Last updated May 2020
Privacy Notice for Clients
Zest2Change Limited is committed to respecting and protecting the privacy of Clients and we act as Data Controllers in respect of your personal information. We need to gather personal information about you in order to ensure we provide a therapy session that is based on your needs. This statement explains how we use and store this information.
Information we may collect about you We need to gather various types of information about you for the purpose of the RTT or Solution focused Therapy. This could include but is not limited to: ● Who you are, including full name, email address, contact numbers, and location ● Personal characteristics such as gender and ethnic group ● Information about your reason for engaging in our therapy ● Information on your medical background and history ● Other relevant information disclosed by you to Zest2Change Limited.
Why do we need to collect and use personal data? We collect your personal Data for the following purposes and services: advertising, analytics, contacting the user, displaying content from external platforms, handling payments, interaction with live chat platforms, remarketing and behavioural targeting, spam protection, tag management, traffic optimization and distribution, user database management.
Under General Data Protection Regulation, we have identified the Lawful bases for processing personal information: ● Contract: We will need to gather sufficient information in order to provide a therapy session based on your area of concern. ● Legal obligation: We need to fulfil our duties under regulatory and legislative requirements. ● Consent: Individuals need to give their permission where special categories of information are collected. This includes information about your health and medical history.
We may also need to share personal information with other regulatory bodies such as tax authorities, The Pensions Regulator or organisations such as law enforcement agencies and fraud prevention agencies to prevent and detect financial crime and to make sure we are complying with all relevant laws and regulations.
Ongoing record keeping
We will maintain records and retain personal data in order to have a historical record of sessions as well as your feedback about our service. We will take all reasonable steps to keep personal data up to date throughout this relationship. If this agreement ends, we will need to retain personal data for 7 years as required by law unless there are substantial reasons to retain the data for longer. How do we protect the personal information that we hold? Data security is key and we take all reasonable endeavours to ensure we have systems and processes in place to monitor our data, to prevent unauthorised access, and to keep it safe. Data is stored electronically in accordance with international standards around privacy and security. Wherever possible, sensitive personal data (special category data) will be password protected or encrypted when being transferred. Transferring your information outside of Europe General Data Protection Regulation imposes restrictions on the transfer of personal data outside the European Union, to third countries or international organisations. If we need to share your personal data with a recipient outside the European Union we will ensure we do so in compliance with European Data Protection Legislation, including where applicable, by ensuring that the transfer is necessary to perform a contract in place with you or a contract entered into in your interests, such as a reference request.
What can you do if you are unhappy with how your personal data is processed?
Any queries regarding the above information should be emailed to firstname.lastname@example.org
You also have the right to lodge a complaint with the supervisory authority for data protection. In the UK this is:
Information Commissioner’s Office Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Telephone: 0303 123 1113 (Local Rate) Zest2Change Ltd ICO registered number ZA725944