Brain Reframe Ltd believes it is important to protect your Personal Data (as defined in the Data Protection Act 2018 and the GDPR). This policy explains how we may collect Personal Data about you. It also explains some of the security measures we take to protect your Personal Data and outlines certain things we will and will not do. You should read this policy in conjunction with the terms and conditions.
When we first obtain Personal Data from you, or when you take a new service from us or attend any of our workshops or retreats, we will give you the opportunity to tell us if you would like or would not like to receive our e-newsletter containing information about our other services, workshops, retreats, interesting articles or hints/tips we think you may find useful. You normally do this by ticking a box on a consent form, or you may subscribe to our e-newsletter via the Website. You may change your mind at any time simply by clicking the unsubscribe link which will be clearly highlighted within each e-newsletter. Or you can write to: Brain Reframe Ltd, Nicholson House, 41 Thames Street, Weybridge, Surrey, KT13 8JG.
Some of the Personal Data we hold about you may be ‘sensitive personal data’ within the meaning of the Data Protection Act 2018 and the GDPR.
We may collect Personal Data about you from several sources, including the following:
1.1. From you when you agree to take a service from us or you attend one of our workshops or retreats, in which case this may include your contact details, date of birth, family, lifestyle & social circumstances, GP details and/or details pertaining to your physical and/or mental health.
1.2. From you when you contact us with an enquiry or in response to a communication from us, in which case, this may tell us something about your interest in and/or how you use our services.
2.1. Personal Data about our clients is an important part of our business and we shall only use your Personal Data for the purposes specified by us and for other compatible purposes, unless your consent is obtained or as required by law. We shall not keep such Personal Data longer than is necessary to fulfil these purposes.
2.2.1. To comply with safety regulations, your first name will be shared with the premises you are being treated at. No other information will be shared.
3.1. We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorised access, disclosure, copying, use or modification.
3.2. Any electronic devices where personal or sensitive, confidential information is held will be password protected. Individual documents stored electronically will also contain individual passwords.
4.1. Please remember that communications over the internet, such as emails and webmails (messages sent through a website), WhatsApp and Facebook Messenger are not secure unless they have been encrypted. For this reason, we request that you do not send private information to us via these communication methods. Doing so is allowed, but at your own risk. We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.
5.4.If you would like access to the Personal Data that we hold about you, you can do this by writing to us at the address noted above in 5.1. There may be a nominal charge of £10 to cover administrative costs if we feel that the requests are excessive. By law, there is no charge to cover the first request.
5.5.We aim to keep the Personal Data we hold about you accurate and up to date. If you tell us that we are holding any inaccurate Personal Data about you, we will correct it promptly. Please write to us at the address above to update your Personal Data. We may have a legal basis to continue to hold your data and will notify you if this is the case.
6.1. In the event of my death or sudden illness, my supervisor will contact existing clients and archive any client files in accordance with General Data Protection Regulations.