Anna Bracher Privacy Policy & GDPR: How we use your information
This privacy notice provides information about the ways in which Anna Bracher collects, stores, shares or keeps personal information provided by our clients, contacts, website visitors and office visitors.
Using our Website
Our website (www.annabracher.com) uses cookies.
We collect information about you, using cookies, when you fill in any of the forms on our website i.e. sending an enquiry, signing up for an event, filling in a survey, giving feedback etc.
When submitting forms on our website we use a third-party software provider for automated data collection and processing purposes, they will not use your data for any purposes and will only hold the data in line with our policy on data retention.
We use Google Analytics to store information about how visitors use our website so that we can may make improvements to our website and give visitors a better user experience.
Google Analytics are third-party information storage systems that record information about the pages you visit, the length of time you were on specific pages and the website in general, how you arrived at the site and what you clicked on when you were there.
These cookies do not store any personal information about you eg name, address etc and we do not share the data. You can view their privacy policy below:
Google – https://www.google.com/intl/en/policies/privacy/
Calling our Office
The Anna Bracher does not collect Calling Landline Identification (CIL) or any other information on the origins of a call. We do not record or retain phone conversations.
Emailing Us
Any emails sent to us at [email protected] are recorded and forwarded to the relevant member of staff. The sender’s email address will remain visible to all staff tasked with dealing with the email. Emails may also be sent to members of staff directly and these may be shared internally if required to do so for the purpose of the email for a client engagement. Please be aware that it is the sender’s responsibility to ensure that the content of their emails is within the bounds of the law. Unsolicited material of a criminal nature will be reported to the relevant authorities and blocked.
Processing Client Information
At Anna Bracher we take your privacy seriously and will only use your information subject to data protection legislation, statutory legislation and our duty of confidentiality.
Due to the nature of engagements, Anna Bracher processes personal and other data on behalf of clients on a contractual basis. Where Anna Bracher processes personal data on behalf of a client, the Data Processor and the client is the Data Controller.
Anna Bracher acknowledges our responsibilities as a Data Processor and a Data Controller where relevant, under UK Data Protection legislation.
As a Data Processor, Anna Bracher acknowledges that we process personal data on behalf of the Data Controller, and should:
- Carry out the processing only subject to our instructions from the Data Controller and provide appropriate security measures for the data.
- Comply with Data Protection legislation on all aspects of processing personal data and protecting the rights of data subjects.
- Ensure that personal data is only used for the purpose it was provided for to The Baby Academy.
As a Data Controller, our clients acknowledge that they are responsible under Data Protection legislation for the personal data that is provided to Anna Bracher and should:
- Apply technical and organisational security measures and take reasonable steps to ensure compliance with those measures.
- Comply with data protection legislation on all aspects of processing personal data and protecting the rights of data subjects.
- Take responsibility for any Data Subject Access Requests made in relation to personal data supplied to The Baby Academy.
- Notify data subjects in relation to international transfers, especially outside the EU.
As part of the services offered to clients through our engagement, information which our clients give to us may be transferred to countries outside the European Union (“EU”). For example, some of our third-party providers may be located outside of the EU.
Where this is the case we will take the necessary steps to ensure the appropriate security measures are taken, so that privacy rights continue to be protected as outlined in this policy. If our clients use our services while outside the EU, information may be transferred outside the EU to provide those services.
The client may request Anna Bracher not to use services outside of the EU at any point in the engagement. This may result in a review of the terms of the engagement.
Security precautions in place about data collected
When you give us personal information, we take steps to make sure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear at the bottom of your web browser (such as Google Chrome, Safari, etc).
Non-sensitive details (your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
Other websites
Our website contains links to other websites. This privacy policy only applies to the Anna Bracher website so when you link to other websites you should read their separate privacy policies.
