Be Well Barn Ltd Privacy Policy

 

Website address: www.bewellbarn.co.uk

Business name: Be Well Barn Ltd

Business Address: Church Road, Redlingfield, Eye, IP23 7QP

Email: hello@bewellbarn.co.uk 

Date last revised: 18/08/2022

Summary

At Be Well Barn Ltd (we, us or our) client privacy and use of personal information is implemented in accordance with GDPR practices based on the UK’s Data Protection Act 2018. We are highly conscious of protecting personal information. We will not share or sell information to any third parties without specific prior consent.

At Be Well Barn Ltd we have no intention or desire to externally benefit from private data and only intend to obtain, store and use it for our own administrative purposes which are central to the running of our business operations. It may be that we require third party operators to provide booking software services and therefore process and store private data. In this context such third party operators act only to hold the data on our behalf, and we remain the controller of said data. They will additionally have privacy policies in accordance with current GDPR legislation.

 

 

Contents

  • Introduction
  • Contact Forms / Polls
    • How we process your information
    • How we store your information
    • How we use your information
  • Business use of your data
    • How do we use personal information
    • Reasons for processing your personal data
    • When we may need to share personal data
  • E commerce
    • How we process your information
    • How we store your information
  • Analytics
    • How we process your data
    • How we store your data
  • Firewalls
  • Website back up and maintenance
  • How we secure your personal data
  • How long we keep your personal data for
  • Your rights in relation to personal data
  • Linking to other websites/third party content
  • How to contact us

Introduction

This policy is in relation to how we collect, store and process personal data on our website and app. It covers the above areas laid out in our contents.

We will need to collect and use data such as your name, contact details, postal address and payment processing information. At times other information may be required.

The website and app are kept up to date and use a secure socket layer encryption (SSL) to ensure all data transmitted across the internet is encrypted. The database and website files are held on a server in a secure datacentre protected both physically and electronically by security process. 

In all instances we do not share your data with any third party (unless otherwise stated) and only use it in direct relevance to the reason it was given to us in the first place. 

In all instances we are happy to share with you what personal data we might have and you can contact us by email or in writing at the details above. 

 

Contact Forms/Polls

We use contact forms on our website or app, this means that if you wish to contact us you can use the forms. 

The form(s) will ask you for your name and email address. In some cases, more information is collected which is relevant to the nature of the enquiry. 

This is how we process your information: 

You will be asked if this is OK to process this information before you submit the form. Because we need this information to effectively respond we will not process the form without your permission. 

Once you have submitted the information it will send an email to us where we will respond to you appropriately. We will delete the email when the enquiry has reached an end. 

This is how we store your information: 

In some cases, we keep a version of the contact form in our website database so that we can ensure we have a copy of your original contact. 

You will be asked for permission to store this information when you go to submit the form. If you do not give permission to store the information but just to process it you can still submit the form (as long as you agree for us to process the information). 

This is how we use your information: 

We only use your data in conjunction with the enquiry you made. 

 

Business use of your data

How do we use personal information:

First and foremost we require the use of your data to set up memberships and take bookings for the services we provide. For traceability we need to collect basic personal information and store it in order for these operational purposes.

 

Additional needs for collecting data include for:

  • The personalisation of content or services, business information or user experience. 
  • General administration purposes, for delivering of marketing and events communications.
  • Carrying out polls, surveys, research and service development
  • Meeting legal obligations and for audit purposes.

 

The legal basis for which we require personal data is for service contracts and traceability of users for business and health and safety purposes.

 

Reasons for processing your personal data:

There are several valid reasons why we may need to obtain, process and store your personal data. However, we will ask for your consent before we do so.

When making bookings or taking out memberships we require your data as these entities form a contract between us and yourselves. So that we will provide services in return for payment. In order to formalise this your personal data is a necessity. 

We have a legal obligation to process personal data in the event of co-operating with law enforcement services.

It is also a vital interest that we process personal data in order for compliance purposes, such as managing health and safety and risk assessments. 

By knowing who is booking services this is a valid business concern to ensure traceability to protect our business assets and interests in the case of any wrongdoing by users.

It is also a valid business interest for marketing purposes that we process personal data so we can improve our services over time and offer better value to our customers.

 

When we may need to share personal data:

Although we will never share your personal data for financial or other gains not directly related to our business activities, there may be times when we need to share data with relevant third parties or our employees. This could be for health and safety reasons, safeguarding individuals or for our standard operating practices. If this is to occur your data will be treated as confidential and not be shared beyond what is necessary. This will be safeguarded by third party privacy policies and agreements of confidentiality between us and the third party or employee. 

