Mind Works Privacy Policy
In accordance with The General Data Protection Regulation
1. Introduction to our policy
We take the processing, storing and controlling of data extremely seriously and know how important it is. Within this Privacy Policy we want to set out clearly and concisely, how we process your personal data. For some of our services, we merely act as a data processor and process your personal data on our client’s instructions.
Personal data is defined as that belonging to any individual (including a sole trader business).
We will never sell, commercialise or use your data in violation of applicable data protection laws and at no stage do we attempt to profit from your data in any capacity.
2. Complaints
Should you have any grievance in which relates to any handling of your data, please put the complaint in writing to the address below, marked for the attention of the Data Control Officer. We will respond to your complaint within 14 with a formal acknowledgement, we will then write to you within a further 30 days with our official response and offer (if necessary) redress and a full explanation of how the matter has been dealt with and steps we have taken to improve our processes.
All complaints should be put in writing to:
FAO: Data Control Officer, 130 Old Street, London, EC1V 9BD
3. Instances we use your data
If you complete any of our online forms to register an interest in our service and/or the use of our platform, we will process your personal data to discuss our services and may use your data to contact/follow up with any online enquiry you make.
We may also send information for you or your company about Mind Works or any other new product that might be of interest/relevance to you.
We may retain your personal data for some time (see section 5) in order to invite you to try other new products or complete any online feedback forms. You will always be provided with an option to opt out (see section 7)
4. Data & Information we collect from you
We will obtain the following information for you to complete our online forms:
• Your name
• Your job title
• Your email address
• Your contact details
Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests.
5. Who we share your data with & why
We do not not share your data with any other processors. We will however share your data in the instance where legal or regularity disclosure is required.
Your data is only controlled by a third party upon therapy sessions commencement via Mind Works platform. The platform and its data is stored solely on SiteGround UK servers, whilst we use a third party named Premium Web, Software & App Development for constant development and bug-fixing of the platform and for not for the purpose of reviewing, investigating or using your data.
Data of those to whom use the Mind Works platform for ongoing therapy can only be seen by the Therapists they in care of. Neither ourselves, nor our clients access this data for any reason, save as to legal or regulatory disclosure to which we are bound by law to oblige with.
6. Your rights
You have the right to know if your personal data is being held, what categories of data are held, and to receive a copy of all data about you.
You have the right to correct any inaccurate data, or remove and destroy data if it is not necessary for us to hold it.
You can object to processing for direct marketing (opt-out), or if it could otherwise affect your rights, freedoms or interests. In the instance where you have begun therapy, we reserve the right not to delete your data if it is believed to be of detriment to you or your ongoing wellness/progress. We are obliged to put any decision of this type in writing within 14 days.
You also have the right to lodge a complaint with a regulator authority, although we would always encourage you to contact Mind Works first. In the instance you wish to escalate or make a complaint to an external body, please visit www.dataprotection.ie
It is important to remember that the data protection laws give you a series of rights regarding the personal information that we manage about you. The above list is not exhaustive and includes access, rectification, erasure, limitation, objection, portability, as well as not being subject to automated decisions and to remove your consent at any time.
If you would like to exercise these rights, please put in writing to our address (see section 2) or alternatively by email at ben@mindworksnow.co.uk. Should you wish to exercise your rights via a third party, we will require signed and written authorisation from yourself to release such information.
7. How long we keep your data
We retain and store your personal data for different periods of time, dependant on the type of data involved and the purposes of the processing, however a general criteria is detailed below:
• We will permanently destroy any of your data collected from the website after 6 months from last opening any email/form we have sent to you
• We will permanently destroy or stop processing your data if you withdraw consent or require us to do so.
• In the instance you are under care via the Mind Works platform, we are not obliged to immediately destroy your data as this would be of potential detriment to you. Please see section 6 for more information on your rights in this regard.
8. Conclusion
Mind Works has a responsibility for ensuring the security, integrity and confidentiality of personal information.
We make a huge commitment towards safety and compliance, always working within the remits of current legislation. As such we have taken as many measures as possible to safeguard your data.
Utilising robust security measures and technical means to prevent any loss, misuse or access without your authorisation.
We do our utmost to protect all communications between the platform, website and the servers in line with best practice by using encryption of Laravel via password hashing, specifically secure 'Bcrypt' hashing. This ensures we are drastically reducing the risk of any data being hacked or leaked from our systems and ensures breaches are kept to an absolute minimum.
Updated 8th October 2020