GDPR & Privacy Notice

GDPR & Privacy Policy

GDPR, Data Protection and Confidentiality

Privacy Notice & Cookies

I collect personal information from you as part of my client induction process. In handling this information, I am bound by two sets of rules, the General Data Protection Regulations (GDPR) and my professional body’s (the GHR) code of ethics. This page will explain how these affect the way I work.

 

Who I am and how I process your personal data

 

  • I am both the Data Controller and the Data Protection Officer. My contact details are, Ghitta Basson, ghitta@diversehypnosis.co.uk, 07717 748203
  • The information about you that I collect comes from you, via direct conversations, email correspondence and agreement form (either online or on paper)
  • You have no legal requirement to share information with me, but if you do not I will not be able to offer you my services
  • The purpose of collecting personal information from you is to enable me to decide if I can offer you my therapy services, to administer the therapy programme once you are enrolled, to enable me to invoice you and receive payment, and to provide you with information via email

 

 

I use your personal data for the following purposes

 

  • The categories of data/information I collect include: your name and contact details, your payment preferences, your medical history, your therapeutic issues, case history and ongoing treatment records
  • You give me permission to hold and use this information in line with these guidelines when you apply for therapy services
  • I keep the information you give me for seven years after your treatment finishes, which is the length of time suggested by my professional body and insurance company for client records
  • Sharing your information: I do not share your information
  • My professional body’s code of ethics also allows me to share anonymous case histories verbally or in hypnotherapy publications for the purposes of supervision or training. Anonymous means your personal details are removed and no information that might identify you is used.
  • I only divulge sensitive information where there is a legal requirement for me to do so e.g. where the Children’s Act applies or a court order is issued, or when there is good cause to believe that if I do not disclose information you or others would be exposed to a serious risk of harm.

 

 

My Lawful Basis for processing client personal data

 

  • You have rights over the information I hold about you. These are:
    • Portability – you can ask me to send your information to someone else
    • Rectification – if you think my records are wrong you can ask me to change them
    • Erasure – in some circumstances you can ask me to remove your details from my records (this is sometimes called ‘the right to be forgotten’)
    • Fair profiling – you can ask that any processes I automate are done by a person instead of a computer. I don’t currently automate any information processing, although I may use online forms to collect information.
    • Right of access – you can have a copy of the information I hold at any time, by requesting it in writing. If you do this it will be provided within 30 days and free of charge.
    • Restricting processing – in some circumstances you can request that I stop processing your information
    • Objection – you can object to the way I process information (e.g. if it is used to send you direct marketing and you don’t want to receive this) and can ask me to stop using it in this way
    • Information – you have the right to understand how I collect and process your information (hence this privacy notice)
  • You can withdraw your permission for me to use your information at any time, although it would mean terminating the treatment programme
  • You have a right to complain to the ICO if you have any problem with the way I store or use your data, or if you do not think your rights are being respected (see below)

 

 

Complaints Notice

 

The client has the right to complain to the Independent Commissioner’s Office (ICO) if they think there is a problem with the way we are handling their data

(see https://ico.org.uk/concerns/handling/).

 

What are cookies?

This website uses cookies to collect information. Cookies are small data files which are placed on your computer or other mobile or handheld device (such as smart ‘phones’ or ‘tablets’) as you browse this website. They are used to ‘remember’ when your computer or device accesses this website. The cookies are essential to the effective operation of our website and to enable to you shop with us online. Cookies are also used to tailor the products and services offered and advertised to our customers, both on this website and elsewhere.

 

Information collected

Some cookies collect information about browsing and purchasing behaviour by people who access this website via the same computer or device. This includes information about pages viewed, products purchased and the customer journey around a website. We do not, however, use cookies to collect or record information on users’ name, address or other contact details. Diverse Hypnosis is able to use cookies to monitor individual customer browsing and purchasing behaviour but third parties are not able to identify customers using cookies.

 

Who sets the cookies?

The cookies stored on your computer or other device when you access this website are set by Diverse Hypnosis, our suppliers who partner with us to help deliver a high quality website and on-line shopping experience, and other third parties. Some cookies are set by or on behalf of Diverse Hypnosis and are necessary to enable customers to a make purchases on our website.

Cookies may also be set by third parties who participate with us in affiliate marketing programmes. None of these third parties collect any personal data from which they would be able to identify individual customers.

 

What are cookies used for?

The main purposes for which cookies are used are:-

1. For technical purposes essential to effective operation of website, particularly in relation to on-line transactions.

2. To drive marketing, particularly banner advertisements and targeted updates which are explained in more detail elsewhere in the Privacy Policy.

3. To enable Diverse Hypnosis to collect information about the browsing and shopping habits and activities of customers, including to monitor the success of campaigns,       competitions etc.

4. To enable Diverse Hypnosis to meet its contractual obligations to make payments to third parties when a product is purchased by someone who has visited our        website from a site operated by those parties.

 

 

How do I disable cookies?

If you want to disable cookies you need to change your website browser settings to reject cookies. How to do this will depend on the browser you use and we provide further detail below on how to disable cookies for the most popular browsers:-

 

For Microsoft Internet Explorer:

1.    Choose the menu “tools” then “Internet Options”

2.    Click on the “privacy” tab

3.    Select the setting the appropriate setting

 

For Mozilla firefox:

1. Choose the menu “tools” then “Options”

2. Click on the icon “privacy”

3. Find the menu “cookie” and select the relevant options

 

For Opera 6.0 and further:

1. Choose the menu Files > “Preferences”

2. Privacy

 

What happens if I disable cookies?

This depends on which cookies you disable, but in general the site may not operate properly if cookies are switched off. If you only disable 3rd party cookies you will not be prevented from making purchases on this site. If you disable all cookies you will be unable to complete a purchase on this site.

 

Personal information

Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.

 

Browsing Details

Details collected automatically from the site, including the IP addresses or domain names of the computers utilized by the users who connect to the site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of provenance, the features of the browser and the operating system utilized by the visitor, the various time details per visit (for instance the time spent on each page) and the details about the path followed within the site with special reference to the sequence of pages visited, other parameters about the operating system and the user’s IT environment.