GDPR & Privacy Policy
Introduction
Clare Ridgway, trading as Biophilia Studio, is committed to protecting the privacy and security of our clients’ personal data. This privacy policy explains how we collect, use, and safeguard your information in accordance with the General Data Protection Regulation (GDPR).
Personal Data Collected
Consultation Forms
During your initial consultation, we collect personal data essential for providing tailored massage therapy services. This information includes, but is not limited to, health-related details necessary to customise our treatments. Please note that this data is recorded exclusively on paper and stored securely in a physical filing cabinet at our premises.
- Retention Period: The retention period for holding client consultation records, as recommended by the Federation of Holistic Therapists (FHT) the professional body we are members of, is 7 years.
- Secure Destruction: Once the retention period has expired, physical records are destroyed by shredding so they can not be reconstructed or retrieved.
Website Enquiry Forms
Our website features an enquiry form that solicits basic information for the purpose of responding to your service inquiries. The data collected includes:
- Name
- Email Address
- Contact Telephone Number
- Nature of Enquiry
This information is used solely to contact you regarding your enquiry about our services.
Use of Personal Data
The personal data collected through both the consultation forms and website enquiry forms is used to:
- Provide personalised massage therapy services.
- Respond to inquiries and provide information about our services.
We assure you that the information collected from the enquiry forms is not utilised for marketing purposes unless explicit consent is obtained. The information submitted to the website enquiry forms is not stored in a database or shared with any third party.
Use of Cookies on Our Website
The Biophilia Studio https://www.biophilia.studio website uses cookies to improve the user experience and analyse site traffic. Specifically, we utilise Google Analytics, a web analytics service provided by Google, Inc. (“Google”).
Google Analytics uses “cookies”, text files placed on your device, to help the website analyse how users interact with the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States & Europe.
Google uses this information to evaluate your website use, compile website activity reports for website operators, and provide other services relating to website activity and internet usage. Google may also transfer this information to third parties where required by law or where such third parties process the information on Google’s behalf.
Using the Biophilia Studio website, you consent to Google processing data about you in the manner and for the above-mentioned purposes. We do not use cookies to collect personally identifiable information about you. See the official Google Analytics page for more information on Google Analytics cookies.
| Cookie Name | Purpose | Expiration | Description |
|---|---|---|---|
_ga |
Analytics | 2 years | Used to distinguish users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session, and campaign data for the site’s analytics reports. |
_gid |
Analytics | 24 hours | Used to store and update a unique value for each page visited and is used to count and track page views. |
_gat |
Performance | 1 minute | Used by Google Analytics to throttle request rate, limiting the collection of data on high traffic sites. |
_utma |
Analytics | 2 years from set/update | Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing _utma cookies exists. The cookie is updated every time data is sent to Google Analytics. |
_utmb |
Analytics | 30 mins from set/update | Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing _utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. |
_utmc |
Session | Session | Historically, this cookie operated in conjunction with the _utmb cookie to determine whether the user was in a new session/visit. |
_utmz |
Analytics | 6 months from set/update | Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics. |
_utmv |
Custom Variable | 2 years from set/update | Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics. |
Data Sharing and Third Parties
Mailer Lite
We use Mailer Lite, a third-party email marketing service provider compliant with GDPR standards, for our marketing and newsletter distributions. We do not share, sell, or disclose your personal data to other third parties without your consent.
You can read MailerLite’s GDPR policy here. https://www.mailerlite.com/gdpr-compliance
Data Storage and Security
Physical Storage
Consultation forms are stored in a locked filing cabinet, accessible only to authorised personnel. We implement strict physical security measures to protect your personal data.
Digital Security
Digital data, such as information collected through our website is encrypted through an SSL security certificate, ensuring any submissions from your website browser, are passed encrypted to the website server. Website form submissions are then passed through Google Mail (gmail) encrypted servers, email read on our computers (that are password protected). Please note, website form submissions are never stored on either our computers or our website server. You can read Google UK’s Privacy Policy here: https://policies.google.com/privacy?hl=en-UK
For newsletter subscriptions via MailerLite, the information you submit is safeguarded by their own security policies to prevent unauthorised access, disclosure, or loss. You can view their full disclosure here: https://www.mailerlite.com/gdpr-compliance
Data Subject Rights & ICO Registration
Under GDPR, you have the right to access, rectify, erase, restrict processing, object to processing, and port your personal data. To exercise these rights, please get in touch with us using the details provided below. We will respond to your request by GDPR guidelines.
Biophilia Studio is registered with the Information Commissioner’s Office (ICO) under registration number ZB678347, in compliance with the General Data Protection Regulation (GDPR).
This registration evidences our commitment to adhere to the data protection principles set forth by the GDPR and the ICO’s guidelines. Our registration with the ICO is part of our broader commitment to the lawful, fair, and transparent processing of personal data.
Data Breaches
In the unlikely event of a data breach, we will promptly notify the Information Commissioner’s Office (ICO) and affected individuals, detailing the nature of the breach, the data involved, and the actions taken to mitigate its impact.
Changes to the Policy
This policy may be updated to reflect changes in legal requirements or our processing activities. Clients will be informed of significant changes through our website or direct communication.
Contact Information
For any inquiries related to your personal data or this privacy policy, please contact:
- Clare Ridgway
- Biophilia Studio
- Email: enquiries@biophilia.studio