General Data Protection Regulation (GDPR) Policy

The Plan Yourself Pregnant (PYP) general data protection regulation (GDPR) policy is the responsibility of the Data Protection Lead.

Personal information means any information that relates to an individual that may be used either directly or indirectly to identify them.

A privacy statement describing how PYP protects personal information is published on the planyourselfpregnant.com website.

Whose information does this privacy notice apply to?

This privacy notice applies to information we collect from:

  • Clients
  • Prospective clients
  • Former clients
  • People who subscribe to our newsletters
  • Visitors to our website

What is Personal Information?

There are two types of personal information that PYP may store about individuals that it is in contact with.

  • PYP stores general contact information provided by individuals, with their consent.
  • PYP stores special category data that is a sub-category of personal information, including client notes and provided by individuals with their consent.

Personal information may be stored either electronically or on paper.

A person’s details may be collected by PYP to undertake its business activities.

Business activities include:

  • Marketing and information
  • Appointments
  • Application forms
  • Consultation forms
  • Client notes

How do we process personal data?

Any information stored electronically will be secured by encryption and/or password protection.

Any information stored on paper will be protected by restricted physical access.

Who has access to personal data?

The only people that may have access to personal information are members of the Leadership Team of PYP.

No personal information is passed on to any other individuals or organisations unless:

  • It is at the request of the individual
  • The Leadership Team is legally required to do so

How long do we keep personal data?

PYP will keep personal data for no longer than reasonably necessary. PYP will keep client records for a period of 7 years in accordance with the British Acupuncture Code of Professional Conduct.

Data will be kept up to date and changes made as required. If the PYP business ceases trading then all personal data will be deleted or destroyed.

Consent

Requests by individuals to obtain their contact or personal information held by the PYP, will will be provided.

PYP will destroy contact or personal information about individuals if requested by them but this might mean that PYP can no longer provide certain services to them.

PYP will update any contact or personal information that we know to be incorrect.

For further details about these rights please see the Information Commissioner’s website.

Data Breach

If a data breach means that any contact or personal information has been passed to others without consent, the individual and PYP Data Protection Lead will be informed. PYP Data Protection Lead will determine in conjunction with the Leadership Team what further action may be required. Individuals whose data has been compromised will be informed.

Testimonials

Testimonial videos, photos and statements are provided by clients who have given their permission for testimonials to be used on the PYP website. PYP will delete and stop using an individual’s video or image at the individual’s request.

Website Information

PYP uses products to analyse traffic to its website in order to understand visitor needs and to improve the site for them. PYP collects anonymous, aggregate statistics as well as individual user activities.

PYP publishes how it makes use of cookies on the website privacy statement page.