27 The Crescent
2. Changes to the Policy
3. The data we collect about you
a. We only collect your personal data for the provision or potential provision of the services we provide to you. You acknowledge and agree that we may collect, use, store and transfer different kinds of personal data about you including:
i. Identity Data
ii. Contact Data
iii. Financial Data
iv. Transaction Data
v. Special Categories of Personal Data (including medical/health related data).
4. How we use your personal data
a. We will only use your personal data when the law allows us to. We will use your personal data in order to provide the services to you which we have contracted to provide, where you have consented to us for the use of your data (e.g. adding you to a mailing list for the provision of information related to the Positive Birth Midwife) or where we need to comply with a legal obligation.
5. Purposes for which we will use your personal data.
a. We have set out below a description of the ways we plan to use your personal data:
i. To register you as a new customer – your identity and contact data
ii. To process and deliver your order – your identity, contact, financial and transactional data.
iii. To perform the services we are to provide to you – your identity, contact, Special Categories of Personal Data (being medical/health related data).
6. Opting Out
a. You can opt out of our mailing list or any other form of communication during the provision of the Services or before/after the provision of the Services by notifying us in writing. Please note that when you opt out of our mailing list this does not opt out of any personal data required for the provision of the Services.
7. Data Retention
a. We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint.
b. To determine the appropriate retention period for personal data we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we control your data and whether we can achieve the same purposes through other means.
8. Data Security
a. We have put in place appropriate security measures to prevent your personal data being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator when we are legally obliged to do so.
9. Your Legal Rights
a. Under certain circumstances you have rights under data protection laws in relation to your personal data. We may need to request specific information from you in order to help us confirm your identity and ensure your access rights in respect to your personal data under applicable data protection laws.
10. Withdrawal of Consent
a. You may withdraw your consent at any time where we are relying upon your consent to process your personal data, however, please note that if you withdraw your consent we may not be able to provide services to you. We will advise you if this is the case at the time you withdraw your consent.