Personal Data we Process
Information is collected to administer your account with us, and to provide you with our service(s).
The following personal information is collected:
Your name, email address, gender, birth date, address, mobile phone number, preferred studio location, emergency contact information, family member information.
How Is your Personal Data Collected?
We use a booking system called MindBody which collects all of the information you enter into the website their website or mobile application and stores it securely for you to avail of the services at Platinum Pilates.
Your personal information collected is stored securely in the software of MindBody.
The personal information collected is stored securely on MindBody servers.
Your personal data is then accessed securely by Platinum Pilates via MindBody to allow us to provide the above listed services for you.
It is not possible to avail of any services at Platinum Pilates without you consenting provide your details to MindBody.
Should you wish to avail of services at Platinum Pilates without creating an account through MindBody, you are consenting to have your details stored in MindBody through our manual upload process.
We cannot provide services to you without having Personal Data by the nature of the industry, therefore in accepting our terms of service by way of purchasing services, you are consenting to your personal data being collected and stored by either Platinum Pilates and MindBody.
We will collect your name and email address if you use the contact forms on our website. The information is emailed to us and forwarded to the relevant staff member to be used by us to process your query.
Newsletter signup forms
Should you consent to subscribing to our e-newsletters your name and email address are collected using our email subscription software ‘Mailchimp’. That information is held by Mailchimp servers and is used to email you our e-newsletters. You may unsubscribe from our e-newsletter at any time by clicking on the link in the footer of the email.
During a Physiotherapy consultation you will be disclosing personal details & medical history. Legally we must store this information for a period of a minimum of 6 years. This information is held in a highly secured software system and hard copies of this data are destroyed to protect the data.
How We Use Your Personal Data
We may use your personal information to:
- enable your use of the services at Platinum Pilates
- send statements, invoices and payment reminders to you, and collect payments from you;
- send you non-marketing commercial communications (should you consent)?
- send you email notifications about classes, appointments and events
- send you our email newsletter, if you have requested it
- deal with enquiries and complaints made by or about you relating to our business
- keep our website secure and prevent fraud Not sure what scenario this covers
We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via MindBody, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
Your Personal Data and Medical Information relating to your Physiotherapy Services can be shared with other Medical Practitioners in order to provide you with Referrals. Our handling of such data is in accordance with The ISCP Professional Conduct Guide.
Disclosures of your Personal Data
1. We may disclose your personal information to any of our employees, teachers, physiotherapists, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this policy.
2. We may disclose your personal information: to the extent that we are required to do so by law in connection with any ongoing or prospective legal proceedings.
3. in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling.
4. Except as provided in this policy, we will not provide your personal information to third parties
International data transfers
1. Information that we collect may be stored and processed in and transferred between any of the countries in which our cloud based storage operates in or MindBody operates in or Netbanx operates in in order to enable us to use the information in accordance with this policy.
2. Information that we collect may be transferred to the following countries which do not have data protection laws equivalent to those in force in the European Economic Area: including the United States of America
3. You expressly agree to the transfers of personal information described in this Section.
1. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
2. All personal information you provide is stored on secure servers.
3. All electronic financial transactions entered into through the booking system will be protected by encryption technology.
4. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
5. You are responsible for keeping the password you use for accessing the booking system confidential; we will not ask you for your password (except when using it to log in to your mindbody online account)
6. All hard copies of physiotherapy data will be destroyed once electronically recorded and uploaded onto the cloud based storage.
Retaining Your Data
This Section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal information.
Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Notwithstanding the other provisions of this Section, we will retain documents (including electronic documents) containing personal data:
- to the extent that we are required to do so by law;
- if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk).
- for medical purposes for a minimum of 6 years.
Your Legal Rights
You may request us to provide you with any personal information we hold about you;
The request can be made electronically to email@example.com and by telephone to 01-2789313.
The supply of appropriate evidence of your identity – including name, address, phone number, DOB, Next Of Kin, Email Address, Client ID may be requested.
Requests will be dealt with within one month.
You may instruct us at any time not to process your personal information for marketing purposes. You have the right to instruct us to amend any inaccurate information rectified at any time. You also have the right to be forgotten into a right of erasure where it is legally possible for us to do so.
You have the right to lodge a complaint with the Irish Data Protection Commission (firstname.lastname@example.org) or your local supervisory authority if you consider that the processing of your personal data infringes GDPR.