Article 13 Fair Processing Notice for the following data subjects:
For other Fair Processing Notices please contact email@example.com.
We will hold your information and for the purposes of the Data Protection Act 1998, we are the data controller. We are Headspace Group Limited; a limited company registered in the UK with company number 08213962, registered office at 10 Queen Street Place, London, EC4R 1AG (“Headspace Group”).
When someone visits our website, www.headspacegroup.co.uk, we collect standard internet log information (including but not limited to location data, time zone setting, the internet protocol (IP) address used to connect your computer to the internet, browser type and version) and details of visitor behaviour patterns (including but not limited to the full Uniform Resource Locators (URL) click stream to, through and from our website, page response times, services you viewed or searched for and length of visits to certain pages). This does not include personal information related to a person but it includes user behaviour. We do this to find out things such as the number of visitors to the various parts of the website.
When you place an enquiry with Headspace Group either directly or indirectly through an intermediary, such as an online broker, we store information that you have consented to be supplied including your contact information and business requirements. This information is stored in a secure CRM system. We use this information to store account history and contact you via email or phone during and after the sales process based on the requirements you have given us. We also hold this information for a maximum of seven years in our CRM for financial requirements and two years for marketing communications to continue to provide any services to you that you have requested and to carry out our obligations arising from any contracts entered into between you and us.
We may also contact you about services similar to those which were the subject of your original communications with us, but only where you have opted in to marketing communications when you submitted your contact details to us, or subsequently.
You can be suppressed from our CRM system by contacting firstname.lastname@example.org and all of our emarketing communications have a clear ‘unsubscribe’ mechanism where you do not wish to receive further marketing from us. The “Headspace Group Group” means our subsidiaries and our ultimate holding company from time to time, and any subsidiary from time to time of our ultimate holding company as defined in section 1159 of the UK Companies Act 2006.
When you call Headspace Group’ sales/helpline we collect Calling Line Identification (CLI) information. We use this information to help improve efficiency and effectiveness by identifying the source and webpage the call has been generated to direct the call most efficiently the call receiver group.
However, there may be situations where you do not want us to collect CLI information. The simplest way to deal with this is to dial 141 before dialing our number. Always dial the 141 first, in front of any other numbers. However, if you are dialing from an extension on a business switchboard system, where you have to dial (typically) 9 for an outside line, you should dial 9 first, then 141 and then the outside number.
When you dial 141, this is described as ‘blocking your CLI’. As mentioned above, it stops us from knowing your number. You should note, however, that your phone company and their operators can always see your number should they need to.
Calls to our Headspace Group sales/helpline may be monitored and/or recorded for authentication, security, quality or training purposes. Generally, a call will not be retrieved or monitored unless:
When we receive a complaint we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone personally.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for two years from closure in a secure environment.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
When we take enforcement action against someone, we may publish the identity of the defendant in our Annual Report or elsewhere. Usually we do not identify any complainants unless the details have already been made public.
If you apply online to work for Headspace Group or for the Headspace Group, we will only use the information you supply to us to process your application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Disclosure and Barring Service we will not do so without informing you beforehand, unless the disclosure is required by law.
Your personal information, including a copy of your CV, will be held for a period no longer than six months, it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.
We try to be as open as we can be in terms of giving people access to their personal information which may be stored by us. Individuals can find out if we hold any personal information subject to the exclusions set out in the Data Protection Act 1998, by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:
To make a request for access to the personal information we may hold you need to put the request in writing addressing it to Headspace Group, Corporate department, CentralPoint, 45 Beech Street, London EC2Y 8AD. Any access request will be subject to a fee of £10 to meet our costs in providing you with such information.
In many circumstances we will not disclose personal data without consent. However, when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies. We may also share your information with third parties:
If we refer any dispute between us to the ODR Platform http://ec.europa.eu/consumers/odr, and/or we agree to engage in any alternative dispute resolution (ADR) procedure with you through the Platform, then to the extent that your personal data is relevant to the dispute we may disclose it to the European Commission, as operator of the ODR Platform, and to any ADR provider appointed to deal with the dispute.
