A data privacy policy explains what happens to any personal data that you give to us or any that we may collect about you. It says what information we will gather, how we will use it and how we will keep it secure.
This data privacy policy sets out how Nesting Lotus uses and protects any information that you give to Nesting Lotus.
Nesting Lotus may change this policy from time to time by updating this page. You should check www.nestinglotus.co.uk regularly to ensure that you are happy with any changes. This policy is effective from 23/03/2022
What do we collect?
We may collect the following information:
- Name
- Contact information including email address
- Demographic information such as postcode for auditing purposes.
- Date of birth, gender and nationality
- Details of NOK or family members for an emergency contact.
- Information about your healthWhat is the source of the personal information?
We’ll collect personal information from the following general sources:
- From you directly
- Information generated about you when using our booking form
- From other sources such as tracing agents or organisations used to assist in the prevention and detection of crime
- From another introducer
What do we do with the information we gather?
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Ensuring you are suitable to take part in our classes/services
- Updating your records
- We may use the information to improve our products and services
- To follow guidance and best practice under the rules of governmental and regulatory bodies
- For management and auditing of our business operations including accounting
- For analysis and developing statistics
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting
- To comply with legal and regulatory obligations
What are the legal grounds for our processing of your personal information? We rely on the following legal bases to use you personal data:
- Where it is needed to provide you with our products and services such as in assessing the market for a product and/or service that is suitable based on your personal needs and circumstances.
- Where it is in our legitimate interests to do so such as to manage your products and services and update your records.
- To comply with our legal obligations
- With your consent or explicit consent for some direct marketing communications or for some of our processing of special categories of personal data such as about your health.
When do we share your personal information with other organisations?
We may share information with the following third parties for the purposes listed below:
- Any of our group companies
- Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority or the Information Commissioner’s Office
- Other organisations who provide services such as back up, IT software and document storage providers
Is your personal information transferred outside the European Economic Area (EEA)? Sometimes your personal information may be transferred outside of the EEA. If it does so, we’ll make sure that suitable safeguards are in place, for example by using approved contractual agreements.
Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Here is a list of the rights individuals have under data protection laws:
- The right to be informed about the processing of your personal information
- The right to have your personal information corrected if inaccurate or if incomplete
- The right to object to processing of your personal information
- The right to restrict processing of your personal information
- The right to have your personal information erased
- The right to request access to your personal information
- The right to move, copy or transfer your personal information
- Rights in relation to automated decision making
You have the right to complain to the Information Commissioner’s Office which enforces data protection laws at https://ico.org.uk/. You can also contact us using the details below. Where we are relying upon your consent to process personal data you can withdraw this consent at any time by contacting us.
For how long is your personal information retained by us?
We’ll hold your personal information based on the following criteria:
- For as long as we have reasonable business needs such as managing our relationship with you;
- For as long as we provide products and services to you or someone could bring a claim against us; and/or
- Retention periods in line with legal and regulatory requirements or guidance.
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to
- send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
Contact us
If you have any questions about this privacy policy or if you wish to exercise your rights, you can contact us at www.nestinglotus.com or info@nestinglotus.com