Highland Massage

Sports massage service in East Ross-shire and Sutherland

Privacy policy

Effective Date: 27/09/2024
Highland Massage (“we,” “us,” “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit our website, book an appointment, or use our services.

1. Information We Collect

We may collect and process the following types of personal data:

  • Personal Identification Information: Name, address, email address, phone number, date of birth.
  • Health Information: Relevant medical history, health conditions, injuries, allergies, and treatment preferences.

2. How We Collect Information

We collect personal data in the following ways:

  • Directly from you: When you book an appointment, fill out forms, contact us, or use our services.

3. Purpose of Data Collection

We process your data for the following reasons:

  • To Provide Services: We collect your health information to ensure that treatments are safe and suitable for your needs.
  • Appointment Management: To process bookings, manage cancellations, and send appointment reminders.
  • Payment Processing: To handle payment for services.
  • Communication: To respond to your inquiries and send important updates regarding your appointments.
  • Marketing: With your consent, we may send you marketing materials or newsletters. You can opt out at any time.
  • Legal Obligations: To comply with legal and regulatory requirements (e.g., health and safety laws).

4. Legal Basis for Processing

Under the GDPR, we rely on the following legal grounds for processing your personal data:

  • Consent: For sending marketing communications or processing sensitive health data, with your explicit consent.
  • Performance of a Contract: To provide services as per your booking.
  • Legal Obligation: To fulfill our obligations under UK law (e.g., maintaining records for tax purposes).
  • Legitimate Interests: For operational efficiency and business development, provided this does not override your rights and freedoms.

5. Data Retention

  • Retention Period: We retain your personal data only as long as necessary for the purposes outlined above. Typically, we keep client records for 12 months after your last appointment, unless otherwise required by law.
  • Deletion: Once your data is no longer needed, we securely delete or anonymize it.

6. Sharing Your Data

We will never sell or share your personal data with third parties for marketing purposes. However, we may share your data with:

  • Legal Authorities: If required by law or in response to valid legal requests (e.g., court orders).

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes using encryption, firewalls, and secure data storage systems.

However, no method of transmission over the internet is entirely secure, and we cannot guarantee the absolute security of your data.

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): You can request the deletion of your data when it’s no longer necessary for the purposes for which it was collected.
  • Right to Restrict Processing: You can ask us to restrict how we process your data in certain circumstances.
  • Right to Data Portability: You can request your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to our processing of your data for marketing or other purposes.
  • Right to Withdraw Consent: Where we rely on your consent for processing, you can withdraw it at any time.

To exercise any of these rights, please contact us at [Your Email Address].

9. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website, and where appropriate, notified to you by email.

10. Contact Information

If you have any questions about this Privacy Policy or your data rights, please contact us at:

  • Email: bookings@highlandmassage.uk
  • Phone: 07455081479

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not handled your data correctly.