Under the General Data Protection Regulation (GDPR) across the European Union, we have a legal duty to protect any information we collect from our clients. The GDPR applies to ‘personal data’ which refers to any information relating to any identifiable natural person.
Types of information we collect and how we use it
We receive the information you provide to us such as name, email address and phone number. We use this information to contact and follow-up; to offer our services; for safety and security and analytics and profiling. Please note that communications such as emails, text or any other messaging system/platform, and its content may be stored following the email service providers as part of their communication and network systems protocol.
We shall not pass on your details to any third party without your permission. We shall not use your data for any marketing related activities other than those pertaining to Kids Pilates in Action represented by KPA & SC Consultants, Ltd.
Data security and protection
The information we received from you is stored on our computer which is controlled with firewalls and passport guarded; the access is limited only to a designated person; this data would be updated every two years. A hard copy, scanned or electronic version of any form(s) you might have provided to us would also be safeguarded and saved for up to five years.
The third party data processors we use for customer relationship management, are GDPR compliant. Our website is hosted on the Wix.com platform. Wix.com is a third party that provides us with the online platform which allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the Wix.com applications. As for their Terms and Conditions (T&C), data received from their clients is GDPR compliant and is secured on servers behind a firewall and encrypted via Secure Socket Layer (SSL) technology. The email service provider used through Wix.com is Google mail, which also has dedicated software to safeguard your data and keep strict security standards to prevent any unauthorised access to it, as per their T&C. For more information about how your data is used, protected and safeguarded when sent by email, you can review your email service provider T&C. Please note that these T&C exclude any information you might have provided via social media sites such as Facebook, Twitter, Pinterest or Instagram from which the T&C of such sites will supersede.
Children’s Personal Information
Our courses are delivered in person, not online. The personal data we collect from children under the age of 16 is on paper and – with the purpose to support learning, monitor progress and to keep children safe (example – emergency details). We collect information and parenting consent via registration form at the beginning of the course.
Some of the collected data is mandatory or essential (example – health and safety forms), and some specific items might be voluntary in nature (example – use of pupil photos on websites, social media). Child’s data is essential to design and assess our training programme and, we will inform you at the point of collection, whether you are required to provide specific information to us (example – age, special needs, etc.) or if you have a choice on this.
Collected data is for the use of the “Kids Pilates in Action” programmes, and we do not share children’s information that we control with any company, institution or person at any time. Collected data is secured and protected as explained in the above section, Data Security and Collection.
We respect your rights under data protection legislation, and we understand that you are entitled to request access to information we hold about you; to correct inaccurate information; to object to our use and to withdraw your consent for the use of your data.
If you have a concern or complaint about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/
KPA & SC Consultants, Ltd
Last review of this policy: 21 May 2018