What data we collect and why we collect it: Fair Processing Notice

When you visit this site your personal information is collected. The main components collected consist of your first name, last name, email address, phone number, general location, IP address and birthday. What data is collected depends on how you use this site and additional data is collected through site logs, cookies, web beacons, signup and contact forms. A contact form is used on this website and the data collected via this function may be used for marketing purposes. When you complete the contact form you consent to us storing and using your data.

Your information is collected and used primarily for the purpose of accumulating an email list so that subscribers as well as clients of our services and products can communicate directly with me and receive benefits such as free materials and promotions. Additionally user data is collected and used for the purpose of marketing to improve this website and user experience. This website is independently owned and utilises Google Analytics. This website does not display advertisements and it does not currently use remarketing services for advertising purposes, as I did not want Google Analytics to collect visitors’ data.

Commenting on this website is not enabled, however if this does change in the future we will make clear how this collects and uses your personal data. Typically data shown in the comments form, your IP address, browser data and any images are collected and automatically checked for spam and metadata. This data is retained indefinitely instead of it waiting in a moderation queue.

Clients do not pay for services and products directly on this website. Therefore your banking details are not stored or used in relation to this site. I request payment using standard bank transfer or PayPal and you receive an invoice via email as confirmation of payment. Invoices kept on my devices for the purpose of record keeping are password protected. Therefore, PayPal, your bank or any other third party sites involved in a monetary transaction may collect and store your information independently.

Your rights

You have a right to access and update the information this site collects from you. You can request your personal data and you can request in writing to have your data removed, in which I will respond and action this within one month at no cost. If you have an account on a site or have left comments, you can request to receive an exported file of the personal data the site holds about you, including any data you have provided to the site, however this is not applicable for this site. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Please contact me directly if you have any questions or concerns regarding this privacy policy or your personal data.

Cookies

Cookies are created when you visit a website and are small pieces of data sent from a website to your computer. They are used to store information about your interactions and activity with a website, typically for your convenience such as storing login information when browsing. Login cookies are not relevant for this website, but just so that you know, they typically last for two days and screen option cookies last for one year, so that web servers can use your cookies later on.

Cookies are used to optimise this website and its services. In order for the site to collect cookies you need to agree to the terms of the pop-up for functional use or accept all cookies. This website utilises the Complianz plugin which blocks cookies to your personal device until you consent and your IP Address is anonymised. You can block cookies or choose to turn your cookie settings off on your personal device if you do not wish to share this data with us. You should also delete cookies if you no longer want your computer to remember your internet browsing history associated with your activity on this site or after using a public computer.

There are no login or user profile functions on this website and so cookies will not be used to save this information or screen display choices. Editing and publishing articles is also not a function on this website but typically additional cookies are saved to your browser when this is the case. These cookies show the post ID of the article and expire after one day, they do not include a users personal data.

Media

You do not have the ability to upload images or photos to this website, however if we introduce this function in the future please avoid uploading images with embedded location data (EXIF GPS) included. All visitors to this website can download and extract existing location data from images.

This site does not use an Invisible reCAPTCHA and so your data will not be shared with this provider.

This site has links to various external social media platforms including a Facebook page. When you connect to any of these platforms via these links your activity may be logged and this data may be collected. Analytics on these pages may be used for marketing purposes however you and the terms that you have agreed with these individual platforms, such as Facebook, dictate how your data is collected and used. 

Embedded content from other websites

Pages on this site may include embedded content and links to external websites. For example YouTube videos, articles and blog posts as well as hyperlinks for social media platforms. Embedded content from other websites behave in the same way as if the visitor has visited the other website. Therefore these websites may collect data about you, use cookies, embed additional third-party tracking and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged into that website whilst visiting this website.

Using children’s personal data

The services and products belonging to Leoni Cachia Holistic Care are for individuals considered adults under UK law [aged 18 and over]. 

Who we share your data with

Google Analytics is used on this site to track user interactions, it collects additional personal data like IP addresses, user IDs and cookies for the purpose of behaviour profiling. As Google is a third party your data may be shared or disclosed with and by this third party.

Mailchimp is used to send emails to users and users can opt-in to receive emails from us. We will not sell or share your email address with any third-party websites and your email is stored on Mailchimp for as long as you maintain your subscription.

How long we retain your data & how we protect it

There is no clear length of time data should be stored as UK GDPR law suggests that storage should be appropriate for individual data types and function. If you are subscribed to the Leoni Cachia Holistic Care email list for 10 years for example, it serves both parties to keep your personal information for that length of time as there is a clear purpose for this data storage. If you wish to unsubscribe from the mailing list or you are a past client, we can store your existing data for 5 years. However we will stop mailing you and after this date all files are archived and deleted electronically.

Your data is stored on the WordPress Org site and Mailchimp. I do not export your data to other external platforms however a log of clients is kept on a data spreadsheet for the purpose of data management and providing information on a person with ease if requested. All hard copies of data is secured safely within a locked premises. I personally ensure this information is kept up to date, password protected and only I have access to this information. If in the future I hire an assistant or other coaches and they have access to this information, I will update this privacy policy to make you aware. If the devices I use are lost or stolen I am able to access your data remotely via MailChimp as well as remote wipe my hardware to protect your personal information.

Assignment Clause: Additionally, if Leoni Cachia Holistic Care is ever bought and owned by another party, your data will be owned by the new owner and your data can only be used as previously agreed unless new permissions are requested from existing users.

What data breach procedures we have in place

If a breach in my security is compromised you have a right to know about it. This is defined as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data” by The UK Information Commissioner’s Office (ICO). If this happens you will receive information about the breach and a personal data breach notification procedure will be created. A self-assessment will be carried out with the ICO to determine whether I need to report it and gain further information and support.

I am certified by ICO and comply with data protection.