GENERAL DATA PROTECTION REGULATION (GDPR) POLICY Changing States Of Mind general data protection regulation (GDPR) policy is the responsibility of the Data Protection Lead.
Personal information means any information that relates to an individual that may be used either directly or indirectly to identify them.
A privacy statement describing how Changing States Of Mind protects personal information is published on the Changing States Of Mind website.
WHOSE INFORMATION DOES THIS PRIVACY NOTICE APPLY TO?
This privacy notice applies to information we collect from:
•People who subscribe to our newsletters
•Visitors to our website
WHAT IS PERSONAL INFORMATION?
There are two types of personal information that Changing States Of Mind may store about individuals that it is in contact with.
Changing States Of Mind stores general contact information provided by individuals, with their consent.
Changing States Of Mind stores special category data that is a sub-category of personal information, including client notes and provided by individuals with their consent.
Personal information may be stored either electronically or on paper.
A person’s details may be collected by Changing States Of Mind to undertake its business activities.
Business activities include:
•Marketing and information
HOW DO WE PROCESS PERSONAL DATA?
Any information stored electronically will be secured by encryption and/or password protection.
Any information stored on paper will be protected by restricted physical access.
WHO HAS ACCESS TO PERSONAL DATA?
The only people that may have access to personal information are members of the Leadership Team of Changing States Of Mind.
No personal information is passed on to any other individuals or organisations unless:
it is at the request of the individual; or the Leadership Team is legally required to do so
HOW LONG DO WE KEEP PERSONAL DATA?
Changing States of Mind will keep personal data for no longer than reasonably necessary.
Data will be kept up to date and changes made as required. If the Changing States Of Mind business ceases trading then all personal data will be deleted or destroyed.
Requests by individuals to obtain their contact or personal information held by Changing States Of Mind will be honoured.
Changing States Of Mind will destroy contact or personal information about individuals if requested by them but this might mean that Changing States Of Mind can no longer provide certain services to them.
Changing States Of Mind will update any contact or personal information that we know to be incorrect.
For further details about these rights please see the Information Commissioner’s website.
If a data breach means that any contact or personal information has been passed to others without consent, the individual andChanging States Of Mind Data Protection Lead will be informed. The Changing States Of Mind Protection Lead will determine in conjunction with the Leadership Team what further action may be required. Individuals whose data has been compromised will be informed.
Testimonial videos, photos and statements are provided by clients who have given their permission for testimonials to be used on the Changing States Of Mind website. Changing States Of Mind will delete and stop using an individual’s video or image at the individual’s request.
Changing States Of Mind collects anonymous, aggregate statistics as well as individual user activities.