This is the Privacy Policy of CB – Massage Therapy.
It is issued in compliance with the Data Protection
(Bailiwick of Guernsey) Law, 2017 “the Law”
Please take the time to read through this information carefully
CB - Massage Therapy respect and protect your privacy. This notice sets out the different areas where user privacy is concerned and outlines the obligations and requirements of the users, the website at chrisbourke2.wixsite.com/my-site-1 and us, the website owners. Furthermore, the way we use, store and protect any personal data we collect from you, or that you provide to us, will also be detailed within this notice.
The information we collect
When you book an appointment we collect personal details such as your name, email and telephone. This information is used to identify you and contact you about the appointments and services you have booked.
To provide a safe and effective massage treatment we also need to collect information such as your medical background and lifestyle choices. This information is only used to make sure your treatment is as effective as possible.
Whilst you use the website we also receive information about your computer such as your IP address, operating system and browser details. This information helps us provide a better website experience for you.
When you buy a gift voucher we collect personal details such as your name, email, recipient’s name and possibly a postal address. This information is used to identify you and provide the service you have requested.
When you provide us with your personal information in the course booking an appointment, completing your Consultation form, Covid-19 Screening form and any pregnancy or postnatal update forms, making a payment or contacting us about our services, you are giving your consent to us collecting that information and using it for that specific reason.
We will not use your personal information for any secondary reason, like marketing unless we have asked you directly for consent to do so.
How do I withdraw my consent?
For the purpose of legal protection, we are required to hold the personal information you have given to us in the course of providing you with massage services and the notes about those treatments for a minimum of seven years.
Seven years after your last treatment we will permanently delete all your personal information that we hold.
If you withdraw your consent during the seven-year retention period, we will archive your data until the seven-year period expires.
Whilst your information is archived, we will not access or process it in any way except if needed for legal protection or if I'm required to do so by law.
Should you wish to withdraw your consent at any time please email chrisbourke2@gmail.com with your request.
How can I access, update or amend my personal information?
You have the right to review the personal information we store about you and your massage sessions at any time. These will be sent by email, in a Microsoft Word document attachment. You also have the right to request we update or amend your data if it is incorrect. To action any of these rights at any time please email chrisbourke2@gmail.com with your request.
Disclosure
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
Data Handling & Storage
Our appointment booking and document service is provided by Google Drive. All information is stored securely on encrypted servers in data centres worldwide.
Your data is stored through Google Drive using their data storage facilities, databases and the Google web framework, on secure servers is always encrypted when in storage and whilst being transmitted across the internet. As a further layer of security, all data recorded by myself is transferred through a secured 3rd party VPN (Bitdefender VPN)
Payments
If you choose to pay for your massage with a debit or credit card your information will be passed to my payment processors either Starling Bank for direct payments or GiftUp for online Gift Vouchers/Block Bookings.
We never store your credit card details, it is always processed by third parties. It is encrypted through the Payment Card Industry Security Standard (PCI-DSS).
GiftUp may offer a service whereby you can pay for your block booking or gift voucher quickly using credit or debit card details previously-stored with them. We can't see any stored card details or information.
Starling Bank and GiftUp both adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
Third-Party Services
In general, the third-party providers we use will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies with respect to the information we are required to provide to them for your purchase-related transactions.
Privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in the UK and your transaction is processed by a payment gateway located in the United States, then your personal information used to complete that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy.
Security
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Changes to this Privacy Policy
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.
If this business is acquired or merged with another business, your information may be transferred to the new owners so that they may continue to provide you with the massage services you have requested.
Questions & Contact Information
To request your information to be updated, amended or deleted, or if you have any questions about how your information is collected, stored and used, please email chrisbourke2@gmail.com
Complaints
If, for any reason, you are unhappy with how we are handling your data, please raise your concerns with us first, so that we can seek a resolution. If you are still not satisfied, then you have the right to complain to the Office of Data Protection Authority.
Office of the Data Protection Authority
St Martin’s House
Le Bordage
St. Peter Port
Guernsey
GY1 1BR
T: +44 (0) 1481 742074
Legal basis for storing data
This information is collected by CB - Massage Therapy in accordance with the guidelines set out by the Office of Data Protection Authority based in Guernsey.
CB - Massage Therapy is registered with the Office of Data Protection Authority.
CB - Massage Therapy will never lease, distribute or sell your personal information to any third parties.
Special category data
Personal data revealing an individual’s racial or ethnic origin, political opinion, religious or philosophical belief, trade union membership, genetic data, biometric data, health data, data concerning an individual’s sex life or orientation, and criminal data. This type of personal data is afforded additional safeguards under the Law.
Contact
CB - Massage Therapy
Phone: 07781403547
Email: chrisbourke2@gmail.com