We aim to keep your personal information for a period no longer than we deem necessary. This period is up to a maximum retention period of seven years for financial record purposes. For personal information relating to a complaint, this will be retained for two years from closure of the complaint. Please see ‘People who make a complaint to us’ above for further information about this. For marketing purposes our retention period is two years.
We may keep your personal information for as long as we have your consent and for as long as necessary for us to comply with the law and to respond to any disputes or queries that may arise during that period.
Information that you post via social networking sites linked to our website, including but not limited to Facebook, Twitter, Google+ and Linked In, is generally accessible to and may be collected by others. This may result in unwelcome communications. For your own safety and security, you should not provide any information on the aforementioned sites, that you would not want others to see.
If you do provide any information via social networking sites linked to our website, we do not accept any responsibility or liability for any breach of privacy, loss (whether in contract or tort, including negligence), damage, effect on your reputation or otherwise, directly or indirectly, relating to your use of social networking sites.
The personal information that we collect from you is stored on the secure servers of our web services provider. We have in place a level of security appropriate to the nature of the information that we store and the potential harm that may arise from a breach of security.
We are committed to safeguarding the security of your personal information. We have implemented technical and organisational measures that are appropriate to the nature of the personal information and the harm that may result from your personal information being accidentally or deliberately compromised.
Unfortunately, the transmission of information via the internet cannot be guaranteed as 100% secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. If we become aware that the security of your personal information has been compromised, we will contact you by email, SMS, by post or as otherwise required by law.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website. Cookies can, among other functions, remember user preferences and recommend content. Cookies do not themselves identify the individual user, but rather the computer used.
The types of cookies we currently use on this website are set out below. :
Google sets these performance cookies, which These cookies are used to collect information about how visitors use our site. Google stores the information collected on servers in the United States. Google may transfer this information to third parties where required to do so by law, or where third parties process the information on Google’s behalf. Google state that they will not associate your IP address with any other data held by them.
Click here for an overview of privacy at Google
This cookie is set by our content management system. It tracks when the user is logged in and enables a profile. This cookie is essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website.
We do not actively use the data or export for marketing purposes, it is purely for website functionality.
Some sections of the site may have a shopping cart functionality. During the selection process through to Checkout the user is tracked by profile to enable a complete booking to be placed in our CRM system. This is an automated process.
The purchase details are stored in the website database for an audit trial of purchase. This information is not exported and never distributed.
The payment is processed by a third party eg.Paypal or Google checkout and we do not have access to this part of the payment or any associated information other than the basic requirements for us to process a booking and register it in our CRM system.
This cookie is a functionality cookie which tracks the page and visitor trail through the site, and the IP location to enable rapid response. This cookie remembers your choices in order to improve your experience. No personal detail is taken without request.
The web chat has a non-mandatory login. If the viewer chooses to input their details they are stored on their cookies for future recognition so we can quickly identify any previous enquiries.
This cookie allows us to reach visitors to our website with an advert to our services when those visitors use Facebook.
This cookie allows us to reach visitors to our website with an advert to our services when those visitors browse their Twitter timeline.
This cookie tracks IP address so we can ascertain the location of visitors.
Further information can be found here: https://www.leadforensics.com/privacy-and-cookies/
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
You have the ability to accept or decline cookies by modifying the settings in your browser. For example, in Internet Explorer, you can go to Tools and Internet Options, where there is the option to change your settings to disable cookies. However, you may not be able to use all the interactive features of our site if the cookies are disabled. You also have the ability to delete cookies that have been installed in the cookie folder of your browser. To do this you should search for “cookies” in your “Help” function for information on where to find your cookie folder.
We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page: http://support.google.com/youtube/bin/answer.py?hl=en-GB&answer=171780