top of page

Data Protection and Privacy Policy

Introduction

We at The Mindful Massage understand that your personal data is entrusted to us and appreciate the importance of protecting and respecting your privacy. To this end we comply fully with the data protection law in force in the UK (“Data Protection Laws”). This Data Protection and Privacy Policy sets out the basis on which we collect and process personal data about you including our practices regarding the collection, use, storage and disclosure of personal data that we collect from you and/or hold about you, and your rights in relation to that data.

 

Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website or other online or digital platforms you are accepting or consenting to the practices as described or referred to in this Privacy Policy.

 

For the purpose of Data Protection Laws, the data controller is The Mindful Massage, with registered address at: 12 Marchlyn Crescent, Ingleby Barwick, Stockton-on-Tees, TS17 5DP. 

 

About Personal Data and Special Category Data

Personal Data is information that relates to an identified or identifiable individual. Some basic examples are your name, home address or email address.

The UK Information Commissioner’s Office (ICO) defines some categories of data as being sensitive in nature. This is called Special Category Data and must be stored, handled and used with additional care. Information about someone’s health is Special Category Data.

Your Personal Data and Special Category Data

 

Why We Collect Your Personal and Special Category Data

The lawful basis for us collecting your personal and special category data is our legitimate interest in making sure we provide a safe and effective service to you while complying with our legal and regulatory responsibilities.

 

When you register and become a client of The Mindful Massage you are consenting to us storing and processing and personal and/or special category data you provide us with in order to supply you with our services.

 

When We Collect Your Personal Data

If you choose to enquire about or engage our services we might ask you to provide some personal data. We collect this information so we can provide our services to you in a safe, effective and responsible way.

​​We may collect personal data about you if you:

  • Visit our website or participate in interactive features on our website;

  • Enquire about any of our services or therapies;

  • Register with us to become a client or book to receive any of our services or treatments;

  • Fill in a form or survey for us;

  • Participate in a competition or promotion or other marketing activity;

  • Contact us—for example, by email, telephone or social media.

 

The Personal Data We May Collect

When you register as a client of The Mindful Massage, attend an appointment, receive a service or make certain enquiries, we may request information from you, such as:

  • Your name, address and contact details (including email address and phone number);

  • Details of referrals, quotes and other contact and correspondence we may have had with you;

  • Details of services or treatments you have received from us;

  • Notes about your health and any other services or treatment you have received;

  • Information obtained from our customer surveys, promotions and competitions that you have entered or taken part in;

  • Client feedback you might choose to provide;

  • Information about complaints and incidents;

  • Information you give us when you make a payment to us, such as financial or credit card information.

 

We may also request information from you including that relating to your health. Such information is classified by the UK’s Information Commissioner’s Office (ICO) as Special Category Data because it is sensitive in nature. We take special precautions to ensure that this, and indeed all your, information is stored securely, and seen and used only by authorised people. By providing us with Special Category Data, you give us your consent to process it for the purposes set out in this Privacy Policy.

 

How We Use Your Personal Data

Your personal data will be kept confidential and secure and, unless you agree otherwise, will only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy and applicable Data Protection Laws.

 

To Provide You with Service

As part of the booking process, we might use your contact information to provide you with reminders about an upcoming appointment.

 

In addition, we use your information to:

  • Inform and guide you regarding suitable products, massages and therapies;

  • Provide and perform the best possible professional massage and complementary holistic therapy treatments for you;

  • Ensure it is safe for you to receive these treatments.

 

We may also use your personal information for internal purposes such as to:

  • Provide you with information, products or services that you request from us;

  • Enable us to carry out our obligations to you relating to the provision by us of services or treatments to you and related matters such as billing, accounting and audit, credit or other payment card verification and anti-fraud screening;

  • Notify you about changes to our products or services;

  • Review and analyse the services we offer for effectiveness and safety, and research new services to offer our clients;

  • Respond to requests where we have a legal or regulatory obligation to do so.

 

If necessary, and with your explicit consent, we may share your personal information with your GP as part of our legal, regulatory and ethical responsibilities for your health and safety.

