Privacy Policy
We value your privacy and following the new rules set by the European Union's General Data Protection Regulation (GDPR), we have updated our privacy policy as of 24th May 2018.
Introduction
This privacy policy tells you how and why we collect, store and use your personal data when you visit our website and interact with us via our website.
It tells you about your rights in relation to your personal data and how the law protects you. Also covers is how to contact us and the authorities in the event you have a complaint.
We ask that you read this privacy policy carefully so that you are fully aware of how and why we are using your data. If you have any questions, or would like to exercise your privacy rights, please contact us directly.
Who we are
Sean Heneghan is a Counsellor, Acupuncturist & Cognitive Hypnotherapist based in Berkhamsted. In this privacy policy references to we, us and our, are to Sean Heneghan.
We collect, use, store and are responsible for certain personal data about you. We are regulated under the General Data Protection Regulation which applies across the European Union and we are responsible as ‘controller’ of that personal data for the purposes of those laws.
What data is collected by us
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed which is classed as anonymous data.
During your visit and interaction with our website collect a variety of information. This personal data falls into these categories:
Contact data includes addresses, email addresses and telephone numbers when provided through an enquiry form, or registration form.
Technical data includes browser type and version, location, operating system and platform and other technology on the devices you use to access the website.
Aggregated data through a web analytical service called Google Analytics which provides statistical or demographic data. Aggregated data however is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate usage data to calculate the percentage of users accessing a specific website page or which days have more visitors.
How is your personal data collected?
We use different methods to collect data from and about you including:
Direct interactions - You may give us your identity, and contact data by filling in forms or by interacting with the website. This includes personal data you provide when you:
- Sign up to receive a newsletter.
- Make enquiries or request information be sent to you
Automated interactions - As you interact with us, we may automatically collect Technical Data about your device, browsing actions and patterns. We may also collect Tracking Data when you use our website. We also receive data about you from our analytic provider though this does not identify you.
How and why we use your personal data
Under data protection law, to comply with our legal and regulatory obligations, we can only use your personal data if we have a valid reason for doing so and where consent is required.
For example, when you make an enquiry with us, you provide us with your contact information to respond to you.
What we use your personal data for our reasons
- To provide services to you
- To make contact with you through email or by telephone
- Notification of any changes to our services
- Marketing communications that may be of interest (only where consent has been given)
Third party data collection
Links to external sources and third party sites such as LinkedIn, Twitter and Facebook may exist from this website. They may request your personal data and we cannot take responsibility once you leave our site.
Who we share your personal data with
Outside of our company, we only share data with a third party supplier for the purpose of offsite data backup. All such backups are transmitted and stored in encrypted form (so is not readable) in locations within the United Kingdom.
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.
Whilst third party organisations related to IT and software maintenance may have temporary visibility of your information, these organisations do not have permission to use your data and will only be given access if required.
If you wish to discuss this further, please contact us at sean@seanheneghan.com.
We will not sell or lease your personal information to any third parties.
How long your personal data will be kept
We will keep your personal data when it is provided to us. We will do so for one of these reasons:
- To respond to any questions, complaints or claims made by you or on your behalf
- To show that we treated you fairly
- To keep records required by law
We will not retain your data for longer than necessary for the purposes set out in this policy. When it is no longer necessary to retain your personal data, we will delete it.
Your rights
Under the General Data Protection Regulation, you have the following rights, which at any time you can exercise:
Right of access
You have the right to be provided with a copy of your personal data
Rectification
You have the right to require us to correct any mistakes in your personal data
You have the right to be forgotten - The right to require us to delete your personal data in certain situations
Restriction of processing
You have the right to require us to restrict processing of your personal data
Data portability
You have the right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format
The right to object
You have the right to object in certain other situations to our continued processing of your personal data, eg processing carried out for the purpose of our legitimate interests. This is by checking the opt out option within any enquiry forms.
Not to be subject to automated individual decision-making
The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
For further information on each of the above rights, including the circumstances in which they apply, see the guidance from the UK Data Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- Email, call or write to us
- Let us know the data to which your request relates
Keeping your personal data secure
We have appropriate security measures in place to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your data will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach.
We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
When communicating with us by email you should ensure that you take all reasonable precautions to protect any sensitive personal data.
Cookies
A cookie is a small piece of information that a site puts on your device so that it can remember something about you when you return at a later time. It is a mechanism that allows the server to store its own information about a user on the user's own computer.
In order to use the site, you agree to let cookies be saved as they are an important part of navigation of the site.
Third party cookies used on the site.
Google Analytics is a service that generates detailed statistics about our website visitors. Their cookies typically store anonymous information such as whether a visitor has been to the site before, the time of the current visit and what was the referrer site the visitor.
How to complain
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred.
The supervisory authority in the UK is the Information Commissioners Office who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
How to contact us
Please contact us if you have any questions about this privacy notice or the data we hold about you.
If you wish to contact us, please send an email to sean@seanheneghan.com
Changes to this privacy notice
This privacy notice was published on 24th May 2018 and last updated on 24th May 2018.
We may change this privacy notice from time to time, when we do we will inform you.