- questions, queries or feedback you leave, including your email address if you contact us;
- your email address when you sign up to our mailing list;
- your IP address, geographical location, browser type, referral source, length of visit, number of page views and other indicators; and
- information on how you use the site, using cookies including Google Analytics, Facebook Pixels and page tagging techniques. This helps us to improve the website, although you can opt out with your browser.
This data can be viewed by authorised people on the Heart + Hara Massage Therapies team and our suppliers, to:
- improve the site by monitoring how you use it;
- gather feedback to improve our services, for example, our communications and use of third-party services, e.g. Eventbrite, Facebook, etc.;
- respond to any feedback you send us if you’ve asked us to; and
- send emails to users about our services.
We will not sell this information or give it away unless required by law.
This website is operated by Heart + Hara Massage Therapies. We are committed to protecting and respecting your privacy.
This policy (together with our cookies policy) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Act 1998 (“Act”) Heart + Hara Massage Therapies (‘we’, ‘us’ or ‘Heart + Hara Massage Therapies’) are the data controller.
What personal information may be collected from you?
What is personal data?
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, gender and contact details. Personal data may contain information which is known as special categories of personal data. This may be information relating to and not limited to, an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to sexual orientation.
In order for us to provide holistic and complementary therapies and related services for you, we may collect and process personal data about you. We may also collect your personal data where you request information about our services, customer events, promotions and campaigns.
You may provide us with personal data when completing online contact forms, when you contact us via the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.
We may share personal data with authorised third parties only where we are required to do so by law or for regulatory or statutory purposes.
We may collect, store and use the following kinds of personal information:
- personal data such as an individual’s name, address, date of birth, gender, contact details
- special categories of personal data (health)
- information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters;
- if you contact us, we may keep a record of that correspondence;
- we may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
- information we gather on social media (including, but not limited to, Facebook, LinkedIn and Twitter);
- feedback from you about our website and our products and services generally;
- any other information that you choose to send to us.
If you object to the collection, sharing and use of your personal data we may be unable to provide you with our products and services. For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
If you require further details on how we collect personal data and with whom we share data with, please contact us by e-mailing firstname.lastname@example.org.
Information collected automatically
We collect information about your visit to our site, including what pages you view, the number of bytes transferred, the links you click, the materials you access and other actions taken within our site. We may combine this information with your personal information to and use the combined information in accordance with this privacy statement. We also collect certain standard information that your browser sends to every website you visit, such as your Internet Protocol (IP) address, your browser type and capabilities and language, your operating system, the date and time you access the site and the website from which you linked to one of our sites. We do not combine this standard information with other personal information.
16 or Under
If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
How will we use information about you?
We may use your personal information to:
- administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- provide you with information about Heart + Hara Massage Therapies offers and services that you request from us or which we believe may be of interest to you, where you have consented to be contacted for such purposes. You have the right to ask us not to process your personal information for marketing purposes and if at any time you wish to opt out of such use then you may contact email@example.com;
- send statements and invoices to you;
- send you general (non-marketing) commercial communications;
- send you email notifications which you have specifically requested;
- deal with enquiries and complaints made by or about you relating to the website;
Where do we store your personal data?
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site: any transmission is at your own risk. Once we have received your information, we will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
When you sign up to our newsletter
We use a third-party email service, MailChimp, to manage our list of subscribers and email communications to you and MailChimp act as a data-processor on behalf of Heart + Hara Massage Therapies.
MailChimp is a US company and has staff based outside the EEA, and stores your data in the US. MailChimp is certified under the EU-US Privacy Shield framework. When you sign up to our email alerts, you agree to your data being stored in this way.
As a subscriber to our newsletter, we may contact you from time to time to ask for your feedback on how to improve our email alert service.
As a data processor on behalf of Heart + Hara Massage Therapies, MailChimp will use your information to send you email alerts if you request them. You can find out more about how MailChimp collects and stores your information.
How do we protect your personal information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We also use an SSL certificate to ensure that your privacy is protected while visiting our website. An SSL certificate (also known as HTTPS) is a layer of protection between our website and your browser. Short for Secure Sockets Layer, an SSL is used to encrypt potentially sensitive information like the input fields in a contact form.
How long do we keep your personal data for?
It is a condition of our Insurance Policy to take and retain client records. The policy wording notes:
The records shall be kept for at least 7 years following the last occasion on which treatment was given. In the case of treatment to minors, it is advisable that records should be kept or at least 7 years after they reach the age of majority (18).
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties beyond the Heart + Hara Massage Therapies network for marketing purposes.
Third Party Service Providers working on our behalf
We may pass your information to our third party service providers, agents subcontractors and other associated organisations (e.g. hosting website, web agency, etc.) for the purpose of completing tasks and providing services to you on our behalf (e.g. to send you mailings or check web analytics). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have an agreement in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond the Heart + Hara Massage Therapies network for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
- to the extent that we are required to do so by law;
- in connection with any legal proceedings or prospective legal proceedings; in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and
- to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.
What are cookies and why do we use them?
What are your rights?
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for regulatory and other statutory purposes.
We will usually inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the form(s) we use to collect your data. You can also exercise the right at any time by contacting us using one of the following methods:
- by email at firstname.lastname@example.org;
- by telephone on 07887 484 843, Monday to Friday (except public/bank holidays) between 9am and 5pm]; or
- by post at 25, Stamperland Drive, Clarkston, Glasgow. G76 8HD
You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 0303 123 1113.
Third Party Websites
Our website may, from time to time, contain links to and from the websites of our partner networks. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Additional services used by, but not controlled by Heart + Hara