 

E Commerce

When you purchase something from our webstore, website or app we collect billing and shipping information which includes personal information, in some cases we also provide the option to create an account or membership account.

 

This is how we process your information:

Your personal information is transmitted to us in an email order form which we use to process your order and enter onto our financial systems. Your payment information is held within a third-party operator and not used anywhere else. We do not do anything with account information if an account has been made. 

 

This is how we store your information: 

Your order information is stored in the website database and is kept there securely, an email version of the order is kept on our third-party server and is stored there. 

Because we need your personal information to be able to comply with distance selling regulations, tax requirements and warranties we do store your data via said third party. We will only store this information for the length of time required under the appropriate regulation. As the third-party operator may change from time to time we will share, upon request, the details of this third party and their privacy policy.

 

Analytics 

We may use analytics to track the number of visitors to our site. If we were to do this we will ensure that the data collected using such analytics is anonymous and that IP anonymization is employed.

 

This is how we process your data: 

Under the definitions outlined in the GDPR regulations we are the controller of data and not the processor of data. Our third-party operator has the obligation to conform to the GDPR regulation. 

 

This is how we store your data: 

As any third-party operator is the data processor, they will have their own policy on how they store data. Upon request we can provide necessary information on who is this and their policy on storing the data.

 

Firewalls 

We use multiple firewall solutions that asks for your IP address before allowing access to our website, this data is anonymized and only gathered as a legitimate interest to ensure only legitimate people can access the website. The firewall providers are the processor of this data, and we can provide you with their contact information on request. 

 

Website backup and maintenance

We backup the website on a regular weekly basis, each of these backups will have a complete replica of the website, including the data stored within it. 

The backups are managed by us or where your information is stored by a third-party operator on our behalf they will run their own backups. Backups are a key element to business continuity and as such are a legitimate interest reason for processing and storing the data. We therefore do not need explicit permission to process and store this data. The backups have a 90-day retention policy so if any request to remove personal data is made it can take 90 days for any archived version of your data to be removed.

Data will be held on an ongoing basis until requested otherwise or a user unsubscribes. Our website does not currently directly hold any user information or track them through the site. All subscriptions are handled by MailChimp (third party) from whom Be Well Barn Ltd will contact registered parties until the user unsubscribes.

 

How we secure your personal data

As we do not store data on our website and we use third-party operators to store and hold your data, we rely on them to do so securely on our behalf.

Our third-party operators take reasonable steps to secure personal data against unauthorised access or disclosure. The transmission of data is encrypted in all circumstances where you provide payment information.

Any personal data we may process in manual or hard copy form will be stored in a lockable filling cabinet in a locked room and access will be restricted to the Directors of Be Well Barn Ltd only or to employees on a need-to-know basis for legitimate business or legal reasons.

 

How long we keep your personal data for

The GDPR requires us to retain data for no longer than reasonably necessary. While someone is a member or user of Be Well Barn Ltd, we will keep your data for the duration of your membership or user package. If an individual subscribes to our mailing list their email address will be kept until they unsubscribe from it again.

Once personal data is no longer required it will be automatically hard deleted from our system and therefore from the third-party systems as well.

 

Your rights in relation to personal data

Under the GDPR, we respect the rights of individuals to access and control their personal data. We respect your right to:

  • Access your personal information
  • Make correction or deletion
  • Withdraw your consent
  • Data portability
  • Restriction of processing and objection
  • Lodging a complaint with the Information Commissioner’s Office

We respect that individuals can exercise their rights over their personal information and will respond and act upon any data requests within 30 working days. Exemptions apply in relation to withdrawing consent while holding an active membership or booking. Personal data is fundamental to these business processes. 

Data subject rights may be limited , for example, if fulfilling the data subject request exposes personal data about another person or if you ask to delete data which we are required to keep by law. 

 

Linking to other websites/third party content

Through this website you are able to link to other websites which are not under the control of Be Well Barn Ltd. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.

 

How to contact us

If you have any questions or concerns about our privacy practices, your personal information, or if you wish to file a complaint, please email us at hello@bewellbarn.co.uk

 

Loading...

Subscribe to Newsletter

If you would like us to keep you up to date with special offers, news and events subscribe to our newsletter using the form below.

Thanks! We will keep you posted!