Privacy Statement
Here is a full privacy statement below which you are free to read – however, this section provides a summary of what data we collect and what we do with it in simple and straightforward terms.
If you have any questions at all, feel free to email us on data@corefitunique.com
Online data – we use google analytics to collect overall data on the number of visitors to our site and what they do when they are there. So, for example, if 100 people viewed our home page and then 86 of them viewed our services page, we can see that information. We also review how long people stay on our site and broadly, where they come from, down to a regional level. We do not store or collect any data on IP addresses or use that data to identify individuals. Although this information may be available through google analytics, it is not used by us or processed in any way.
Customers – we collect the names and addresses of our customers as well as their contact details for the purposes of delivering treatments. This is necessary if we are going to be able to deliver on their requirements. We need to be able to ring customers to confirm appointments and follow up on treatments. We communicate with our customers during the delivery of the treatment on the legal basis of contractual obligation. Once we have completed our treatment, we store customers’ data for 10 years after last contact – when it is securely destroyed (shredded).
You can opt out of receiving any communications, other than that mandated by our contractual obligations, by clicking here.
We pass on your data to our some insurance companies, where you have explicitly given us permission to do so, for the purposes of the insurance company paying for the treatment.
We do not sell your data or pass it on to unrelated third parties. We keep your data as secure as possible, respecting your right to privacy.
You have the right to be forgotten by us. If you want to be forgotten, please click here. We will remove all the data we hold other than what is required under our contractual obligations (we must hold some data when the work has been completed for, or through, insurance companies). We also need to store some data, in a secure place, to ensure that we remember your request to be forgotten (for example should we need to restore systems from a backup, we need to know, to remember, that you wanted to be forgotten).
As part of handling and processing your data we have a designated Data Controller and this is your first point of call should you have any issues or questions about what we do, or why we do it.
Our Data Controller is:
Core Fit Unique
Church Minshull
Nantwich, Cheshire, UK
data@corefitunique.com
Your Right to be informed
You have the right to be informed about what we do with your data, and why. Therefore to ensure that you are, we have complied a handy summary below.
We respect your privacy and safeguard your data.
The personal data we collect, process or use is treated securely and in accordance with the our privacy policy, described below. Whenever you give us personal data, you are consenting to its collection and use in accordance with this policy, including our use of cookies explained below.
This privacy and cookie policy lays out our specific commitments, in compliance with GDPR 2018.
Our Data Controller is
Core Fit Unique
Church Minshull
Nantwich, Cheshire, UK
data@corefitunique.com
Your personal information
Collecting very specific, relevant information is a necessary part of us being able to provide you with the services you are purchasing. We will only use your personal information fairly and securely, and will never do anything with it (such as sharing it with any other party) that you have not clearly agreed to, or that could be considered irresponsible..
How we collect your data – We collect your data from phone calls, emails, and directly from you.
Lawful basis of our processing – we process data under our contractual obligations to you, and also under our legitimate business interests. Contractual Obligations – it is necessary for us to process your data to deliver on our contractual obligations. Legitimate business interest – it is in our legitimate business interests to keep you informed of our services, with the purpose of retaining your custom for future purposes.
When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws.
Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
We collect a range of data – including, name, address and contact details – phone and email, as is required to deliver on our contractual obligations.
We may share this data with insurance companies, where you have given us explicit consent to do so. We do not sell your data to any third parties
We do not transfer data outside of the UK or EEA. However by the nature of the Internet, the personal data you supply through this website may be sent electronically to servers anywhere in the world, google analytics data for example. It may be used, stored and processed anywhere in the world, including countries outside the European Economic Area. Any transfers the data outside the EEA it will ensure that all reasonable security measures are taken and that any third party processers will be required to process the data in accordance with GDPR.
We retain all data for a maximum of 10 years from last purchase or last contact, after which it is securely destroyed.
