As a small business, I don't need a lot of your information, nor would I ever give it to a third party without your consent. (Let's be honest, as a massage therapist we both know I would never want or need to sell your information anyway!) However, with the new GDPR regulations I need to make a few things clear:
How and Why I Collect Information
When you book your first appointment, I collect your full name, email address and contact number. This is purely for contact purposes should I need to get in touch with you about changes to your appointment in the future. When you come for your initial appointment I am required by law to collect certain information from you in order to make sure you are able to safely receive massage therapy or the treatment you have chosen to receive. This includes the above information as well as your date of birth, address, emergency contact information, GP information and whether you have any medical conditions or allergies. All of this information is collected purely for the safety of myself and yourself and is never shared with anyone else. I do not collect information from anywhere except yourself and information that my database automatically collects on how you interact with email marketing. The only person who ever sees or processes your information is myself as the sole owner of the business. I keep this information up until 2 years of you not using my business, or until you request its del
Your Information and Security
Your confidential client information form is kept in a secure folder in my house (where I do business). As for digital security, I operate up-to-date cyber protection on my devices at all times in order to prevent anyone from unlawfully accessing your information. All of my accounts are locked with unique passwords and login details to make sure nobody bar myself has access.
Minors and Information
All people under the age of 16 are required to have the consent of the parent or guardian to give their information and receive massage therapy.
How I Process Your Information
When you first book an appointment your information is automatically logged into my WiX bookings database. This is simply to make it easy for me to re-book future appointments instead of having to ask you for your information every time you wish to book. If you opt into email marketing, I may also process your data by viewing statistics about whether you have opened past email campaigns or not. This is to help me see what you're interested in so I don't spam you with information you don't wish to receive. I also carefully select email recipients by looking at your age and gender to see whether an offer is right for you. For example, I only target treatments including facials at women as men are generally less interested in beauty treatments.
Requesting Access to and Updating Your Information
If you wish to gain access to the information I hold on you, you may contact me via email at firstname.lastname@example.org or ask in person and I will show you any information you may be interested in. This would include the client information form you filled in on your first appointment and, if you opted into receiving email updates, the emails you have received from me in the past and whether you have opened them as this is all the information I hold. If you wish to update your information at any time, please contact me at email@example.com or ask me in person and I will gladly update any information for you.
Requesting the Deletion of Your Data
If you ever want me to stop processing your information or delete all the information I have relating to you altogether, please email me at firstname.lastname@example.org, text me on 07788515553, or tell me in person and I will delete your information from my database and shred your client form. If you do not come for a treatment for 2 years, I will automatically remove you from my database and destroy your client form.