It is the policy of Anne-Marie Southcombe of Yoga Meon also known as Anne-Marie O’Halloran to collect, process and share your Data provided to me by you in order to carry out the services requested by you and any contact in relation to those services only. Your Data will not be used for any other purposes other than those explicitly stated in this policy or requested by you in your dealings with me.
- The Identity of the Controller.
You are hereby informed that the Data that you provide is collected, used, protected, processed and shared by Anne-Marie Southcombe also known as Anne-Marie O’Halloran
- Collection of Data
I may collect Data about clients, prospects and visitors.
Your Data are collected when you contact me via email, by phone, social media apps such as Facebook, Facebook messenger, Instagram or LinkedIn, when you fill in a registration form, when you use the contact form on my website, when you opt in to my Mailchimp mailing list, browse my website or place a booking for my services through Eventbrite.
Data I collect fall into the following categories:
- Identification information
- Contact information
- Health information
- Browsing information
These Data are gathered directly from you via registration form, email and phone, social media apps such as Facebook, Facebook messenger, Instagram or LinkedIn, Mailchimp mailing list, Eventbrite booking, contact form on website.
Browsing Data is collected via automated methods.
2.1 Information you provide
I process Data you provide directly to me. For example, I collect Data when you fill in a registration form, make an enquiry for my services, create a booking, use the services, participate in a class, workshop, course, event, private session or otherwise communicate with me.
The Data may include the following data as well as any other type of relevant information that I specifically request you to provide to me, such as:
- Date of birth
- Phone number
- Emergency Contact Name and phone number
- Basic health information such as physical injuries, medical concerns and pregnancy
- Any experience with yoga and meditation
- Browsing data
2.2 Data I collect automatically when you use my online services
When you access or use my website, or open a group email I automatically collect information about you:
- How I use Data
I may use information about you for the following purposes:
- Provide and deliver the service you request.
- To inform you of class changes or service updates directly relating to the service you have booked.
- Respond to your enquiries, questions, comments and provide customer service.
- Health and safety
- Emergency Contact
- Meet insurance company criteria
- Process transactions, payment data and accounting records
- Direct marketing
- Online browsing activity: Monitor and analyse trends, usage and activities in connection with the website, social media and mailchimp newsletter campaigns
How I use your Contact Information
A certain amount of personal data is collected by me at the time of booking. When booking either online, or on paper, you will be asked to sign a disclaimer. In doing so you are agreeing to your email, phone number or other contact information being used by me to inform you of class changes or service updates directly relating to the service you have booked and to provide you with customer service. You may, of course, decline to submit your email and phone number to me, which in some cases may mean that I am not be able to provide certain services to you.
A certain amount of basic health or medical information is collected by me at the time of booking for your health and safety. Health information is also used to tailor sessions to suit your individual needs.
Emergency Contact information is collected solely for use in an emergency. This information will only be shared with a third party in the context of an emergency.
A certain amount of personal data is collected by me at the time of booking for the purposes of meeting insurance company criteria. This data will be kept for a minimum of 7 years following the last occasion you availed of the services provided. In the case of minors, this data will be kept for a minimum of 7 years after they reach the age of majority (18 years old).
Please note that all information gathered by me either on paper or through an online booking process is treated as confidential and will not be shared with a third party. This information will be stored securely by me for the time determined by the insurance company.
Mailchimp Mailing List
Online Browsing Activity
Google analytics allows me to measure and learn in aggregate how my website is being used, and to see for example, which are the most popular pages. This will help me ensure I provide relevant information in an easily accessible format.
Google Analytics make available an opt-out mechanism and more information.
According to GDPR, each Data processing is performed on one of the following legal basis:
- Your consent
- Necessary for the performance of the service requested by you.
- Your vital interests
- Legitimate interests
- How I share your Data
- I will share your details with another service provider on your request.
- In response to a request for information if I am required by, or believe disclosure is required by, any applicable law, regulation or legal process, including in connection with lawful requests by law enforcement, national security, or other public authorities.
- The period of Data retention
My insurance provider requires me to retain all records for a period of 7 years following the last occasion you availed of the services provided. In the case of minors, records are kept for 7 years after their 18th birthday.
Email addresses are stored on mailing list until client unsubscribes.
6. Subject Access Request
Upon receiving a written request from you seeking Data transfer, I will provide a hardcopy copy of your original registration form with no alterations from the original. These will be handed in person based on proof of identity or send by registered post.
7. Data amendments
If you wish to alter any of your data, review how it is used or wish to request its return to you, please contact Anne-Marie on firstname.lastname@example.org
I am committed to taking appropriate measures designed to keep your Data secure. My technical, administrative and physical procedures are designed to protect Data from loss, theft, misuse and accidental, unlawful or unauthorised access, disclosure, alteration, use and destruction.
9. Your rights
Under the GDPR 2018 individuals have the significantly strengthened rights to:
- Obtain details about how their data is processed by an organisation or business;
- Obtain copies of personal data that an organisation holds on them;
- Have incorrect or incomplete data corrected;
- Have their data erased by the organisation, where, for example, the organisation has no legitimate reason for retaining the data;
- Obtain their data from an organisation and to have that data transmitted to another organisation ( Data Portability);
- Object to processing of their data in certain circumstances;
- Not to be subject to (with some exceptions) automated decision making, including profiling.
10. In the event of a Breach
Every precaution will be taken to avoid a breach of your Data, but if such a breach should occur, it will be documented , assessed as to its severity and appropriate action taken. The Data Protection Commisioner will be informed and An Garda Siochana will be contacted for assistance and you will be contacted to help you take steps to mitigate risks to yourself, if it is deemed a severe enough breach as to put you, your identity etc. at risk.
Updated: 23 May 2018