This Privacy notice concerns how your personal data is recorded, processed and stored by Emily’s BH Fitness Classes. The Data Protection Act 1998 is being replaced with the General Data Protection Regulations (GDPR) which comes into effect on 25th May 2018.
So why is this important?
This is important for you as this is about why, how we record, store and process your personal data. Processing personal data refers to how this information about you is collected, recorded, organised, stored and destroyed. We are confident that your data is being cared for responsibly and in accordance with the law.
1) Lawfulness, fairness and transparency principle
- Data Controller: Emily Watson contactable via firstname.lastname@example.org or 07736 314 276
- Legitimate interest: refers to why we collect your personal data. This allows us to collect relevant medical data that may influence how you are instructed during classes and other sessions. We never collect more data than is required to complete our role as your fitness instructor.
- Data Processing: refers to the type of data we record. This will include your name, address, email and contact phone numbers and a next of kin. You can apply of copies of your details by written request. We will reply within 1 month from the receipt of the request.
- Consent: with your consent, we are able to contact you to remind you of private sessions etc. Your information will never be used beyond the boundaries of our scope of practice, with the exception of Article 9 Vital Interests, where your medical and contact details may be used in the case of an emergency situation, especially a life or death situation. Consent can be withdrawn in writing at any time.
- Contract: by agreeing consent, you enter into a data contract with the Emily Watson allowing your data to be recorded, processed and stored in accordance with the GDPR.
- Data storage: your data is recorded on paper, and stored in a locked facility within a secure locked premise. Your records will move from this location to the classes where only the data controller has access to your records. Your data will then return to the locked secure facility with the data controller at the end of the session.
- Data retention period: Your data is only stored as long as necessary. If you do not attend a class for 1 year then your data will be erased/destroyed.
- Data Erasure: in accordance with the legal requirements of holding medical data (see above), your data can be requested for erasure in writing to Emily Watson.
- Individuals Rights: these are your individual rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- And the right not to be subject to automated decision making including profiling
Purpose Limitation Principle
We cannot and shall not share your data for marketing purposes.
Data Minimisation Principle
We shall never ask for more data than is required to carry out the duty of care to you as our client, allowing us to do our job.
Information stored shall be accurate and up to date. Any changes to personal details should be reported to the Data Controller (Emily Watson).
Integrity and Confidentiality Principle
This refers to the protection of your personal data from unauthorised or unlawful processing and against accidental loss, destruction or damage of your data.
We use websites such as Vimeo and YouTube to embed videos on our websites and you may be sent cookies from them via our site. Please look at the cookie and privacy policies on these third party sites if you want more information about this.
As some of these third party services may be based outside of the UK and the EU they may not fall under the jurisdiction of UK courts.
What is a Cookie?
A cookie is a piece of information in the form of a very small text file that is placed on an internet user’s hard drive. It is generated by a web page server, which is basically the computer that operates a website. The information the cookie contains is set by the server and it can be used by that server whenever the user visits the site. A cookie can be thought of as an internet user’s identification card, which tell a website when the user has returned.
If you feel that your data is being mishandled you have the right to complain. Complaints must be addressed in writing to Emily Watson. If you feel that this is not satisfactory, you have the right to complain to the Information Commissioners Office.