Retention Policy
1.1 Purpose
The purpose of this policy is to detail the procedures for the retention and disposal of personal information records, to ensure that we carry this out consistently and that we fully document any actions taken. Unless otherwise specified the retention and disposal policy refers to both hard and soft copy records.
1.2 Review and updates
This policy was created on 19th December 2017. Leith Pilates Ltd. will review this policy regularly to ensure it stays up to date. The last review of this policy was on 19th December 2017.
1.3 Administration
Detailed in section 1.7 is a Record Retention Schedule that is approved as the initial maintenance, retention and disposal schedule for both physical and electronic records belonging to Leith Pilates Ltd. Mr. Andrew Pearson (the “Administrator”) is the officer in charge of the administration of this policy and the implementation of processes and procedures to ensure that the Record Retention Schedule is followed. The Administrator is also authorised to make modifications to the Record Retention Schedule to ensure it is in compliance with local laws.
1.4 Suspension of record disposal in event of legal claims
In the event that Leith Pilates Ltd. is served with any legal requests for documents relating to a specific individual, any further disposal of documents shall be suspended until the Administrator deems otherwise. When record disposal resumes, all records that have passed their disposal date will be retrospectively handled.
1.5 Audit trail
Disposal of records that have been listed on the Record Retention Schedule will not be recorded. Records disposed of out with the schedule either by being disposed of earlier or kept for longer than listed will be recorded for audit purposes. This will provide an audit trail for any inspections conducted by the Information Commissioner and will aid in addressing Freedom of Information requests where Leith Pilates Ltd. no longer holds the material.
1.6 Disposal method
When disposing of a physical record, pages will be shredded if all data on said page is required to be destroyed. If a page has both data that is required to be disposed of, as well as data that is required to be kept, the data to be disposed of will be either cut out of the page or obscured using some form of correctional fluid.
Disposing of electronic records will be done with standard deletion methods available on Windows operating systems.
1.7 Record Retention Schedule
All data on clients will be kept for 7 years after their last session with Leith Pilates Limited as required by our insurance (BALENS)
Privacy Policy
Leith Pilates takes your privacy seriously and is committed to protecting your personal information. This page informs you of our policies regarding the collection, use and disclosure of personal information when you use our service. We will not use or share your information with anyone, except as described in this privacy policy. Leith Pilates Ltd. Company Number SC506873, registered at Companies House, Edinburgh, 27th May 2015 operates the website www.leithpilates.co.uk Any information you give us is used exclusively by Leith Pilates Ltd. for the purpose of ensuring the safe practice of Pilates by our instructors or guest instructors. We do not share any personal information with any third parties, nor will we rent, sell, disclose or distribute your information to any outside parties unless required to do so by law.
Enrolment Forms & Medical Information
We ask everyone who attends a Taster class or studio session to fill in an enrolment form. This asks you for your name, address and phone-numbers and has a large health information section. To be able to do our job as Pilates teachers, we need to ask you information about health conditions and injuries. It is very important you give accurate and current information to us, and keep us up-to-date with your state of health. Enrolment forms are stored as paper copies in a secure location and certain elements transferred to a password protected database. Only Andy Pearson, the senior Pilates instructor and owner of Leith Pilates Ltd, has access to the secure location and to the electronically stored copies. We will not discuss teaching you or any details of your health with anyone outside of our group of Pilates teachers working with Leith Pilates. We will only discuss your health between teachers when you are going to see another teacher. We may ask your permission to talk to, or email your physiotherapist, consultant, doctor, or other health professional if we think this will benefit your treatment or is required to teach you safely. You are entitled to see this correspondence if such permission has been requested.
Marketing
From time to time, we will send you emails relating to the classes that you attend, new terms that are starting and guest instructors that will be available. We may also send you emails relating to payments that are due. You can unsubscribe from any marketing emails at any time by using the link at the bottom of each email.
Cookies
Our website uses cookies, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
The cookies that we use allow us to:
- remember your preferences during and between visits
- continuously improve our services, website, and marketing
We do not use cookies to:
- collect any personally identifiable information
- collect any sensitive information
- pass personally identifiable data to third parties
Cookies on this site are set by Google Analytics and Leith Pilates Ltd:
Leith Pilates use a cookie to remember if you’ve accepted our cookie / privacy policy.
Google Analytics uses cookies to keep track of the number of times a visitor has been to the site, which pages they visit and how long they spend there, what search terms brought them to the site, what OS / browser / network they’re using, and what links they follow within our site. You can find out more about Google Analytics here: http://www.google.com/analytics/learn/privacy.html
Turning Cookies Off / Opting Out
Almost all browsers and devices can be instructed not to accept cookies. Please consult the Help pages for your browser (usually available via the F1 key), or your device’s instruction manual for details. Please be aware that the functionality of the site may suffer as a result.
Here are some links for the more popular browsers Chrome: https://support.google.com/chrome/answer/95647
Firefox: http://support.mozilla.org/en-US/kb/block-websites-storing-site-preferences
Safari: http://support.apple.com/kb/PH11913
Internet Explorer: http://windows.microsoft.com/en-gb/windows7/block-enable-or-allow-cookies
To provide website visitors more choice on how their data is collected by Google Analytics, Google have developed the Google Analytics Opt-out Browser Add-on. The add-on instructs the Google Analytics JavaScript not to send any information about the website visit to Google Analytics. If you want to opt out of Analytics, download and install the add-on for your current web browser. The Google Analytics Opt-out Browser Add-on is available for Microsoft Internet Explorer, Google Chrome, Mozilla Firefox, Apple Safari and Opera.
Legal Compliance
We will disclose your personal information where required to do so by law or in accordance with an order of a court of competent jurisdiction, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.
Security
The security of your personal information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. As such we make no warranties as to the level of security afforded to your data, except that we will always act in accordance with the relevant UK and EU legislation.
International Transfer
Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the information, including personal information, to the United Kingdom and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. In the event that a dispute arises with regards to the international transfer of data, you agree that the courts of Scotland shall have exclusive jurisdiction over the matter.
Links to Other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Children’s Privacy
Our service does not address anyone under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will take steps to remove that information from our servers.
Changes to this Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this privacy policy periodically for any changes. Changes to this privacy policy are effective when they are posted on this page. If we make any material changes in this privacy policy, we will notify you either through the email address you have provided us or by placing a prominent notice on our website.
Jurisdiction
This policy shall be governed and construed in accordance with the laws of Scotland, without regard to its conflict of law provisions.
Right of access, amendment and deletion of personal data
In accordance with the General Data Protection Regulation due to be released on 25th May 2018 you have the right to access, rectify, restrict and delete any information that we hold relating to you. Please make any such request via the contact us page. In accordance with the terms of the new regulation, we will respond to you within one month.
Contact us if you have any questions about this privacy policy.