Privacy, Security & Cookies Policy

This privacy policy is for the website theholisticdoctor.co.uk and served by The Holistic Doctor who is committed to safeguarding your privacy and governs the privacy of those who use it. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website.

Policy key definitions:

  • “I”, “our”, “us”, or “we” refer to the business, The Holistic Doctor .
  • “you”, “the user” refer to the person(s) using this website.
  • GDPR means General Data Protection Act.
  • PECR means Privacy & Electronic Communications Regulation.
  • ICO means Information Commissioner’s Office.
  • Cookies mean small files stored on a users computer or device.

Processing of your personal data

We promise to follow the following data protection principles:

  • Personal information must be fairly and lawfully processed
  • Personal information must be processed for limited purposes
  • Personal information must be adequate, relevant and not excessive
  • Personal information must be accurate and up to date
  • Personal information must not be kept for longer than is necessary
  • Personal information must be processed in line with the data subjects’ rights
  • Personal information must be secure
  • Personal information must not be transferred to other countries without adequate protection

Your individual rights

Under the GDPR your rights are as follows:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

You also have the right to complain to the ICO (www.ico.org.uk) if you feel there is a problem with the way we are handling your data.

We handle subject access requests in accordance with the GDPR.

Data we gather

Information you have provided us with

When a visitor requests information from this website using our enquiry form, we collect their name, email address, optionally their phone number and non-personally identifiable information about the request which includes the IP address of the computer making the request and the time and date of the request.

When you make a booking through this website, we’ll ask you to provide information including your name, email address, phone number, gender age and other personal and mediaal information to provide background for your consultation. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors, for more information, see below.

Information automatically collected about you

When a visitor accesses this website, we automatically collect certain non-personally identifiable information about the request. This information is stored by cookies and other session tools. This information includes the IP address of the computer making the request and the time and date of the request, the type of web browser being used, and, sometimes, the page from which the visitor is coming. The information does not contain the visitor’s name or email address.

How we use your personal data

We use your Personal Data in order to:

  • answer any queries and questions that you may have.
  • provide you with our services.
  • enhance your customer experience.
  • fulfil an obligation under law or contract.

We use the following lawful bases in order to process your personal data:

Consent

You explicitly give your consent to a specific kind of processing of your personal information.

With your consent we process your personal data:

  • To answer any specific queries or questions
  • To make and prepare for an appointment for a consultation
  • For other purposes we have asked your consent for

You can at any time request that your personal information is deleted.

We will continue to process your information until you withdraw consent or it is determined your consent no longer exists.

Your personal data under the consent lawful basis is not shared with any third parties.

Contract

On the basis of contractual necessity, we process your personal data for the following purposes:

  • Supplying you with a quote or estimate
  • To communicate with you in providing our services
  • To communicate either for sales or invoicing

We keep your information while you are our customer and afterwards for a variety of reasons. We will only keep it for as long as we need to.

Legal obligation

The processing of the personal data is required for legal reasons (e.g., accounting and tax purposes).

On the basis of legal obligation we process your personal data on the basis in order to fulfil obligation rising from law and/or use your Personal Data for options provided by law.

We reserve the right to anonymise personal data gathered and to use any such data. We will use data outside the scope of this Policy only when it is anonymised.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it.

Additional purposes

We might process your personal Data for additional purposes that are not mentioned here, but are compatible with the original purpose for which the data was gathered. To do this, we will ensure that:

  • The link between purposes, context and nature of Personal Data is suitable for further processing
  • The further processing would not harm your interests and
  • There would be appropriate safeguard for processing

We will inform you of any further processing and purposes.

If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.

Children

We do not intend to collect or knowingly collect information from children. We do not target children with our services.

Cookies we use

We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.

Some cookies are required to enjoy and use the full functionality of this website.

You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

Cookies that we use are:

Name

Domain

Description

Expiration

PHPSESSID theholisticdoctor.co.uk A cookie used to store a unique ID for the current session on the website. When browser is closed
viewed_cookie_policy theholisticdoctor.co.uk This cookie is set to ‘yes’ when you click on the “Accept” button that is contained in the message in the footer warning you about the website using cookies. Once set the message no longer appears. 1 year
_ga theholisticdoctor.co.uk We use Google Analytics to monitor traffic levels, search queries and visits to this website. These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Full details of the cookies that Google Analytics uses can be found in Cookies & Google Analytics in documentation for Google’s Analytics tracking code. 2 years
_gat 30 minutes
_gid 24 hours
__utmc When browser is closed
__utmz 6 months

Data security and protection

We do our best to keep your personal data safe.  We use safe protocols for communication and transferring data (such as HTTPS). We use anonymising and pseudonymising where suitable. We monitor our systems for possible vulnerabilities and attacks.

Even though we try our best we can not guarantee the security of information. However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

If you have an account with us, note that you have to keep your username and password secret.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Transparent Privacy Explanations

We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.

Data shared with other parties

We sell our services through this websites. In that case, we use third-party services for processing the sales and payments.

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

The payment processors we work with are:

Contact information

Questions, comments and requests regarding this privacy policy are welcomed and you can either send an email to: johnmoranholistic@gmail.com or use the enquiry form on our contact page.

Changes to this Privacy Policy

We reserve the right to make change to this Privacy Policy.
Last modification was made 25th May 2018.