The Client can set up an online account with the DBS to access the services available and to contact DBS.
This Policy explains the Client rights as a user of the DBS’ online account service. There are other DBS Privacy Policies that cover the services provided which can be found at other websites.
These policies include information about how we will use the Client’s personal data to contact the Client when the Client is using DBS services.
We use Google Analytics as part of our ongoing user research. This helps us to:
- check our service is meeting users’ needs so we can make improvements;
- understand how users get to the site; and
- understand what they click on while they are using our service.
1. Who is responsible for managing my information?
http://www.wellbeingactivity.com (the “Website”) owned by WELL BEING ACTIVITY address in London. We take Client privacy seriously. This policy covers the collection, processing, and other use of personal data under the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulations (“GDPR”). (“we” or “us”).
We are responsible for the collection and proper management of any personal information the Client submits.
2. What information do we collect?
— The Client personal information
When the Client setting up an online account with the DBS, the Client will be asked for a range of information including the Client name, date of birth and email address. Information the Client enter online will be held on a secure system.
Please note that if the Client has an online account with the DBS and the Client personal information changes, it is the Client’s responsibility to contact the DBS to confirm the change. Changes can be made via the Client’s online account.
– Full Name of the responsible persons
We also collect website usage information. We do these using cookies (see section 7 below).
— Protecting the Client information The DBS will protect the Client data rights in line with the General Data Protection Regulation (GDPR). We will:
• keep the Client information safe and secure;
• only ask for what is needed, and
• only keep the Client information for as long as it’s needed.
The Client information won’t be made available for commercial use without the Client’s permission.
— The Client individual rights and how we protect them We are committed to protecting the Client rights under GDPR and the right to be informed about how the Client data is processed.
The Client has the right to change the permissions that the Client has given us concerning how we may use the Client data. the Client also has the right to request that we cease using the Client data or that we delete all personal data records that we hold relating to the Client.
The Client can read about the Client individual rights
— Controlling the use of the Client data If the Client has given us consent to use the Client data for a particular purpose the Client can revoke or vary that consent at any time. If the Client does not want us to use the Client data or want to vary the consent that the Client has provided the Client can write to us at the address detailed or email us at any time.
3. How do we use the Client information?
The information the Client provide may be used for various purposes:
– To provide and maintain our Service
– To notify the Client about changes to our Service
– To allow the Client to participate in interactive features of our Service when the Client chooses to do so
– To provide customer support
– To gather analysis or valuable information so that we can improve our Service
– To monitor the usage of our Service (for statistical purposes when we evaluate our range of services)
– To detect, prevent and address technical issues
– To provide the Client with news, special offers and general information about other goods, services and events which we offer that are similar to those that the Client has already purchased or enquired about unless the Client has opted not to receive such information
– To provide the Client with the information, products, and services the Client asks for, and honour any contract the Client has with us;
– To personalise repeat visits to our website
– To tell the Client about other products and services we think may be of interest to the Client (see section 5 below); and
– If the Client is an existing customer, we may contact the Client with information about goods and services similar to those that were the subject of a previous sale to the Client
– Where the Client has consented to receive such information, to provide information on other parties’ products or services that we feel may be of interest to the Client
– Where the Client has consented to receive our e-newsletters, from time to time to provide that to the Client
4. Who will we share the Client information with?
In order to provide the Client with the products and services that we offer we may share the Client information with: – We may disclose the Client information to regulatory bodies to enable us to comply with the law and to assist fraud protection.
– We will share information with ‘relevant authorities’ such as the police, government departments, etc. under the UK Data Protection Act Prevention and Detection of Crime.
– We will also share information under the UK Data Protection Act where disclosures are required by law or made in connection with legal proceedings.
– Where the Client has consented for us to do so, we may provide the Client data to selected third parties who may contact the Client about their goods or services that the Client may be interested in.
– If the Client does not want us to use the Client Data for our [or third parties’] use, the Client will have the opportunity to withhold the Client consent to this when the Client provides the Client details to us on the form on which we collect the Client data or the Client can do so by sending us an email at any time.
– Please be advised that we do not reveal information about identifiable individuals to our advertisers but we may, on occasion, provide them with aggregate statistical information about our visitors.
We may also disclose the Client’s personal information to third parties in the event we sell or buy business or assets, in which case we may disclose the Client’s personal data to the prospective seller or buyer of such business or assets.
— Storage of data the Client data once received, is held in secure computer files with restricted access. We have approved measures in place to stop unlawful access and disclosure. Our IT systems are subject to formal accreditation in line with Government policy. They also align with the security required within GDPR to protect against unauthorised or unlawful processing.
— Inactive online accounts When setting up an online account, the Client will receive an email requesting that the Client take action to activate the online account. If the online account is not activated within 24 hours, it will be deleted.
If an online account is not logged into in the 28 days after activation, the online account will be deleted.
Other online accounts (online accounts that were activated and accessed within 28 days) that have then been inactive for a period of 18 months are deleted.
— Who is the data controller? The DBS is the data controller of the information held by DBS for the purposes of GDPR. A data controller determines the purposes for which, and the manner in which, any personal data is to be processed (either alone or jointly or in common with others).
We have the responsibility for the safety and security of all the data we hold.
— Who are the data processors? Any supplier that works on behalf of the DBS is one of our data processors. A data processor is any organisation that processes data on behalf of the DBS. We make sure that our data processors comply with all relevant requirements under data protection legislation. This is defined in the contractual arrangements.
— Our staff and systems All our staff, suppliers and contractors are security vetted. All staff are data protection trained and are aware of their responsibilities and this is refreshed on an annual basis.
We conduct regular compliance checks on all DBS departments and systems. Additionally, continual security checks on our IT systems are undertaken.
5. When can we contact the Client in the future?
We would like to send the Client information about our own products and services, as well as those of selected third parties. We may do this by post, telephone, email or SMS unless the Client has told us that the Client does not wish to be contacted in this way. We will always ask the Client to confirm in advance that the Client is happy for us to allow third parties to contact the Client by email.
If the Client would like to change any of the Client preferences relating to how we may use the Client information for direct or affiliate marketing, then please update the Client user preferences or send an email to us.
The Client may need to include more precise wording to gain explicit consent if the Client intends to undertake certain direct marketing.
6. How long will we hold the Client information for?
We have a system of retention periods in place to ensure that the Client information is only stored whilst it is required for the relevant purposes or to meet legal requirements. Where the Client information is no longer required, we will ensure it is disposed of securely.
8. How can the Client access and update the Client information?
The Client has the right to request a copy of the information that we hold about the Client. If the Client would like a copy of some or all of the Client’s personal information, please email or write to us at the address below. Please note that we may charge a small administrative fee for the provision of this information.
We want to make sure that the Client’s personal information is accurate and up to date. The Client may ask us to correct or remove the information the Client thinks it is inaccurate.
9. Does the policy apply to linked websites?
The Client might find links to third party websites on our website. These websites should have their own privacy policies, which the Client should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.