I, Mike Corfield, understand that, as part of my training and/or health screening processes I’ve advertised on this website, personal data may be provided to me. That personal data is entrusted to me and I appreciate the importance of protecting and respecting your privacy. To this end, to confirm, I comply fully with the data protection law in force in the UK, including the recently introduced European Union General Data Protection Regulation.
This Privacy Notice sets out the basis on which I may collect and process data about you and your rights regarding that data.
What personal data may I collect from you?
When I refer to personal data in this policy, I mean information that can or has the potential to identify you as an individual. I may hold data about you as a client, a patient or in any other capacity, for example, when you visit my website, complete a form, access my services or speak to me.
Just as an example, this may include information like your:
- contact details
But this is likely to also include special category data, that relates to the following:
- Blood pressure
- Vo2 max
- Blood glucose
- Body fat %
How may I use your data?
I will only collect and process data for the purposes of the legitimate business interest of my business. The purposes or grounds for processing your personal data could be the following; (i) if it is necessary to provide you with my services (i.e. to enable me to carry out my obligations under our personal training contract) (ii) any related matter to these services (such as billing, accounting and audit, credit or other payment card verification) (iii) notifying you about changes to the services I offer and/or (iv) to conduct analysis and market research.
How I store your personal data
I may store your personal data for as long as it is necessary or required in order to fulfil legal, contractual or statutory obligations and, or for the establishment, exercise or defence of legal claims, and in general where I have a legitimate interest for doing so. I will always store your data with appropriate security measures to prevent unauthorised access.
Note, at your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so understanding the risks associated with doing so.
Disclosure and Transfer of Personal Data
I may only transfer to or share your personal data with third parties for the reasons and purposes as mentioned above. I cannot be liable for the processing of your personal data by third parties. Third parties are themselves responsible for compliance with the GDPR.
Special Category/Health information collected during provision of treatment or services
From time to time I may also make information available on the basis of necessity for the provision of healthcare, but subject always to client/patient confidentiality.
In an emergency and if you are incapacitated, we may also process your personal data (including special category data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).
Your rights over your personal data
Your rights as regards your personal data include the following: to review and to obtain information on your personal data, to correct and to erase your personal data as processed by us, to object to or to restrict our processing of your personal data, data portability, to submit a complaint with a supervisory authority, to withdraw your permission, and the right to know how I protect your personal data.
Questions and updates
I may update this Privacy Notice from time to time to keep up to date with UK and EU data laws. I’ll advise you to periodically review this Privacy Notice to be informed of how I’m is protecting your privacy.
If you have any questions with respect to this Privacy Notice, please email: firstname.lastname@example.org