Introduction
Please read our privacy and cookies policy closely. If you have any concerns, questions or requests please contact us via email at contact [at] hayleyscanlon [dot] doctor.
The term ‘Yvette Rosa Consulting Ltd’ or ‘us’ or ‘we’ refers to the owner of the website whose registered office is 3rd Floor, 86-90 Paul Street, London, EC2A 4NE. Our company registration number is 14978828. The term ‘you’ refers to the user or viewer of our website. Our data controller can be reached via the same details above.
Please note that this privacy policy only applies to our website. We have a separate and more restrictive privacy policy that governs data from sessions. Please contact us via the email address above if you would like to receive a copy of this policy.
Accountability
The Accountability Principle as detailed in the GDPR Article 5(2) means we must be able to demonstrate that we are responsible for these principles of data protection law. To ensure this is the case;
We regularly review our data protection policies and procedures. This helps us to ensure we continue to comply with the law and my intended processing is both clearly explained, necessary and transparent. Where we rely on explicit consent, we ensure it is gathered in accordance with the law. When we rely on other conditions, we consider the rights of others before we proceed.
We assess the risks we may, from time to time, create when processing data to ensure we uphold the rights and freedoms of every individual. This is especially true when we process data in a new way.
We keep extensive records of my processing. For example, activity and incident logs measure my compliance and help me to identify any weaknesses in my procedures. We actively consider the opinion and advice of others both here, in the EU and beyond. We monitor case law and the guidance of the Information Commissioner’s Office (ICO) and the European Data Protection Board (EDPB).
To ensure we protect personal data we constantly review my security measures, both technical and physical and have instigated appropriate safeguards. This includes regularly training where required. Access to data is based on the ‘Least Privileged’ principle (POLP)*.
As Dr. Hayley Scanlon, I am the ’Accountable person’ for processing activities.’ I am registered with the ICO as a data controller and have a clear data breach reporting procedure.
The following sections should answer any questions you have but if not, please let us know.
It is likely that we will need to update this Privacy Notice from time to time, and you are welcome to come back and check this at any time or contact us via the email address listed at the top of this policy. Any published revisions will be accompanied by a change in the “Last updated” date at the start of this policy.
What information do we collect?
We collect the following information via our website:
- When you make a booking for a free call or a session, we collect contact details to arrange a session with you. This includes your name, email address or phone number, and the kind of service you are interested in. We use this information only for contacting you; we don’t sell or make your data available to anybody else, or store it for longer than is necessary to arrange a session with you.
- We may collect anonymous usage data when you access our site. All of this information is anonymised and aggregated and cannot be used to identify you or target you in any way. This data is used to understand how our site performs and is limited to the following: device type (e.g., smartphone, desktop) and country (e.g., UK, Ireland).
How do we use personal information?
We only use any personal information to arrange a session with you. We will not otherwise use your personal data for marketing or advertising.
When do we share personal data?
We do not share any personal data with any other party, unless required to by UK law.
Where do we store and process personal data?
All personal data is stored and processed within the UK.
How do we secure personal data?
We take the following steps to secure your personal data:
- We don’t retain any personal data for longer than is necessary.
- Personal data is encrypted at rest, and only accessible by us.
- We enforce two-factor authentication (2FA) for any accounts with access to personal data to help prevent unauthorised access.
How long do we keep your personal data for?
We only retain personal data for as long as is necessary to provide our service to you. Typically, this would be until you have completed a set of sessions with us. At our discretion, we may retain personal data to help maintain contact with long-term clients. In the event of lost contact (e.g., you submit an enquiry via this website and we don’t hear back from you) we will retain the data for a maximum of 14 days before deletion.
Use of cookies and other technologies
Our website does not use cookies. We may gather anonymised and aggregated data (e.g., device type and which page has been visited) to better understand how visitors are using our site. Any data gathered in this way cannot be used to identify you.
How to complain about our processing if your data
If you feel that your data has been handled incorrectly, or you are unhappy with the way we have dealt with your query regarding the way we use your personal data, you have the right to complain to the Information Commissioner’s Office (ICO) which regulates the use of information in the UK.
You can call them on 0303 123 1113 or go online to www.ico.org.uk/concerns.
If you are based outside the UK, you have the right to complain to the relevant data protection supervisory authority in your country.
If you would like to discuss any aspect of this policy or the way we process your information, please contact us at contact [at] hayleyscanlon [dot] doctor.