At Mind Over Mass, we’re committed to protecting and respecting your privacy.
This Policy explains how we collect and process your personal information through your use of our website www.mindovermass.co.uk, including any information you may provide through our site when you purchase a product or service. By using our website, you’re agreeing to be bound by this Policy. By providing us with your data, you warrant to us that you are over 13 years of age.
Mind Over Mass is the data controller and responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
Who are we?
Mind Over Mass
Company number: 09163124
Email: claire@mindovermass.co.uk
Any questions regarding this Policy and our privacy practices should be sent by email to claire@mindovermass.co.uk.
How do we collect information from you?
We obtain information about you when you use our website, for example, when you complete the contact form, or book an appointment with us via the website, or engage with other forms within our site.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, IP address, and information regarding what pages are accessed and when. If you book an appointment your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
How is your information used?
We may use your information to:
• Contact you regarding queries raised in the contact or booking form;
• Progress a booking you have submitted and send you information directly related to this;
• Carry out our obligations arising from any contracts entered into by you and us;
• Deal with entries into a competition or prize draw;
• Seek your views or comments on the services we provide;
• Notify you of changes to our services or this Privacy Notice;
• Send you communications which you have requested and that may be of interest to you (this may include useful information relating to our service, promotions, membership updates).
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfill our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Who has access to your information?
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
Third party service providers working on our behalf: We may pass your information to our third party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf.
However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
When you are using our secure store pages, your payments are processed by a third party payment processor (GoCardless), who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or re-organisation, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our supporters and customers. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Marketing communications
You will receive marketing communications from us if you have:
- requested information from us or purchased goods or services from us; or
- if you provided us with your details when you entered a competition or registered for a promotion or free resources; and
- in each case, you have not opted out of receiving that marketing.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes. You can ask us or third parties to stop sending you marketing messages at any time by following the opt out links on any marketing message sent to you.
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to find out more about how the processing for the new purpose is compatible with the original purpose, please email us at claire@mindovermass.co.uk.
If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.
We may process your personal data without your knowledge or consent where this is required or permitted by law.
How you can access and update your information
The accuracy of your information is important to us. You have the right to request a copy of the information we hold about you so that you can ensure its accuracy. You can do this by emailing claire@mindovermass.co.uk.
Right to erasure and other legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to;
- Request access to your personal data;
- Request correction of your personal data;
- Request erasure of your personal data;
- Object to processing of your personal data;
- Request restriction of processing your personal data;
- Request transfer of your personal data;
- Right to withdraw consent.
If you wish to exercise any of the rights set out above, please email us at claire@mindovermass.co.uk.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer, Firefox, Chrome.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Profiling
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
Links to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website. In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of the EEA
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). By way of example, this may happen if any of our servers are located in a country outside of the EEA, or if our payment provider is located outside of the EEA. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If w