Privacy Policy

This privacy notice tells you what to expect us to do with your personal information. Contact details.

Affinitea Wellbeing customer privacy notice

about

Contact Details

Post:Liverpool Business Centre, 23 Goodlass Road, Liverpool, L24 9HJ, GB

Telephone: 07887 889606

Email:hello@AffinityWellbeing.co.uk

What information we collect, use, and why

We collect or use the following information to provide services and goods, including delivery:
  • Names and contact details
  • Date of birth
  • Payment details (including card or bank information for transfers and direct debits)
  • Health information (including dietary requirements, allergies and health conditions)
  • Website user information (including user journeys and cookie tracking)
  • Information relating to compliments or complaints
  • We also collect or use the following information to provide services and goods, including delivery:
  • Health information
  • We collect or use the following information to comply with legal requirements:
  • Name
  • Contact information
  • Criminal offence data (including Disclosure Barring Service (DBS), Access NI or Disclosure Scotland checks)
  • Health and safety information
  • Lawful Basis

    Our lawful bases for collecting or using personal information to provide services and goods are:

  • Consent
  • Contract
  • Legal obligation
  • Vital interests
  • Our lawful bases for collecting or using personal information for legal requirements are:

  • Consent
  • Legal obligation
  • Vital interests
  • Where we get personal information from

  • People directly
  • How long we keep information

    Retention Schedule for a Affinitea Wellbeing

    1. Client Records
  • Client Intake Forms: 7 years from the date of the last treatment or consultation.
  • Session Notes and Treatment Records: 7 years from the date of the last treatment or consultation.
  • Consent Forms: 7 years from the date of the last treatment or consultation.
  • Correspondence with Clients: 7 years from the date of the last communication.
  • 2. Financial Records
  • Invoices and Receipts: 6 years from the end of the financial year they relate to, as required by HMRC.
  • Payroll Records: 3 years after the end of the tax year to which they relate, as required by HMRC.
  • Tax Returns and Supporting Documentation: 6 years from the end of the financial year they relate to, in accordance with HMRC guidelines.
  • Expense Records: 6 years from the end of the financial year they relate to.
  • 3. Business Records
  • Shareholder/Partnership Agreements: Permanently.
  • Contracts with Suppliers: 6 years after the end of the contract.
  • Health and Safety Records: 3 years from the date the records were made, but accident reports should be retained for 40 years if they relate to potential industrial injuries.
  • Insurance Policies: 6 years after the policy has lapsed, though if claims are made, retain until 6 years after the resolution of the claim.
  • Business Correspondence (General): 6 years from the date of the correspondence.
  • 4. Staff Records
  • Personnel Files (including employment contracts): 6 years after the employee has left the organisation.
  • Disciplinary and Grievance Records: 6 years after the employee has left the organisation.
  • Training Records: 6 years after the employee has left the organisation.
  • Accident Records (Employees): 3 years from the date of the incident (or 40 years if related to potential industrial injuries).
  • Pension Records: 12 years after the end of any benefit payable under the policy, in line with The Pensions Regulator's recommendations.
  • 5. Marketing and Communication
  • Email Marketing Lists: Retain until the individual opts out or withdraws consent.
  • Marketing Campaign Records: 6 years from the end of the campaign.
  • Social Media Communication: As per the platform's retention policy or until no longer needed for business purposes.
  • 6. Legal and Compliance
  • Complaints and Incident Reports: 6 years after the last action.
  • Litigation Files: 6 years after the conclusion of the case, or longer if required by legal counsel.
  • Data Protection Records (including GDPR Compliance): 6 years after the record is superseded or updated.
  • 7. Electronic Records
  • Client Emails and Digital Correspondence: 7 years from the last contact.
  • Electronic Financial Records: As per the retention periods for paper-based financial records.
  • Backups and System Logs: As required by business needs, but ensure compliance with retention periods for the data they contain.
  • Who we share information with

  • Emergency services (only where necessary)
  • Your data protection rights

    Under data protection law, you have rights including:

    Your right of access - You have the right to ask us for copies of your personal data.

    Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

    Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances.

    Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.

    Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.

    Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.

    Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent.

    You don't usually need to pay a fee to exercise your rights. If you make a request, we have one calendar month to respond to you.

    To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.

    How to complain

    about

    If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice. If you remain unhappy with how we've used your data after raising a complaint with us, you can also complain to the ICO.

    The ICO's address:

    Information Commissioner's Office

    Wycliffe House

    Water Lane

    Wilmslow

    Cheshire

    SK9 5AF

    Helpline number: 0303 123 1113

    Website: https://www.ico.org.uk/make-a-complaint

    Last updated

    01 September 2024