Hannah Randall T/A The Well Nest
Using Your Personal Information
Your personal information will be processed by Hannah Randall (trading as The Well Nest) as data controller. The lawful basis of processing your personal information is out of necessity for the performance of a contract (e.g. when purchasing products or services) and with your consent (e.g. where submitting your data via the online contact form and when processing your sensitive personal data).
Personal information that you supply to the data controller may be used in a number of ways (this list is not exhaustive), for example;
- To administer your attendance and participation at classes and events
- To assist in providing guidance or additional information relating to particular health conditions or concerns as they may relate to the practice of yoga or mindfulness
- To administer the financial aspects of your participation in classes and events and product purchasing
- To manage facilities and resources
- To manage quality and effectiveness of provision of goods and services
- To ensure safety and security of people and possessions
- For delivery of information relating to class scheduling
Sharing Your Personal Information
Your personal information may be shared with third parties with your consent, where disclosure without your consent is required or permitted by law or where the data controller instructs or works with a third party for the purposes listed above. Your information will not be shared externally for marketing purposes.
The data controller currently shares personal data with the following companies to carry out the purposes listed above:
iZettle (payment processing) – privacy policy
MailChimp (email management) – privacy policy
WordPress.org (website management) – privacy policy
123-reg Ltd (web hosting) – privacy policy
VOD Pro/WebOptic Ltd (members course platform and on demand hosting) – privacy policy
Some of the third parties that the data controller shares your personal data with are based outside of the EEA. From the third parties listed above, MailChimp and WordPress.org are based in the US and have certification for their data security through the Privacy Shield framework. For more information, please visit Privacy Shield.
The data controller will not carry out automated profiling using your personal data.
Data Retention and Your Rights
Your personal information will be retained by the data controller for 12 months after the date of the last contact received from you. After the retention period has expired, personal data will be deleted on an annual basis. If you object to having your information retained, you may be able to withdraw your consent (where that is the basis for processing your data) by contacting [email protected] You also have the right to access your personal information (in a format that is usable to you for other purposes), correct inaccurate or incomplete information or request that your personal data be deleted or processing restricted.
You may receive communications from the data controller which are informational and relate to the products and services you purchase. If you do not wish to receive communications, you can opt out at any time by contacting [email protected]
If you are unhappy with the way your personal information is processed, please lodge a complaint in the first instance by contacting [email protected]. You also have the right to complain to the Information Commissioner