Privacy Policy

Introduction

This is the privacy notice of Dr Steven Harris Ltd (“we”, “our”, “us”).

We respect your privacy and are committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you interact with us via our website www.drharristraining.co.uk (the “Site”) or otherwise contact us about it.

1. Who we are

The Site is owned and operated by Dr Steven Harris Ltd (“We”). We are a limited company incorporated under the laws of England and our registered office address is 110 Chandos Avenue Whetstone, London, United Kingdom, N20 9DZ.

Controller

For the purposes of data protection laws Dr Steven Harris Ltd is the data controller.

Contact details

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.

Email address: info@harrisclinic.co.uk

Postal address:[The Crouch Hall Road Surgery, 48 Crouch Hall Road, London , N8 8HJ

2. How is your personal data collected?

We may collect data from and about you in the following ways:

• when you correspond with us or speak to us;
• when you use the Site (including through our use of cookies and similar technology), or provide any information about yourself via the Site including when you register for a user account or place an order for a Subscription;
• when our third-party payment processors provide information about you for fraud prevention purposes;
• when you take part in our promotions, competitions or other marketing activities.

For more information on how we use cookies on the Site and how you can disable or refuse cookies, please see our Cookie Policy.

3. The personal data we collect

Personal data, or personal information, means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which will principally be comprised of:

• identity data: username, name, the name of your business;
• contact data: postal address, email address, telephone numbers;
• financial data: details of bank account, payment card, billing address and order history;
• marketing and communications data: your preferences in receiving marketing from us and your communication preferences; and
• technical data: internet protocol (IP) address, browser type and version, time zone setting and location, the number of pages viewed before a purchase and purchase session duration, details of Training Materials accessed and when, browser plug-in types and versions, operating system and platform, and other information about the technology you use to access the Site.

4. How we use your personal data

We will use your personal information only where we have a lawful basis for doing so.  The lawful basis for processing your personal data will depend on the purpose for which it was obtained.  The table below sets out the purposes for which we may process your personal information and the relevant lawful basis/bases that allow for that processing:

“Legitimate interests” means our legitimate interests in conducting and managing our business where these interests are not overridden by your fundamental rights, interests and freedoms.

5. Disclosures of your personal data

We may share your personal data with the parties set out below for the purposes set out below:

• Companies within the Dr Steven Harris Ltd group from time to time.
• Third parties as follows:
  • IT service providers who supply us with services such as IT systems & maintenance, email hosting services, data hosting services, marketing services, location-finding services and website analytics;
  • Payment processors who manage online payments for us and assist with fraud prevention;
  • Our professional advisers including accountants, bankers, and lawyers;
  • Government agencies and regulatory or professional bodies who require information about our processing activities from us or with whom we wish to verify your accreditations or memberships; and
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets.

We require all third parties processing personal data for us to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

The Site may include links to third-party websites, plug-ins, extensions or applications and will include third-party cookies and identifiers.  Detailed information about the third-party cookies (as well as our own cookies) can be found at [INSERT LINK TO COOKIE POLICY].  These third parties are not processing personal data for us.  We do not control those third parties and we are not responsible for their content, use or privacy practices.  We strongly suggest you review the privacy policy or notice of any linked website, plug-in or application before you use it.

In particular, we integrate Google Analytics Advertising Features and Facebook Pixel services with the Site.  When you visit the Site, your web browser will automatically send certain information to Google including the URL of the page that you’re visiting and your IP address. Google may also set cookies on your browser or read cookies that are already there.  Your use of the Site will involve the collection, sharing, and use of personal data for personalization of ads by Google.  Google’s use of advertising cookies enables it and its partners to serve ads to you based on your visit to the Site and/or other sites on the Internet. You may opt out of Google’s personalised advertising by visiting www.google.com/settings/ads. Further information about Google’s use of your data can be found at www.google.com/policies/privacy/partners/.

The Facebook Pixel allows Facebook to receive information when you visit the Site or other sites or apps provided by other companies that use Facebook technologies.  This will include information about your device, websites you visit, purchases you make, the ads you see and how you use our services – whether or not you have a Facebook account or are logged in to Facebook.  Further information about Facebook’s use of your data can be found at www.facebook.com/policies/cookies/.

6. International transfers

Some of our service providers are based (or have part of their systems based) outside of the EEA, and in providing services to you, we may need to transfer your personal information to them in countries that do not afford the same level of data protection as EU member states.  Where your data is processed outside of the EU, we will ensure your personal information is protected by putting in place appropriate safeguards such as EU Commission Standard Contractual Clauses.  Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

7. Updating or requesting access to your personal information

To contact us, please email info@harrisclinic.co.uk

If your personal data changes or if you no longer wish to receive our service, please let us know and we will correct, update or remove your details. Under data protection law, individuals have the right to request access to information about them that we hold; again please let us know if you want to make a request.

Your other data protection rights

       A. By law you have certain other rights.  These are to:

• be informed of how we are processing your personal information, which this is the key purpose of this Privacy Notice;
• request correction of your personal data corrected if it is inaccurate or incomplete;
• have your personal data erased in certain circumstances such as where it is no longer needed by us the purpose for which it was collected or you have withdrawn your consent. Please note however, that in certain circumstances, we may not be able to comply with your request of erasure for legal reasons. If this is the case, we will notify you at the time of your request;
• restrict the use of the processing of your personal data in certain circumstances e.g. where you have told us information is inaccurate and we are in the process of checking this. In such circumstances we will continue to store your information but will not process it further until we have checked and confirmed whether the information is inaccurate;
• object to the processing of your information in certain circumstances – e.g. you may object to processing of your information for direct marketing purposes;
• data portability: where you have provided us with personal information and we use this information either on the basis of your consent or to perform a contract with you, you have the right to receive your personal information from us in a commonly used and machine readable format, and the right to require us to transmit your personal information to someone else if it is technically feasible;
• object to decisions being taken by automated means; and
• to withdraw your consent at any time to processing where we are relying on consent as the lawful basis – e.g. to receiving marketing communications. Please note if you withdraw your consent, we may not be able to provide certain services to you – We will let you know if this is the case at the time you withdraw your consent.

You also have the right to make a complaint at any time to your local data protection authority (a list and contact details of which is available here .We would, however, appreciate the chance to deal with your concerns so please contact us in the first instance.

        B. California

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to:

Postal address: [contact address]

To learn more about your California privacy rights, please visit https://oag.ca.gov/privacy/privacy-laws.

8. Marketing

We will send you marketing communications if you have signed up for them and where you have not opted out of receiving that marketing.  You can opt out of receiving marketing communications by following the opt-out or unsubscribe links on any marketing message sent to you or by contacting us at any time.

9. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

10. Data retention

We will retain any personal data that you provide in accordance with applicable laws and our Data Retention Policy. Subject to applicable law, we will only retain your personal data on our systems for as long as is necessary for the relevant purpose for which it was collected. We will delete or destroy it when it is no longer required.

11. Changes to this privacy notice and your duty to inform us of changes

We keep our privacy notice under regular review. This version was last updated in December 2020.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.