Data Protection and Privacy Policy

Introduction

We at The Mindful Massage understand that your personal data is entrusted to us and appreciate the importance of protecting and respecting your privacy. To this end, we comply fully with the UK data protection laws in force. This Data Protection and Privacy Policy sets out the basis on which we collect and process personal data about you, including our practices regarding the collection, use, storage and disclosure of personal data that we collect from you and/or hold about you, and your rights in relation to that data.

Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website or other online or digital platforms, you are accepting or consenting to the practices as described or referred to in this Privacy Policy.

Under Data Protection Laws, the data controller is The Mindful Massage, with a registered address at 12 Marchlyn Crescent, Ingleby Barwick, Stockton-on-Tees, TS17 5DP.

About Personal Data and Special Category Data

Personal Data is information that relates to an identified or identifiable individual. Some basic examples are your name, home address or email address.

The UK Information Commissioner’s Office (ICO) defines some categories of data as being sensitive in nature. This is called Special Category Data and must be stored, handled and used with additional care. Information about someone’s health is Special Category Data.

Your Personal Data and Special Category Data

Why We Collect Your Personal and Special Category Data

The lawful basis for us collecting your personal and special category data is our legitimate interest in making sure we provide a safe and effective service to you while complying with our legal and regulatory responsibilities.

When you register and become a client of The Mindful Massage, you consent to us storing and processing your personal and/or special category data to provide you with our services.

When We Collect Your Personal Data

If you choose to enquire about or engage our services, we might ask you to provide some personal data. We collect this information so we can provide our services to you in a safe, effective and responsible way.

We may collect personal data about you if you:

Visit our website or participate in interactive features on our website;
Enquire about any of our services or therapies;
Register with us to become a client or book to receive any of our services or treatments;
Fill in a form or survey for us;
Participate in a competition or promotion, or other marketing activity;
Contact us—for example, by email, telephone or social media.

The Personal Data We May Collect

When you register as a client of The Mindful Massage, attend an appointment, receive a service or make enquiries, we may request information from you, such as:

Your name, address and contact details (including email address and phone number);
Details of referrals, quotes and other contact and correspondence we may have had with you;
Details of services or treatments you have received from us;
Notes about your health and any other services or treatment you have received;
Information obtained from our customer surveys, promotions and competitions that you have entered or taken part in;
Client feedback you might choose to provide;
Information about complaints and incidents;
Information you give us when you make a payment to us, such as financial or credit card information.

We may also request information from you, including that relating to your health. Such information is classified by the UK’s Information Commissioner’s Office (ICO) as Special Category Data because it is sensitive in nature. We take special precautions to ensure that this, and indeed all your information, is stored securely and seen and used only by authorised people. By providing us with Special Category Data, you give us your consent to process it for the purposes set out in this Privacy Policy.

How We Use Your Personal Data

Your personal data will be kept confidential and secure and, unless you agree otherwise, will only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy and applicable Data Protection Laws.

To Provide You with Service

As part of the booking process, we may use your contact information to send you reminders about an upcoming appointment.

In addition, we use your information to:

Inform and guide you regarding suitable products, massages and therapies;
Provide and perform the best possible professional massage and complementary holistic therapy treatments for you;
Ensure it is safe for you to receive these treatments.

We may also use your personal information for internal purposes, such as to:

Provide you with information, products or services that you request from us;
Enable us to carry out our obligations to you relating to the provision by us of services or treatments to you and related matters such as billing, accounting and audit, credit or other payment card verification and anti-fraud screening;
Notify you about changes to our products or services;
Review and analyse the services we offer for effectiveness and safety, and research new services to provide our clients;
Respond to requests where we have a legal or regulatory obligation to do so.

If necessary, and with your explicit consent, we may share your personal information with your GP as part of our legal, regulatory and ethical responsibilities for your health and safety.

Information and Marketing

We might also, but only with your explicit consent, use your personal contact data to send you information about our products, services, and offers via mail, email, phone, or text message.

If you later decide you no longer wish to receive this information, you can opt out at any time by contacting us by email, text message, phone or by using the Unsubscribe link in our emails.

