PILATES AT YOUR DESK PRIVACY POLICY

Introduction

This is the privacy policy for Pilates at Your Desk LLP and sets out our policy in relation to the protection of personal data. The policy was adopted by Pilates at Your Desk on 5 June 2023. Our contact details are:

Pilates at Your Desk LLP

Lea House

Lovington

Castle Cary

BA7 7PX

Website: https://www.pilatesatyourdesk.com/contact

Email: pilatesatyourdesk@gmail.com

The types of personal information we collect

We currently collect and process the following types of information:

  • Name

  • Organisation (eg employer)

  • Role (eg job title)

  • Contact details

  • Information on health matters that may be relevant to participation in Pilates at Your Desk activities.

Note: we do not collect or process information required for the processing of payments. Payments for PAYD services are processed through Stripe.

How we get personal information and why we have it

Most of the personal information we have is provided to us directly by the individual to whom the personal information relates for one of the following reasons:

  • To receive information about PAYD services (for example, by signing up to our email database).

  • To enable participation in PAYD services (for example, by being able to access online services).

  • To enable safe and more effective participation in PAYD activities (for example, through the provision of information on relevant injuries an individual may have or have had).

We also receive some information indirectly from employers to enable information on PAYD activities to be provided to individuals who work for them.

We use the information that is given to us in order to:

  • Inform people about PAYD services (for example, through sending them our newsletter or other updates).

  • Allow for bookings for PAYD services.

  • Enable relevant personal characteristics to be taken into account appropriately in design and undertaking of those services (for example, when injuries affect which movements may be most appropriate).

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

  • Consent: we hold personal information provided by individuals who join our database that allows us to inform them about PAYD activities. individuals are able to remove their consent at any time, and can do this by contacting: pilatesatyourdesk@gmail.com

  • We have a contractual obligation: we hold personal information related to individuals that are employees of an organisation that PAYD has a contract with for the provision of services. That information (provided by the employer or the individual) enables the effective provision of those services by allowing communication with relevant individuals, the provision of access to PAYD services, and personal characteristics to be taken into account in the provision of those services. The information is only used to assist with the provision of those contracted services.

We do not pass personal information on to third parties.

How we store personal information

Personal information is securely stored:

  • It is only stored digitally (not on printed material).

  • Name and email address information is stored in encrypted form on Squarespace. Access to Squarespace is limited to that necessary for the securing of required technical support.

  • Health information forms are sent to info@moveatyourdesk.com, an email address hosted by GoDaddy. Information is then stored on an encrypted hard drive, with access limited to that necessary for the provision of the PAYD services to the relevant individual.

  • Our IT devices are all sourced from trustworthy suppliers and are accessed using strong passwords and biometric security.

  • We use a firewall at our office network boundary.

  • We remove, destroy or securely wipe any hard disk that may contain personal information before disposal or recycling of old IT hardware.

Your data protection rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at pilatesatyourdesk@gmail.com if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at pilatesatyourdesk@gmail.com.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk