WHO AM I?
Madeleine Brown (sole trader) trading as ‘Nayana Yoga’
I Madeleine Brown, am the data controller and I am responsible for your personal data (referred to as ‘I’ and ‘My’ in this privacy document).
Data privacy is extremely important to me especially due to the sensitive nature of the data I hold for each of my students. I wish to be completely open with you about what data I hold, how it is used and the processing of your data.
Below is an outline of my data policy however if you require further information please contact myself at firstname.lastname@example.org
By providing myself with your information you consent to me using it in the ways outlined below.
WHAT INFORMATION I COLLECT ABOUT YOU
I collect two types of information:
Personal information and Non-personal information.
Personal information that I may collect includes the following:
- Identity data such as your name and title
- Contact data such as your email address, home address and phone number
- Health + Safety data such as any known medical conditions or injuries
- Usage data such as the way you interact with my website or newsletters
- Marketing and Communications data such as your preferences in receiving marketing information from Nayana Yoga and your communication preferences
Non-Personal information is data that does not reveal your personal identity such as when you click on a link on my website or view a new page, I am not informed about who does this but it helps to give an insight into how my website is used and allows me to improve your service.
HOW I COLLECT DATA
I collect basic data from you from our first interaction on social media, by email or even face-to-face. This is often your name and email address. I then collect the remaining data needed when you fill out the health and safety form before your first class, workshop or retreat. You will already be aware that I specifically ask for your signed and dated permission to send you my newsletter as I have always wanted you to be in full control of what you receive in the way of news and marketing. The new GDPR regulations have given me the opportunity to fine tune my system of practice and to give you further transparency over your data.
When you visit my website you are also prompted to allow ‘cookies’ to be utilised. Sadly these are not tasty treats that can be printed via your computer but are instead helpful small files of information that are placed on your computer to better improve your overall web experience. A cookie often contains a unique number that can be used to recognise your computer when you return to a website.
WHAT I DO WITH YOUR INFORMATION
Your information may be used in a variety of ways depending on your relationship to Nayana Yoga. It may be used to communicate with you, to monitor the way I provide information and to above all else to keep you safe while practising yoga. With your continued consent I like to contact you from time to time to provide you with term details, workshop dates, special offers, charity events etc. My newsletters are sent less than once a week and in many cases once a month and although I am biased, they are often fairly useful and enjoyable to read! You can unsubscribe at anytime by clicking the bottom of the newsletter or by emailing me directly at email@example.com
SHARING YOUR DATA
Your personal information is largely used by myself and any other person working under ‘Nayana Yoga’. I will never sell or pass on your data to a third-party unless legal required by the following:
- police, professional advisors, lawyers, bankers, auditors and insurers, banking, legal, insurance and accounting services.
- HM Revenue and Customs, regulators and other authorities based in the UK and other relevant jurisdictions who require reporting of processing activities in certain circumstances.
- I may need to pass your personal data on to other companies for admin purposes. I may occasionly require a third party to carry out certain activities such as monitoring how customers use the website and issuing our emails. Third parties are not allowed to use your personal information for their own purposes. For these purposes your details may be transferred outside the European Economic Area (EEA) and you consent to such transfer by using the website: www.nayanayoga.co.uk
HOW LONG DO I KEEP YOUR INFORMATION FOR?
I keep your data for seven years since the last time you used my services. This is due to both tax and insurance purposes. Once the seven years has elapsed I dispose of your data in a secure manner. This is likely to involve **vegan** marshmallows and a campfire.
You have various rights under the data protection act and the EU General Data Protection Regulations in respect of the personal information I hold about you. These include the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to the processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Withdraw consent
You can see more about these rights on the ICO website. If you with to excersise any of the rights set out above please email firstname.lastname@example.org
THIRD PARTY LINKS
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. Nayana Yoga does not control third-party websites and I am not responsible for their privacy statements. When you leave this website I encourage you to read the privacy notice of every website you visit. (Riveting reading I’m sure!)
REPORTING A DATA BREACH
If I become aware that there has been a security breach, which will cause adverse effects to the individual whose data has been breached, I will report this to the relevant supervisory authority within 72 hours of becoming aware of the breach. I will also notify the individual as soon as possible.
CONCERNS OR COMPLAINTS
If having contacted myself you still have any concerns about the way I handle your data then you have the right to lodge your concern with the Information Commissioner’s Office. Visit https://ico.org.uk/concerns for more information.
This policy was last updated in May 2018.