Date Effective: 10th May 2018
Last Revised: 10th May 2018
Owner and Data Controller:
The Stephen Birch Practice Ltd .
Registered address: The Stephen Birch Practice Ltd, 1 Blue Cottages, Reading Road, Shiplake Cross, Henley on Thames, OXON RG9 4BY.
This policy (together with our terms and conditions and any other documents referred to) sets out the basis on which we will process personal data we collect from you, or that you provide to us, as a result of your use of our website or services. The Stephen Birch Practice Ltd identify as both Controllers and Processors of your personal data.
1) What information do we collect?
We collect the information outlined below so that we can effectively provide our products and services. The following personal data is collected when you:
1.1) Fill out contact forms or request newsletters (name, email address, phone number, enquiries). We use compliant third-party services to help filter spam and handle email delivery.
We also collect extra information when delivering our services to you to ensure optimal performance. Please see below a breakdown of the information we collect:
2) IP Address, Analytics and Cookies
2.1) We use a third-party internal analytics system which collects information about your device, such as IP address, operating system, browser type, browsing behaviour, links clicked and device type. All analytics data is stored and kept in the UK.
2.2) Other information is collected via Google Analytics and Hotjar Heatmaps & Recordings. This allows us to provide a better experience on our websites and improve our services. We collect some of this information by placing small text files on your device, known as cookies.
3) Data about Usage of Services
3.1) We automatically collect data when you use or interact with any of our websites or service. This includes all information outlined in Section 2 as well as metadata, log files, location information and the date and time this interaction was completed. This information also includes specific data about the links you visit (including those of third-parties) contained within our services.
4) Other Service Providers
We use a range of different service providers to help ensure that we can provide an optimal service. We have broken down each service provider we use on our website below, some of these services may also collect some data, including, but not limited to:
4.1) Google AdWords conversion tracking (Google LLC.)
Google AdWords conversion tracking is an analytics service provided by Google LLC. that connects data from the Google AdWords advertising network with actions performed on this Application.
Personal Data collected: Cookies and Usage Data.
4.2) Google Fonts (Google LLC.)
Google Fonts is a typeface visualisation service provided by Google LLC. that allows this Application to incorporate the content of this kind on its pages.
4.3) Google reCAPTCHA (Google LLC.)
Personal Data collected: Cookies and Usage Data.
4.5) Hotjar (Hotjar Ltd)
Hotjar is a session recording and heat mapping service provided by Hotjar Ltd. Hotjar honours generic "Do Not Track" headers. This means the browser can tell its script not to collect any of the User's data. This is a setting that is available in all major browsers.
4.6) Tawk.to Widget (tawk.to ltd)
The Tawk.to Widget is a service for interacting with the Tawk.to live chat platform provided by tawk.to ltd.
Personal Data collected: Cookies and Usage Data.
4.7) CloudFlare (Cloudflare, Inc.)
CloudFlare is a traffic optimisation and distribution service provided by CloudFlare, Inc. The way CloudFlare is integrated means that it filters all the traffic through this Application, i.e., communication between this Application and the User's browser, while also allowing analytical data from this Application to be collected.
5) What do we use your personal data for?
5.1) Collected information
We collect various information relating to your interactions with our Services. We use this information to:
- Comply with legal and regulatory obligations, requirements and guidance.
- Detect and prevent fraud and abuse of our services and systems. Improve and optimise the performance of the products and services you have with us.
- Improve the performance of internal data handling and processing.
- Diagnose problems and identify any security risks, errors or enhancements needed to the perform our services.
- Document our communications with you and our company.
- Suggest personalised content and services to you, such as tailoring our products and services, our customer experience and deciding which offers or promotions to show you on our digital channels.
5.2) Sharing with trusted third-parties:
We do not sell, rent, or share personal information with third-parties for their direct marketing purposes without explicit consent.
5.3) Communicating with you:
We may contact you directly or via third-party service providers regarding products or services that you have requested or purchased from us. We may also contact you with promotional offers for additional services if prior consent is given, or if based upon legitimate interests for both parties. You don't need to provide consent as a condition to purchase our goods or services. Our methods of contact may include:
5.4) Transfer of personal data abroad:
Our website is hosted in the United Kingdom, however our hosting provider utilises the service provider outlined in Section 4.7 to serve our website from data centers around the world closest to the individual visitor.
To communicate with you effectively and to provide our products, services and related support, it may be necessary for your data to be transferred outside of the European Union. For instance, if you use our services from a country outside of the European Union, your communications with us may result in the transfer of your data across international borders. Personal data may also be transferred abroad where applicable, as outlined in Section 4.
5.5) Third-party websites:
6) How you can access, update or delete your data
You are responsible for providing The Stephen Birch Practice Ltd with accurate and up-to-date personal information. You are also responsible to maintain and update the information to keep it accurate and up-to-date.
Requests to delete your personal data will be fulfilled to the extent that this information is no longer required for legitimate business purposes, contractual record keeping and/or compliance with regional and international legal requirements.
7) How we secure, store and retain your data
We follow accepted standards to store and protect the personal data we collect, both during transmission and once received and stored, including the use of encryption where appropriate.
We take all reasonable steps to protect the websites we host and information we receive from our customer from loss, misuse or unauthorised access, disclosure, alteration and destruction. We've put in place appropriate physical, electronic and managerial procedures to safeguard and secure such information.
We retain personal data only for as long as necessary to provide the services you have requested and after that for a variety of legitimate legal or business purposes. These might include retention periods:
- mandated by law, contract or similar obligations applicable to our business operations;
- for preserving, resolving, defending or enforcing our legal/contractual rights;
- needed to maintain adequate and accurate business and financial records.
If you have any questions about how we secure, store or retain your data, please contact us on firstname.lastname@example.org.
8) Age restrictions
This website and services are not intended for, nor designed to attract, individuals under the age of 18. The Stephen Birch Practice Ltd does not knowingly collect personally identifiable information from any person under the age of 18. If you feel that The Stephen Birch Practice Ltd has collected and/or received personal data from individuals under the age of 18, please contact us.
9) Notification of Changes
We take the trust and privacy of our clients and website users very seriously and do not believe that we will need to change the core principles outlined in this Policy going forward. However, if we are required to modify this Policy to comply with general regulations and/or legal requirements, we will promptly provide notice of any material changes and post the revised Policy on this website along with the effective date of any necessary changes.
10) Your Rights
Under the EU General Data Protection Regulation, you have the following rights as a data subject:
- The right to be informed
- The right of access
- The right of rectification
- The right of erasure
- The right to restrict processing
- The right of data portability
- The right to object
- Rights in relation to automated decision making and profiling
Further information as to what the aforementioned rights entail, why they are important to understanding your rights and obligations can be found here.
If you have require any additional information about your rights, or how you can exercise them, please contact us via the information below.
11) Contact us
The Stephen Birch Practice Ltd is regulated by the Information Commissioner's Office (ICO), an independent authority which uphold information rights in the public interest and data privacy for individuals.
Furthermore, if you wish to make a formal complaint about how The Stephen Birch Practice Ltd has handled your data, you can contact ICO via one of the following methods:
By Mail: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
By Phone: 0303 123 1113
By Email: [email protected]