Privacy policy
This Privacy Policy is for this website (www.hayleyanderson.co.uk) and all services that Hayley Anderson provides. It is served by Hayley Anderson and governs the privacy of its users who choose to use it and those that choose to use sessions, courses & services provided.
This Privacy Policy sets out how I collect, manage and protect your personal information. We also set out the rights you have to control and manage the personal information that we hold about you.
This Privacy Policy applies to my marketing activities as well as to the products and services sold by me.
This website and its owner take a proactive approach to user privacy and we ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with current legislation and requirements for user privacy under GDPR.
Personal information is information that does or may identify you.
You do not have to share your personal information with me, but if you choose not to, I may not be able to provide you with our products and services or answer any questions you may have asked me.
What type of personal information do I collect?
– The information you provide when you place an order from my shop
– The information you provide for attending a session or course
– When you subscribe to receive my newsletter or information about my services, products, offers and promotions
– If you have attended a private session with Hayley she will hold information about you in digital or written format.
– I also collect personal data from other sources including trusted partners and where we operate an account on third-party platforms such as Calendly appointment system and social media platforms.
In order to be able to send you individualised, relevant information about the services I offer you, I need to keep personal records of all who work with me.
These records are:
– Your name, email address and contact details. If you are a herbal client, records are kept including all information provided on your initial consultation form, details of any herbs given and your treatment plans. I do not share this information.
– A record of dates of services that I have provided you, the type of services that I have provided for you, and the details of why you are seeking services from me.
– There are written and digital notes summarising the content of the services I have provided for you.
Some of the personal information I collect may be sensitive information. This might include information about your health and wellbeing. We will only collect this information with your explicit consent. We may collect personal information manually, for example during a session and this, with your consent, will be processed into our secure data system.
Sensitive information falls into a special category of personal information. This includes information relating to your health, race, sexuality or ethnicity.
We only collect sensitive information in limited circumstances which include:
– When you make a specific enquiry through via email or our website
– When you sign up to a session where I ask you to tell me about your health and wellbeing
– In filling out your initial consultation form
How is this information stored?
This information is held in password protected files on my computer, which is also password protected. My computer is backed up securely using an external time machine hard drive. My computer holds appropriate protection and security software to protect data.
When you contact me through my website (www.hayleyanderson.co.uk) your name and email address are stored by my web hosting platform (WP admin & Hostinger).
When you sign up for my newsletter your name and email address are stored by my newsletter hosting Mailerlite.
Subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign.
Email marketing campaigns are processed via Mailerlite which is GDPR compliant.
In all cases personal information stored online is stored on secure servers behind a firewall.
How do I use this information?
I will only ever use your personal information to contact you regarding supporting you through the services she provides. This will be within the scope and legal basis of legitimate interest (i.e. you have expressed an interest in my services, therefore there is implied consent for me to contact you regarding working together).
I may contact you in the following ways:
– Sending you personalised emails to assist you in booking my services or to respond to communication that you have sent me.
– Sending group emails to let you know about my services and availability to work with you.
– Sending email newsletters to keep you in touch.
Do I share this personal information with anyone?
I do not sell or share your personal information to any third party. I do not obtain information about you from any other sources.
Should I feel that it will be beneficial to seek advice or extra support from other professionals to support further, I will always gain your explicit consent before sharing any information about you (which will always be for your intended benefit).
I share your personal information with selected third parties in the following circumstances:
– To courier and logistics providers who ship products you may have ordered
– With payment processors who administer secure payment options
– With parties who host and process personal information on my behalf in accordance always with applicable laws and regulations
– To partners with whom I collaborate to deliver workshops – if you have consented to this in the first place.
– When I are legally required to disclose it. This includes: To comply with a legal obligation, when I believe in good faith that an applicable law requires it, at the request of governmental authorities conducting an investigation, to verify or enforce any other policy relating to this website, t detect and protect against fraud, or any technical or security vulnerabilities, to respond to an emergency situation.
Does my website use cookies?
Like many websites, my website uses cookies to help make the site work best for you. The information collected and stored by these cookies is not personally identifiable to you.
How do I protect your personal data?
I take the security of your personal information very seriously. I take every effort to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure.
My measures include implementing appropriate access controls, investing in appropriate IT security and ensuring that we encrypt personal information wherever possible.
Any confidential paperwork and notes are stored in a locked cabinet. The details of sessions, medical and personal histories will stay confidential.
Access to your personal information is only permitted internally, to agreed partners or business service providers on a need-to-know basis and subject to strict confidentiality obligations when processed by third parties.
We do not collect your financial data. The payment systems we use are Paypal and BACS which are, to the best of our knowledge, safe and secure ways to pay.
How long do I keep your personal information for?
I will keep your personal information for as long as we need it for the purpose it is being processed for. For example, where you have purchased one of our products online, I will keep your personal information related to the purchase so we can perform the specific contract you have entered.
After which, I will keep the personal information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the purchase.
Your personal information may also be retained so that I can continue to improve your experience with me and to ensure that you can enjoy your experience.
I will actively review the personal information we hold and delete it securely when there is no longer a legal, business or consumer need for it to be retained.
Your rights as a data subject:
This is a summary of your rights relating to the personal information I hold about you.
The right to be informed.
You have the right to be provided with clear, transparent and easily understandable information about how I use your personal information and your rights. Therefore, we’re providing you with the information in this charter.
The right to access and rectification.
You have the right to access, correct or update your personal information at any time. i understand the importance of this and should you want to exercise your rights, please contact me directly.
The right to data portability.
The personal information you have provided me with is portable. This means it can be moved, copied or transmitted electronically under certain circumstances.
The right to be forgotten.
Under certain circumstances, you have the right to request that we delete your personal information. If you wish to delete the personal information I hold about you, please let me know and I will take reasonable steps to respond to your request in accordance with legal requirements.
If the personal data I collect is no longer needed for any purposes and I am not required by law to retain it, I will do what we can to delete, destroy or permanently de-identify it.
The right to restrict processing.
Under certain circumstances, you have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving emails from us notifying you or being contacted with varying potential opportunities).
The right to lodge a complaint with a supervisory authority.
You have the right to lodge a complaint directly with any local Supervisory Authority about how I process our personal information.
The right to withdraw consent.
If you have given your consent to anything I do with your personal information, you have the right to withdraw your consent at any time by contacting the details below.
Rights related to automated decision-making.
You have the right not to be subject to any decision which is based solely on automated processing in certain circumstances.
Your consent:
Reading this Privacy Policy and/or contacting Hayley via her website gives implied consent to the storage and use of your data as listed above.
If you decide to remove your consent to any part of how Hayley uses or stores your personal data, please contact her directly and she will delete all your information.
If you have any questions about the policies listed above, please contact her directly: hello@pellarandpollen.com
Last updated August 2023