Our Privacy Principles
When we collect and keep your personal information we look after it correctly and use it in accordance with the Data Protection Act 2018 and GDPR.
This means that you have:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights in relation to automated decision making and profiling.
We do this by keeping the least amount of information needed by us to give you good service, only use it for this purpose and keep the information securely.
If you have any questions, please do get in touch with our Data Controller, James Lamper at WeightMatters Ltd firstname.lastname@example.org or telephone 020 7622 7727.
We may change this policy from time to time and we suggest that you regularly check this page to ensure that you continue to be comfortable with the measures that we are taking to protect your privacy. This policy is updated on 24th May 2018 to comply with the new Data Protection Legislation, the Data Protection Act 2018 and GDPR.
Who we are
How do we collect your personal information?
What information do we collect?
We collect your IP Address, this is a string of numbers unique to your computer that is recorded by our web server when you request any page or component on the Website. This information is used to monitor your usage of the Website. We collect your contact and marketing preferences.
Your Personal Information is stored on the secure HubSpot and Kashflow systems. Sensitive Personal information is kept in password protected files on the WeightMatters cloud storage.
For definition of Personal Information and Sensitive Personal Information see here.
How do we use personal information?
We will use your information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us
- to notify you about changes to our service
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer
- to allow you to participate in interactive features of our service, when you choose to do so
- as part of our efforts to keep our site safe and secure
- to operate our business efficiently including financial records
- to deliver marketing communications
What legal basis do we have for processing your personal data?
The legal grounds we have for processing your data are:
- Consent and Legitimate Business Interest where you indicate an initial interest in WeightMatters and engage in Therapy with us.
When do we share personal data?
WeightMatters will treat personal data confidentially and only share when necessary to provide our services or conduct our business operations, as outlined in our purposes for processing. We will share your information with specific colleagues in WeightMatters to provide your treatment. We may share your information with other professionals, such as GP, with your knowledge and permission.[/section]
Where do we store and process personal data?
We store your data on cloud-based systems that adhere to the GDPR. We may process your data outside of the European Area, however we only do this in countries that match or exceed EU Data Protection requirements.
How do we secure personal data?
We secure your personal data through physical and electronic means and ensure all WeightMatters colleagues and associates receive regular training on Data Protection.
How long do we keep your personal data for?
WeightMatters Ltd will keep basic records and clinical notes for 3 years after the end of therapy, or when we last hear from you. Notes will then be confidentially destroyed. The exception to this is in the case of some health records which are exempt from erasure.
Your rights in relation to personal data
You have the right to ask to see the information we hold about you, please ask your therapist and you can view it in a session. You can ask us to change any information that we hold about you that is incorrect. You have the right to ask us to delete information that I hold about you, which we will do save for that which we have a legal obligation to keep – for example, exempt health records.
If you wish to complain about how we handle your data, in the first instance please contact me, James Lamper who is the Data Controller at WeightMatters Ltd. Data Protection Registration reference: Z3254568. If your complaint is not resolved to your satisfaction you can contact the Information Commissioners Office https://ico.org.uk/concerns/handling/ or 0303 123 1113.
How to contact us?
Contact your therapist or the Data Controller at WeightMatters at
21 Wimpole Street
London W1U 1 PJ
Tel 020 7622 7727
30th July 2018