. You must do this by contacting your Practice Manager or by e-mailing firstname.lastname@example.org.
You have the right to access the information we hold about you. Please email your requests to email@example.com so that we can obtain this information for you.
At any time you may review or update or request that we remove personally identifiable information that we hold about you. To obtain a copy of any information you may send us a request at firstname.lastname@example.org.
After receiving the request, we will tell you when we expect to provide you with the information. This will be within one month of the request.
When we receive any request to access, edit or delete personal identifiable information we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.
Cookies are small text files that are placed on your computer's hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved.
Some cookies may last for a defined period of time, such as one day or until you close your browser. Others last indefinitely.
Your web browser should allow you to delete any you choose. It also should allow you to prevent or limit their use.
We use the following cookies:
These cookies are used in the following ways:
We agree to take reasonable measures to protect your data in accordance with applicable laws.
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
Please e-mail any questions or comments you have about privacy to us at email@example.com
If a dispute is not settled then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration.
If you are in any way dissatisfied about how we process your personal information, you have a right to lodge a complaint with the Information Commissioner's Office. This can be done at https://ico.org.uk/concerns/
Information Commissioner's Office
Tel: 0303 123 1113