My Pilates Practice
Under the General Data Protection Regulation (GDPR) across the European Union, we have a legal duty to protect any information we collect from our clients. The GDPR applies to ‘personal data’ which refers to any information relating to any identifiable natural person.
Types of information we collect and how we use it
We receive the information you provide to us such as name, email address and phone number. We use this information to contact and follow-up; to offer our services; for safety and security and analytics and profiling. Please note that communications such as emails, text or any other messaging system/platform, and its content may be stored following the email service providers as part of their communication and network systems protocol.
We shall not pass on your details to any third party without your permission. We shall not use your data for any marketing related activities other than those pertaining to My Pilates Practice represented by KPA & SC Consultants, Ltd.
Data security and protection
The information we received from you is stored on our computer which is controlled with firewalls and passport guarded; the access is limited only to a designated person; this data would be updated every two years. A hard copy, scanned or electronic version of any form(s) you might have provided to us would also be safeguarded and saved for up to five years.
The third party data processors we use for customer relationship management, are GDPR compliant. Our website is hosted on the Wix.com platform. Wix.com is a third party that provides us with the online platform which allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the Wix.com applications. As for their Terms and Conditions (T&C), data received from their clients is GDPR compliant and is secured on servers behind a firewall and encrypted via Secure Socket Layer (SSL) technology. The email service provider used through Wix.com is Google mail, which also has dedicated software to safeguard your data and keep strict security standards to prevent any unauthorised access to it, as per their T&C. For more information about how your data is used, protected and safeguarded when sent by email, you can review your email service provider T&C. Please note that these T&C exclude any information you might have provided via social media sites such as Facebook, Twitter, Pinterest or Instagram from which the T&C of such sites will supersede.
Children’s Personal Information
We do not collect data from children under the age of 16.
We respect your rights under data protection legislation, and we understand that you are entitled to request access to information we hold about you; to correct inaccurate information; to object to our use and to withdraw your consent for the use of your data.
If you have a concern or complaint about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
Last review of this policy: 20 May 2018.
Susana Ceballos Lobato /
KPA & SC Consultants, Ltd