EU GDPR PRIVACY STATEMENT
WELLNESS YOUR WAY LIMITED
Wellness Your Way Limited is committed to protecting and respecting your privacy. We wish to be transparent regarding how we process your personal information and demonstrate that we are accountable, in accordance with the EU General Data Protection Regulation (EU 2016/679) and the Data Protection Act 2018. It is the intention of this Privacy Statement to explain to you our privacy management practices in relation to the personal information that we collect and process.
The scope of this Privacy Statement extends to include all personal information which is collected through our website www.wellnessurway.com. In addition, this Privacy Statement also extends to all personal information which is collected and processed electronically, including email communication, software applications, CCTV Systems, and all other associated technologies. This Privacy Statement does not relate to personal information which is collected and processed manually.
In accordance with the EU GDPR (2016/679) and the Data Protection Act 2018, we are identified as both a Data Controller, and Data Processor of your personal information.
By willingly providing personal and other information, you consent to the terms and conditions of this Privacy Statement. Please read this statement carefully, as this document sets out the basis on how we collect and process the personal information that you provide to us.
WHO ARE WE?
Established in 2021 and based in Co Dublin, Ireland Wellness Your Way Limited are experts in the provision of stress management services, encompassing, mindfulness, meditation, coaching and Reiki treatments. Our bespoke self-healing courses are delivered both virtually and online. We offer our services to individuals privately and, to Employers.
HOW WE COLLECT PERSONAL INFORMATION ABOUT YOU
Personal information is collected when you register on www.wellnessurway.com either by email, or when you complete and submit any of our online forms. The categories of personal information that we collect, and process include, your name, company name, email address, and contact telephone number. To enable us to provide and deliver our services, there will be circumstances when it is also necessary for us to collect personal information relating to health. We use the social media channels of Facebook and Instagram, personal information may be collected from these platforms.
HOW WE USE YOUR PERSONAL INFORMATION
We are legally mandated to identify the specific lawful bases which allow us to collect and process your personal information. In accordance with EU GDPR legislation, we rely on the following legal bases, Consent, Contractual Necessity, Legal Obligation, Legitimate Interest, Public Interest.
There may be occasions when it is necessary to engage with third-party stakeholders and working partners for the following purposes:
To facilitate the delivery of our services
To provide services on our behalf
To perform related services or,
To assist us in analysing how our services are used.
We may process your personal information for more than one lawful basis depending on the specific purpose for which we are using your personal information.
The following table illustrates the various purposes that your personal information may be collected and processed and the legal bases for processing that personal information. Please note, however, that this is not an exhaustive list of our data processing activities.
SOURCE OF COLLECTION
You provide personal information when you visit www.wellnessurway.com. Personal information is also collected when you send an email and when you complete and submit any of our online forms.
We use the Social Media platforms of Twitter, Snapchat, Facebook, and TripAdvisor, personal information may be collected through these channels.
THIRD PARTY SITES
There may be occasions when www.wellnessurway.comcontain links to other sites. If you click on a third-party link, you will be directed to that site. Please be aware that these third-party sites are not operated by us, we strongly advise that you review the privacy statements of any third-party sites. We do not take any responsibility for the content of privacy statements or practices of any third-party sites or services.
We do not actively transfer personal information beyond European territories. However, personal information entered onto www.wellnessurway.com may be transferred to a server in the United States of America and stored there.
Please note that outside the EU and the EEA different standards of data protection might apply. By completing and submitting any online forms on our website, you acknowledge and consent that data may be transferred across international borders, including to countries outside the EU and the EEA.
We will ensure that when personal information is transferred outside the EU and the EEA that local data protection standards meet EU GDPR requirements.
SECURITY OF PERSONAL INFORMATION
We are committed to the protection and security of your personal information. A variety of security technologies and procedures are used to protect your personal information from unauthorised use and access, accidental loss, unlawful destruction, alteration, unlawful disclosure. As effective as security practices are, no physical or electronic system is entirely secure. We cannot guarantee the complete security of databases, nor can we guarantee that information that you supply will not be intercepted while being transmitted to over the internet. Strict security controls have been implemented to ensure that your privacy is safeguarded at every level. We will continue to revise policies and procedures and review systems, and we will implement additional security features as new technologies become available. Any transmission of personal information is at your own risk. When we receive your personal information, we use appropriate security measures to prevent your personal information from being compromised in any way. When you contact us to ask about your personal information, we may ask you to identify yourself, this is to help protect your personal information.
RETENTION OF PERSONAL INFORMATION
Personal information is not retained for longer than is considered necessary to enable us to provide our products and services. Independent Statutory legislation, and Regulatory obligations will influence the retention period of various categories of personal information that we collect and further process. Further information regarding the retention of personal information is detailed in our separate EU GDPR Retention Policy, a copy of which is available upon request.
Taking into consideration the nature of the services we provide, there are circumstances when we gather, process and store personal information relating to children under 13 years. However, before we gather this personal information, explicit written consent is obtained from Parents and Guardians.
DO WE SHARE YOUR PERSONAL INFORMATION?
There may be circumstances when we are legally mandated to share personal information, in accordance with Independent Statutory legislation and regulatory requirements. In addition, there may be circumstances where it is necessary to share personal information with our Working Partners and Stakeholders to enable us to provide our products and services efficiently. We will ensure that all Data Sharing Agreements and Contracts have been implemented prior to the sharing of any personal information. Access to personal information to external Stakeholders and Working Partners will only be afforded when a specific legal and lawful purpose (s) has been identified. Detailed below is a list of Stakeholders and Working Partners with whom personal information may be shared for the purposes of providing our services to our clients. This list is, however, not exhaustive:
• IT Provider/Support
• Web Hosting Co
• Business Partners/External Stakeholders
• Saas Providers
• Payment Gateway Providers
DATA SUBJECT RIGHTS
In accordance with the EU General Data Protection Regulation (EU 2016/679) and the Data Protection Act (2018) you are afforded the following rights in certain circumstances.
Right of Access: You have the right to obtain confirmation whether personal information is collected and processed about you and where that is the case, access to the personal data, including the purposes of processing and the categories of personal data concerned. The recipients or categories or recipients to whom the personal information have been or will be disclosed. You may also submit a written request for a copy of personal information you believe is processed about you.
Right to Rectification: You have the right to the rectification of inaccurate personal information about you without undue delay.
Right to Erasure: You may request us to delete your personal information however, this is not an absolute right, and any such request will be considered in accordance with EU GDPR legislation and local legislation.
Right to Restrict & Object: You have the right to restrict and object to us collecting and further processing your personal information.
Right to Data Portability: Upon receipt of your written request, where possible, a digital copy of your personal information can be shared with you or another organisation.
HOW TO CONTACT US
Taking into consideration the nature of our data processing activities we are not mandated to appoint a designated Data Protection Officer. However, should you have any questions regarding how we collect and further process your personal information please send an email to: firstname.lastname@example.org
Contact Details for the Data Commissioners Office are as follows: 21 Fitzwilliam Square, Dublin 2. Telephone No (00 353 578684800)
CHANGES TO THIS PRIVACY STATEMENT
This Privacy Statement will be updated from time to time, particularly to reflect any changes made, regarding how we collect and process your personal information. Details of any changes made will be posted here. By continuing to use www.wellnessurway.com after any changes are posted, you accept and agree to the privacy statement as modified.