Who we are
Our Website: http://freedom2heal.co.uk
Media
In this subsection you should note what information may be disclosed by users who can upload media files. All uploaded files are usually publicly accessible.
Cookies
Google Site Kit is used to improve site performance and customer access under their https://policies.google.com/privacy
Analytics
By default, WordPress does not collect any analytics data. However Google Site Kit is used to improve site performance and customer access using some anonymous analytics data. https://policies.google.com/privacy
What personal data we collect and why we collect it
Contact forms
use this subsection to note what personal data is captured when someone submits a contact form, and how long you keep it. For example, you may note that you keep contact form submissions for a certain period for customer service purposes, but you do not use the information submitted through them for marketing purposes.
Data Protection and Retention Policy
This document sets out how Freedom 2 Heal retains personal data obtained whilst engaged with clients as part of the delivery of services through Freedom 2 Heal. For the purposes of this document “the Client” shall be known as the person who receives services provided by Freedom 2 Heal. This includes a private individual or an employee of a company. The following conditions apply:
1. Collection of Personal Data
Freedom 2 Heal is committed to processing and storing data in accordance with General Data Protection Regulations 2016 (GDPR). Only relevant personal information will be stored. Freedom 2 Heal will also process and store health information which falls within special categories of data (SCD). This data is held with the client’s explicit consent. ‘Explicit consent’ is not defined in the UK GDPR, but must meet the usual UK GDPR standard for consent. In particular, it must be freely given, specific, affirmative (opt-in) and unambiguous, and able to be withdrawn at any time.
In order to deliver services, it is necessary for Freedom 2 Heal to collect the following personal information about Clients:
· First name
· Surname
· Telephone number
· GP and other health care professional contact
· Emergency Contact
· Family situation or relationship status
· Occupation
· Details of the issue/concern you want help and support with
· Therapies that you have tried previously
This data is collected via direct communication with the Client either face to face or online (via email or social media platforms including Facebook, Instagram and LinkedIn).
2. Purpose of Collection of Personal Data
The personal data held about a Client is captured in order to deliver services agreed by the Client. Only necessary data will be collected and Freedom 2 Heal commits to not collect data for the sake of collecting data. The data required for delivery of services includes:
· Forename – allows the Client to be formally recognised as themselves during engagement with services
· Surname – allows the Client to be formally recognised as themselves during engagement with services
· Telephone number – allows Freedom 2 Heal to contact the Client to make arrangements for the agreed services in addition to conducting said services at the agreed time
· Email – allows Freedom 2 Heal to send appropriate information to the Client (such as contracts, agreements, invoices, receipts and booking confirmations) in order to conduct services professionally. In addition, it may be necessary to run sessions remotely via Zoom and an email address is required to do so
· GP and other health care professional contact – In case emergency or as outlined in section 4 of this document.
· Emergency Contact – In case emergency or as outlined in section 4 of this document.
· Family situation or relationship status – To understand the clients support network and situation.
· Occupation – This will help understand the situation of the client.
· Details of the issue/concern you want help and support with – To deliver Therapy.
· Therapies that the client has tried previously – To help tailor the sessions to the client.
3. Storage of Personal Data
Freedom 2 Heal is committed to safeguarding the privacy of Clients. Therefore, the limited personal information gathered is stored securely and electronically in accordance with the Data Protection Act 2018. Specifically, data is stored within a password protected laptop; password is of high strength and changed regularly as stipulated by Information Security best practice. Any physical notes taken during sessions are kept securely in a locked cabinet in my residential home. In addition, data is stored in the contacts section of a mobile device that is password protected to the highest category. The passwords are not shared with anyone nor are they written down.
4. Confidentiality
Freedom 2 Heal will not pass any Client information on to any third parties and will not disclose any Client information to anyone without prior written consent from the Client with the exception of disclosure of risk to the client or others. In this case, Freedom 2 Heal are legally obliged to inform relevant parties which may include but are not limited to your GP, medical professional or emergency contact.
5. Emails
All email correspondence with the Client or representatives of the company of the Client will be stored electronically in accordance with the Data Protection Act 2018. Copies of the emails will be deleted no later than 7 years after we cease contact.
6. Deletion of Personal Data
As set out by the Information Commissioner’s Office (ICO) a business can set their own deadlines for deletion of personal data. Therefore, Freedom 2 Heal commits to deleting the limited personal information held about the Client no later than 7 years after they cease contact with Freedom 2 Heal. This includes the deletion of data contained electronically and on the mobile device. The data must be kept this duration of time in order to meet legal and regulatory requirements for government bodies.
7. GDPR Considerations
Freedom 2 Heal is and will continue to be registered with the ICO as an ICO Data Controller.
The Client is entitled to individual rights under GDPR. Should they wish to exercise their rights they should do so in writing to dataprotection@freedom2heal.co.uk
8. Data Breaches
If a data breach occurs, Freedom 2 Heal commits to investigate the breach fully and take actions to mitigate the breach. Freedom 2 Heal will notify the ICO within 72 hours of the breach in order to manage the risks to the rights and freedoms of the data subject. In addition, Freedom 2 Heal commits to notify the data subject if there is a risk to their rights or freedoms without undue delay.
If you have any questions about the content of this policy, please contact dataprotection@freedom2heal.co.uk