Communication with contacts
Anna Bracher retains contacts in Google Sheets. These systems contain personal data such as the name, address, email address, phone number and associated company. This information is utilised to communicate with contacts, including sending them details of products and services, such as upcoming classes, on a legitimate interest basis. Contacts have the option of opting out of this communication option and / or being removed from our systems at any time and this is highlighted on news, products and services emails. We do not share contacts information with third parties without the consent of the contact. You may also opt out by emailing your request to: [email protected]
Data retention – how long do we keep your personal data
We will not retain your Personal Data longer than is necessary to fulfill the purposes for which it was collected. However, we may be required by applicable laws and/or regulations to hold your personal data longer than this period.
Your data protection rights
You have rights which allow you to address concerns or queries regarding the processing of your personal data, including the rights of access, rectification, erasure, restriction of your personal data, as well as the right to transfer your data, the right to object to some processing and automated decision making, including profiling. Your right may be exercised freely and at no cost.
Enforcing your data protection rights
You may contact Anna Bracher about all issues related to this Privacy Statement, your personal data and to exercise your rights under Data Protection law.
Contact details of our Data Protection Administrator are as follows:-
Name: Anna Bracher
Email: [email protected]
Complaints
If you feel that your personal data has been processed in a way that does not meet the Data Protection legislation, you have a specific right to lodge a complaint with the relevant supervisory authority. The supervisory authority will in due course inform you of the progress and outcome of your complaint.
Changes to our privacy statement
This is a live document, under regular review. This policy was last updated on 5th December 2021.
For and on behalf of Anna Bracher
GDPR Policy
In compliance with General Data Protection Regulation effective 25 May 2018
Introduction
Anna Bracher Data Protection Policy applies to personal data held by The Baby Academy and which is protected by the General Data Protection Regulation.
This policy applies to all staff, the board of management, parents/guardians and others insofar as the measures under the policy relate to them. Data will be stored securely so that confidential information is protected in compliance with Anna Bracher and relevant legislation. This policy sets out the manner in which personal data and sensitive personal data will be protected by Anna Bracher.
Article 5 of the GDPR sets out principles relating to the processing of personal data. These include:
- The processing of personal data must be lawful, fair and transparent
- Personal data is collected for specified, explicit and legitimate purposes.
- Personal data held must be adequate, relevant and limited.
- Personal data held must be accurate.
- Personal data is retained and stored for no longer than is necessary.
- Personal data is processed in a manner that is safe, secure & confidential.
Anna Bracher will process all data in compliance with these principles.
Legal obligations
Implementation of this policy takes into account Anna Bracher’s legal obligations and responsibilities. Some of these are directly relevant to data protection.
Personal Data
The Personal Data records held by Anna Bracher may include:
Client Records:
Categories
These may include:
- Information sought and filed on a Registration Form and Sleep Diary
These records may include:
- Name, address, contact details
- Health Conditions
Purposes
The purposes for keeping records are:
- To comply with legislative or administrative requirements
- To ensure that clients can benefit from the relevant sleep support
Location:
Client records are held in both manual and electronic form. Such files are kept in secure filing cabinets that only personnel who are authorised to use the data can access or in electronic form that is password protected. Employees are required to maintain the confidentiality of any data to which they have access.
Data Access Requests
Requests for access to personal data may be made by completing The Baby Academy Data Request Form, which you can request by emailing [email protected] . Individuals are entitled to a copy of their personal data on written request in compliance with Article 15 of the GDPR.
Where a subsequent or similar request is made soon after a request has just been dealt with Anna Bracher may charge a fee to cover administrative costs.
No personal data can be supplied relating to another individual unless that third party has consented to the disclosure of their data to the applicant.
Data will be carefully redacted to omit references to any other individual and where it has not been possible to redact the data to ensure that the third party is not identifiable Anna Bracher will refuse to furnish the data to the applicant.
In compliance with the GDPR, Anna Bracher may refuse to grant an access request where such a request is deemed manifestly unfounded or excessive.
For and on behalf of Anna Bracher