OUR DATA & PRIVACY POLICY
Your privacy is of great importance to us and we are committed to complying with the terms of the General Data Protection Regulation (GDPR) regarding the responsible and secure use of your data.
The purpose of this statement is to let you know what personal information we collect and hold, why this data is collected, how long it is kept and what your rights are with regards to this personal data.
When you attend classes with us, you will be asked to consent to the collection of your data under the terms of this policy. We at The Raphael Studios will be responsible for this data management and will abide by this privacy statement.
What information do we collect?
We will ask you for personal data such as name, date of birth, gender, telephone numbers, email address, along with potentially sensitive data relating to any relevant medical and mental health conditions.
What do we (The Raphael Studios Team, TRST) use your information for?
We use your information in the following ways:
​
1. To safely provide you with the training requested of the Studios team
​
2. To notify you about classes and all events related to the Raphael Studios
​
3. To fulfil any administrative, legal, ethical and contractual obligations
What information do we (TRST) share?
We will never share any information about you with other organisations or people, except in the following exceptional situations:
​
1. Where you give us your consent and request to discuss your training with another health/sports professional
​
2. Serious harm – we may be required share your information with the relevant authorities if we have reason to believe that this may prevent serious harm being caused to you or another person
​
3. Compliance with law – we may share information when the law requires us to - i.e. safeguarding, terrorism, drug trafficking and serious crime
How do I keep your information safe?
1. All information you provide is stored as securely as possible, password protected, and accessible only to the director of TRST. We will take all reasonable precautions to prevent the loss, misuse or alteration of information given
2. All paper forms and correspondence are kept in locked filing cabinets
3. Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects, we cannot bear responsibility for all communications being virus free
4. Client notes and other documentation are destroyed three years after the end of your classes
5. Any known data breaches will be reported to the ICO within 72 hours
6. Any requests for personal data need to be made through a data subject access request to info@theraphaelstudios and will be supplied within one month
Your rights
Under the GDPR, you have the right to:
1. Access your personal data - Rectify, erase or restrict your data - Object to the processing of your data - Request transfer of data (data portability)
2. You may withdraw your consent for The Raphael Studios to hold and process your data at any time. However, if you do this while actively receiving yoga/meditation classes they may have to come to an end. You can withdraw your consent by stating this on an email to info@theraphaelstudios.com
3. If you have any concerns about the way your data is being handled, please contact me, Bridget, on info@theraphaelstudios.com directly. If you feel this has not been resolved effectively you have the right to contact the Information Commissioners Office (www.ico.org.uk)
Changes to this policy
This document is a work in progress and may be modified from time to time.
Updated and reviewed: January 2021.
​
For more information contact Bridget at info@theraphaelstudios.com.