This policy sets out what personal data Ayurveda Retreat Ltd collects, uses, stores and protects when you have shown interest in our services. By ‘personal data’ we mean any information that could be used to identify you; specifically your name, address, telephone number, email address, IP address or bank card details. Due to the nature of our business, we also deem personal data to be information of a sensitive or private nature regarding your health. By ‘shown interest in our services’ we mean that at some point in time you will have either received a treatment or consultation at Ayurveda Retreat; booked but later cancelled a treatment or consultation at Ayurveda Retreat; purchased an Ayurveda Retreat gift voucher or gift certificate; specifically asked to be added to our mailing list.
If you have ever expressed an interest via a telephone, website or email enquiry but not actually completed any of the above actions then we WILL NOT have kept a record of your details, unless specifically requested by you.
1. We only ever ask for personal data that will benefit you and/or ourselves;
2. We NEVER pass your details on to third parties;
3. We NEVER buy in personal data or mailing lists;
4. YOU can decide at any time if you want to be removed from our mailing list and/or all our records;
5. A decision to be removed from our records DOES NOT mean that you cannot visit Ayurveda Retreat in the future;
6. We WILL update this policy if and when our circumstances change;
7. We DO NOT keep records of your bank or card details.
If at any point you feel that we have asked you for personal data that is not relevant to the particular action that is taking place then please let us know and we will do our best to explain why we’ve requested it (key reasons highlighted below). If at that point you still feel that the question is unnecessary then we will make a judgment call based on the perceived consequences of the question not being answered. Please note, however, that in the case of medical questions or those relating to our Pregnancy Massage we have a legal and moral obligation to ensure your safety.
Below is a list of interactions that could potentially take place between you and ourselves whereby personal data is involved. For each interaction we will explain WHAT personal data is collected, WHY said personal data is requested and STORAGE & SECURITY details relating to said data…
Client Questionnaire Completed In-House
WHAT? Name; address; email address; telephone number; mobile number; date of birth; medical questions.
WHY? We ask for your name to create a reference for the booking, and your address so that we can carry out analysis on geographic locations of our clients. We ask for your email address and telephone numbers so that we can send you appointment confirmation and reminders, as well as contact you if there are any problems regarding your booking. Mobile phone numbers are NEVER used to send marketing texts. Asking for your date of birth is just so that we can offer you a discount around your birthday. Medical questions are asked so that we can make adjustments and allowances during your treatment, if required.
STORAGE & SECURITY: Information provided is inputted into our client management system so that the appropriate appointment can be scheduled and confirmation sent out to you via email and/or text. We currently use Acuity Scheduling which is a cloud-based client management system. For this reason, we are not susceptible to issues associated with out-of-date software. Our receptionists and therapists access our online Acuity Scheduling account via the PC in reception, which is password protected. Following input into Acuity Scheduling, all hardcopies of forms are kept locked in our storeroom.
Bookings Via Our Website
WHAT? We ask the same questions as when completing our Client Questionnaire in reception (see above).
WHY? We ask these questions for the same reasons as when completing our Client Questionnaire in reception (see above).
STORAGE & SECURITY: Bookings made via our website are created in real time using the same client management system as we do in-house (Acuity Scheduling) so are subject to the same storage and security factors as mentioned above. Transactions for packages and gift certificates, and securing of bookings using a credit/debit card are made via payment processor Stripe, a competitor of PayPal. Acuity Scheduling itself does not have access to card details provided by clients, and the only person at Ayurveda Retreat who has access to Stripe is our company director. Despite having access and being able to process refunds and charges, the company director is not able to view full card details.
Submission of enquiry form via website (‘Contact Us’ page)
Unless specifically requested, information obtained via this interaction is not recorded. Our website is monitored for vulnerabilities 24/7 by an external company who also ensure that the website is regularly kept up-to-date behind the scenes.
Ayurvedic Questionnaire (In-House and Online)
WHAT? If your appointment is for an Ayurvedic massage or treatment then we will ask you to indicate which option best describes you in a variety of categories relating to your appearance and tendencies.
WHY? Ayurveda takes a holistic approach to health and so knowing your personal characteristics helps our therapists to tailor their treatment towards your needs. Selecting the most suitable oil for an Ayurvedic massage is a key example of this.
STORAGE & SECURITY: We WILL NOT share your answers with anyone else and will only utilise them for the purposes of your appointment. Questionnaires completed in-house will have their answers manually transferred onto your client record on Acuity Scheduling before being locked away in our storeroom for future use, should you decide to return. If, however, you would prefer that your answers were destroyed post treatment then we will happily oblige. Bookings made via our website are subject to the same questionnaire and therefore also stored against your client record on Acuity Scheduling.
WHAT? Ahead of your Ayurvedic consultation you will be asked to fill out a questionnaire that asks a variety of personal questions. This questionnaire will be emailed to you at the time of booking.
WHY? The questions asked are typical Ayurvedic medicine considerations and will help our consultant gain the best possible picture of you and your needs. We ask that you complete and return the questionnaire ahead of your appointment so that the consultant can review it beforehand with a view to making the actual appointment time as efficient as possible.
STORAGE & SECURITY: It is impossible for us to guarantee that information sent electronically will be 100% secure, but what we can promise is that the information you provide us with will be treated as highly confidential. We ask that completed questionnaires are emailed back to us so that we can store them in a dedicated, password-protected folder on our PC. Your email will then be forwarded to the consultant who will in turn store them in a dedicated, password-protected folder on a laptop that is not kept at Ayurveda Retreat. If there are any questions that you are unable or unwilling to answer, it WILL NOT affect your ability to proceed with your actual consultation.
Pregnancy Medical Questionnaire (In-House and Online)
WHAT? A variety of personal questions are asked relating to your pregnancy.
WHY? We have a legal and moral obligation to ensure your safety, so asking such questions is the only way that we can achieve this, providing you answer honestly and to the best of your knowledge.
STORAGE & SECURITY: We WILL NOT share your answers with anyone else and will only utilise them for the purposes of your appointment. Questionnaires completed in-house will be transferred onto your client record on Acuity Scheduling before being locked away in our storeroom for future use, should you decide to return. If, however, you would prefer that your answers were destroyed post treatment then we will happily oblige. Bookings made via our website are subject to the same questionnaire and therefore also stored against your client record on Acuity Scheduling.
Our Mailing List (Email Only)
In the past we admittedly may have put you on our mailing list without your explicit consent if we had captured your email address following a treatment or purchase. This is what the ICO refer to as a ‘soft opt-in’. (The ICO are the people who will be enforcing regulations regarding data protection moving forward.) We appreciate that a ‘soft opt-in’ is no longer recognised as acceptable practice and so from now on we will ensure that you only receive marketing emails from us if you have explicitly given consent. Unfortunately, this will not apply to those already on our mailing list, but please bear in mind that you can unsubscribe from it at any time by clicking on the relevant link within each of our marketing emails. We will endeavour to make the ability to unsubscribe as prominent and easy as possible in all of our marketing emails moving forward.
**Moving forward, unless you give us specific consent to be on our mailing list, we will only use your email address in relation to a specific booking or purchase. Asking to be removed from our mailing list will in no way affect your ability to use our services in the future or return to the mailing list.**
-Page last updated 30 May 2018-