Any personal data provided by you to Counselling in Shropshire through any means (verbal, written, in electronic form, or by your use of our website) will be held and processed in accordance with the data protection principles set out in the Data Protection Act 1998 and the General Data Protection Regulation for the purposes for which you have given consent, and to provide the services you have requested from us.
Owner and Data Controller
The Old School
Owner contact email: firstname.lastname@example.org
Owner contact number: 07714 590133
The legal bases, we rely on for processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes: provision of Data is necessary for the performance of an agreement with the User and any pre-contractual obligations;
- Processing is necessary for compliance with a legal obligation to which the Owner is subject;
- Processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party;
Upon request, the Owner will help to clarify the specific legal basis that applies to the processing if there is any concern.
When do we collect your personal data?
On this application Personal Data is collected via the following methods:
- Completing forms on our website.
- Communicating with us by email.
- Automatically collected Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies.
What personal data do we collect?
Among the types of Personal Data that this Application collects, by itself or through third parties, we collect the following Personal Data from you:
- Identity Data may include your first name, last name
- Contact Data may include your email address and telephone number
- Technical Data may include your, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site.
- Usage Data may include information about how you use our website.
How and why do we use your personal data?
The Data is used to respond to your queries or questions about our services, as well as for the following purposes: analytics, SPAM protection and managing contacts and contacting the User.
We want to provide the best possible User experience for customers, and we use Data to allow us to offer to you information and services that are most likely to benefit you.
The Data privacy law allows this as part of our legitimate interest in understanding our clients and delivering the best possible service.
How we protect your personal data
We know how much Data security matters to all our clients. We will treat your Data with the utmost care and have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
Our website interaction with customers is secured using ‘https’ technology. We will notify you, and any applicable regulator of a breach where we are legally required to do so.
How long will we keep your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements.
Who do we share your personal data with?
We may at times share your Personal Data with third parties we work with (i.e. companies who look after and support our website).
Where your personal data may be processed
The Data is processed at the Owner’s operating offices, and in any other places where the parties involved in the processing are located.
At times we may need to share your Personal Data with third parties and suppliers outside the European Economic Area (EEA). If we do this, we will ensure your Data receives the same protection as if it were being processed inside the EEA.
Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield, which requires them to provide similar protection to personal data shared between the Europe and the US.
The rights of users
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used, and machine readable format and if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Details about the right to object to processing
Where Personal Data is processed for the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be free of charge and will be addressed by the Owner within one month.
Contacting the Information Commissioner’s Office (UK)
If you have any issue with how your Data has been handled or are not satisfied with the response you have received to any request, you have the right to lodge a complaint with the Information Commissioner’s Office by calling 0303 123 1113 or go online to www.ico.org.uk/concerns.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
Definitions and Legal References
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilised to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilised by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
The means by which the Personal Data of the User is collected and processed.
The service provided by this Application as described in the relative terms (if available) and on this site/application.
European Economic Area (or EEA)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Small piece of data stored in the User’s device.
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
Latest update: June 03, 2018