We will not give or sell your personal information to third parties for marketing purposes.

How We Protect Your Personal Data

We take the security of the personal information you provide us with very seriously.

We store your personal data electronically, using computer systems with restricted access kept in locations protected by physical security measures. This includes electronic data stored on third-party systems, with access limited to The Mindful Massage employees and designated support staff only. Our computer systems are encrypted to help guard against unauthorised access, and backed up to prevent data loss.

We may also store some personal data in hard copy form. Such paper copies are retained and stored securely, and are accessible only to our employees and designated support staff.

At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you recognise and accept this and do so at your own risk.

Integrity and Retention of Personal Information

We endeavour to keep your personal information accurate, complete and up to date. We will review your information with you from time to time so that both of us can be sure it is up to date.

Providing our services means we have obligations to retain certain recorded information for specific periods — for example, for insurance purposes. We will therefore retain your personal information to provide the requested services to you and thereafter only for as long as required by law or regulation.

Disposal of Your Personal Information

Your personal information that we hold will no longer be considered ‘relevant’ when:

It is superseded by more up-to-date records — for example, by completing a new Client Consultation Form because of significant health changes; or
You inform us you will no longer be using our services; or
Twelve months have elapsed since your latest booking and treatment; in that case, we will assume you will no longer be using our services.

When the personal information we hold for you is no longer ‘relevant’, we will:

Archive any we are required to keep for specific lengths of time — for example, for insurance purposes, we are required to retain particular details for 7 years;
Dispose of your remaining personal information — including any relating to our Loyalty Scheme (see below);
Dispose of your archived personal information after its retention period has passed.

When disposing of your personal information, we will do so securely.

Disposing of Loyalty Scheme Records

The records we keep to operate our Loyalty Scheme contain information about you. This means they will be disposed of if you no longer use our services — either by informing us, or by allowing 12 months to elapse since your last appointment and treatment. Any reward massages you have accrued will be lost, as will the count of any paid-for massages toward your next reward massage.

If you subsequently return to using our services, we will consider you a new customer and enrol you in the Loyalty Scheme with a starting balance of zero.

Disclosure to Third Parties

We may use third-party service providers to store your information and use technology to provide our services to you in the most efficient and safe way. For example, we might use electronic booking management software to plan appointments, which involves storing your information on third-party systems.

Any third parties that store your information can access it only for support purposes. Further access is only available to our employees and support staff. In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make it available to third parties to protect your ‘vital interest’ (i.e., your life or your health).

On rare occasions, it may be necessary — by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence — for us to disclose your personal information. We may also disclose information about you if we determine that, for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

Additionally, in the event of a reorganisation, merger or sale of our business, we may transfer any personal information we collect to the relevant third party.

Your Rights to Access and Update Your Information

Under UK law, you have certain rights regarding the personal data we hold about you. In addition to your right to stop marketing, detailed above, here is a short overview of the most commonly used rights. It is not an exhaustive statement of the law.

With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data we hold about you. This is usually provided free of charge and supplied within 30 days.
You have the right to have the personal data we hold about you corrected if it is factually inaccurate. If any of your personal data has changed — especially contact information such as your email address, postal address, or phone number — please let us know so we can keep it up to date.

If you want to exercise your rights regarding your personal data, the best way to do so is to contact us by email or in writing, as described below. To protect your privacy, we may ask you to verify your identity before we take any steps in response to such a request.

Any Questions?

If you have any questions or concerns about our Privacy Policy or how we process your data, please get in touch with us.

We are committed to protecting and respecting your privacy.

How to Contact Us

You can contact The Mindful Massage:

By email: trevor@themindfulmassage.co.uk
By phone: 07584-133785‬
By writing to: The Mindful Massage, 12 Marchlyn Crescent, Ingleby Barwick, Stockton-on-Tees, TS17 5DP

If you are making a formal request regarding your personal data, please get in touch with us by email or in writing so your request may be logged appropriately and audited.

Changes to our Privacy Policy

We keep our Privacy Policy under regular review and may amend it from time to time without notice. As a result, we encourage you to review this Privacy Policy periodically.