 

Information and Marketing

We might also, but only with your explicit consent, use your personal contact data to send information to you regarding our products, services and offers via mail, email, phone or SMS/text message.

If you later decide you no longer wish to receive this information you can opt out at any time by contacting us by email, text message, phone or by using the Unsubscribe link in our emails.

 

We will not give or sell your personal information to third parties for marketing purposes.

 

How We Protect Your Personal Data

We take the security of the personal information you provide us with very seriously.

 

We store your personal data electronically, using computer systems with restricted access kept in locations protected by physical security measures. This includes electronic data stored on third-party systems, with access is limited to The Mindful Massage employees and designated support staff only. Our computer systems are encrypted to help guard against unauthorised access, and backed up to prevent data loss.

 

We may also store some personal data in hard copy form. Such paper copies are retained and stored securely and are only accessible by our employees and designated support staff.

 

At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you recognise and accept this and do so at your own risk.

 

Integrity and Retention of Personal Information

We endeavour to keep your personal information accurate, complete and up to date. We will review your information with you from time to time so that both you and we can be sure it is up to date.

 

Providing our services means that we have obligations to keep certain recorded information for specific lengths of time—for example, for insurance purposes. We will therefore retain your personal information to provide requested services to you, and thereafter only for as long as is required by law or regulation.

Disposal of Your Personal Information

Your personal information that we hold will be no longer be considered ‘relevant’ when:

  • it is superseded by more up to date records—for example, by completing a new Client Consultation Form because of significant health changes; or

  • you inform us you will no longer be using our services; or

  • 12 months elapse since your latest booking and treatment, in which case we will assume you will no longer be using our services.

When the personal information we hold for you is no longer ‘relevant’ we will:

  1. archive any we are required to keep for specific lengths of time—for example, for insurance purposes we are required to retain certain details for 7 years;

  2. dispose of your remaining personal information—including any relating to our Loyalty Scheme (see below);

  3. dispose of your archived personal information after its retention period has passed.

When disposing of your personal information we will do so in a secure manner.

Disposing of Loyalty Scheme Records

The records we keep to operate our Loyalty Scheme are information about you. This means they will be disposed of if you no longer use our services—either by informing us, or by allowing 12 months to elapse since your last appointment and treatment. Any reward massages you have accrued will be lost, as will the count of any paid-for massages toward your next reward massage.

If you subsequently return to using our services we will consider you to be a new customer, and enter you into the Loyalty Scheme with a starting balance of zero.

 

Disclosure to Third Parties

We may use third parties to store your information in order to use technology to provide our services to you in the most efficient and safe way. For example, we might use electronic booking management software to plan appointments, which involves storing your information on third party systems.

 

Any third parties used to store your information can only access the information in a support capacity. Further access is only available to our employees and support staff. In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (ie, your life or your health).

 

On rare occasions, it may be necessary—by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence—for us to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

 

Additionally, in the event of a reorganisation, merger or sale of our business we may transfer any and all personal information we collect to the relevant third party.

 

Your Rights to Access and Update Your Information

Under UK law, you have certain rights in respect of the personal data that we hold about you. In addition to your right to stop marketing, detailed above, here is a short overview of the most commonly-used rights. It is not an exhaustive statement of the law.

 

  • With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data that we hold about you as an individual. This is usually provided free of charge and supplied within 30 days.
     

  • You have the right to have the personal data we hold about you corrected if it is factually inaccurate. If any of your personal data has changed—especially contact information such as email address, postal address and phone number—please let us know so we can ensure your personal data is kept up to date.

If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email or in writing, as described below. In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to such a request.

Any Questions?

If you have any questions or concerns about our Privacy Policy or how we process your data, please contact us.

We are committed to protecting and respecting your privacy. 

 

How to Contact Us

You can contact The Mindful Massage:

If you are making a formal request regarding your personal data, please contact us by email or in writing so your request may be properly logged and audited.

 

Changes to our Privacy Policy

We keep our Privacy Policy under regular review and as a result it may be amended from time to time without notice. As a result, we encourage you to review this Privacy Policy periodically.

bottom of page