Privacy

I am a yoga teacher and sole trader in complementary therapy and currently hold the following information about my clients so will be classed as the Data Protection Officer.

Clients Paperwork

The following information is held on each client:
For yoga: Name, Address, Email Address, Telephone Number, Medical Questionnaire
For Health Kinesiology: Date of Birth, Doctor's Details, Current Medication, Consultation Form, and Records of Energy Work Done in the appointments.
All this information is kept in a secure location.
I work with adults and children. Parent’s written consent is required and held on file for all children under, and including the age of 16.
All paperwork is kept for seven years, in line with my insurance and membership requirements. After this time, if a client has not been seen then their files are shredded with a cross cutter shredder.

Database

I keep all the clients' contact information on my iPad and mobile phone and on my Windows 10 computer in a password protected excel file, I can also access my emails from all clients via my computer, iPad and mobile phone. The database is not stored online in the "cloud"; however, I do have contact details of all my clients on Outlook and Gmail.
The excel database is kept in order to update clients with new information regarding any changes in my services such as opening hours, holidays, price increases, etc. and is never shared.

Credit/Debit Card Machine Payments

I do not use a credit/debit card machine.

Compliance

I am currently registered with the Information Commissioner’s Office and comply with the ICO's use of data.

Websites

My only website is www.fionafallon.co.uk
I have Facebook presence on www.facebook.com/FionaFallonYoga/
and www.facebook.com/FionaFallonHK/
No personal information of clients is held on websites other than Email.

Emails

Email with my clients is on devices that are password protected.

Computer, Mobile Phone and iPads Security

Each device is password protected, so no-one can access the data unless they are Fiona Fallon.

Data Breaches

In the event of a data breach, the Information Commissioner’s Office will be contacted within 72 hours, and from the decision reached with them, all affected clients will be contacted by Fiona Fallon.

The Right to be Forgotten, to Object, to Rectification, to Access and, to Portability.

  • Right to be forgotten: An individual may request that an organization delete all data on that individual without undue delay. Within 48 hours (during normal working hours and excluding holidays) of the request being made the client’s information will be deleted from any database list that Fiona Fallon holds.
  • Right to object: An individual may prohibit certain data uses.
  • Right to rectification: Individuals may request that incomplete data be completed or that incorrect data be corrected. This is to be actioned within 48 hours (during normal working hours and excluding holidays) of the request.
  • Right of access: Individuals have the right to know what data about them is being processed and how. This is laid out in the Consent Form that each client must sign to have been included in the database and for Fiona Fallon to hold client records and can be found in each individual's case file.
  • Right of portability: Individuals may request that personal data held by one organization be transported to another by written request from said client, this will be actioned within one week. Client’s notes will be, on written request via the said client, either returned to the client at no charge within two weeks of the request or transported by recorded delivery to another organisation.

In the event that you wish to perform any of the above, please contact me.

Business Paperwork

All paperwork is kept under lock and key which is only accessible by Fiona Fallon.

Cookie Usage

There are two cookies used on this website;
1. Named "PHPSESSID", passed to your browser when you arrived at this site and endures until your browser is closed. This cookie is used by the website server to track an individual around the website in order to display any appropriate information for that user.

2. Named "viewed_cookie_policy" which is stored for a year by your browser and identifies if you have agreed to accept cookies so we don't continue to display the cookie bar.