Your Rights
You can find more information on your individual rights on the ICO website by clicking here https://ico.org.uk/
You can withdraw your consent, for any aspect of our data processing at any time, by emailing data@corefitunique.com.
Please be aware we have to process and maintain data to support of contractual obligations to you and to third parties (e.g. Insurance companies) so withdrawing your consent will not necessarily mean all of your data is deleted. We will retain what is necessary to fulfil our contractual obligations, and also an identifier to ensure we do not collect your data again – so we have a record that you have asked us not to process your data.
You can object to processing to any aspect of our data processing at any time by emailing data@corefitunique.com. Please be aware that we must process and maintain data to support contractual obligations to you and to third parties so withdrawing your consent will not necessarily mean your will not be processed. We will retain what is necessary to fulfil our contractual obligations, and also an identifier to ensure we do not process your data again – so we have a record that you have asked us not to process your data.
You can request rectification – of any of the data we hold on you if you believe it to be inaccurate by emailing data@corefitunique.com.
You have the right to see what data we have on you by emailing data@corefitunique.com. We will deal with your request within 1 month of request.
You have the right to data portability – so we will transfer the data we have on you to any other appointed company at your request. This will not include business confidential information.
You can also lodge a complaint with the ICO if you feel we have not lived up to our obligations by clicking here https://ico.org.uk/concerns/
We do not use our data for the purposes of profiling or automated decision making. Except that we use google analytics data to help develop or website, and details on purchases to manage our stock pipeline. All analytics data is anonymous. If you want to exclude yourself from being monitored by analytics, the simplest way is to use private browsing. We use cookies – specifically google analytics – to track behaviour on our site – using private browsing will ensure that your visits are not tracked. It is not technically possible for us to remove individuals from the analytics data at present.
In order to provide you with the best, tailored experience of our site we will need to place small text files, or ‘cookies’, or your computer. Most cookies that we use are ‘session’ cookies and only exist for the time that you are using our site. They perform functional tasks – such as remembering that you are logged in as you move from page to page, or to pre-load your personal details into forms to save you time.
We also track cookies anonymously to fuel our site analytics and learn how to improve your experience and hone the relevance of our products and services.
We also use cookies in our emails to track open rates and other performance indicators – again, so that we can continually improve the relevance and experience of our offering to you.
You can set your browser to reject all cookies. Please note that if you do this then certain areas of this website will not be able to function for you. Choose a browser setting that rejects third-party cookies but allows the benign, functional ones that make the good stuff work.
External links to any site other than ours are not our responsibility – obviously we cannot control how any other business handles your data.
Security – You can rest assured that all of your personal data is kept secure. Unfortunately, no data transmission over the Internet is guaranteed 100% secure, but we do take appropriate steps to protect the security of your personal data as required under our obligations under GDPR.
We endeavour to keep your personal data accurate and up to date. If you become aware of errors or inaccuracies, please email data@corefitunique.com
Contact – Any queries or concerns about the use of cookies on this website should be sent by email to data@corefitunique.com or addressed to the Data Protection Controller, Core Fit Unique
Church Minshull, Nantwich, Cheshire, UK
Copyright – The Corefit Unique logo and contents of this website (including text, design and graphics) are trademarked and copyrighted materials of either Corefit Unique or its partners. All rights are reserved.
Online Advertising We May Use – We reserve the right to use Google AdWords Remarketing to advertise ourselves across the Internet. AdWords remarketing will display relevant ads tailored to you based on what parts of our website you have viewed by placing a cookie on your internet browser. The cookie does NOT in any way identify you or give access to your device. Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you.
How to Opt Out of Remarketing and Advertising – If you do not wish to participate in our Google AdWords Remarketing, you can opt out by visiting Google’s Ads Preferences Manager.
You can also opt out of any third-party vendor’s use of cookies by visiting www.networkadvertising.org/choices/
This Policy was updated on 3rd May 2018.
Data Retention Policy
We store your data as securely as is practical, respecting your privacy.
It is securely stored in a single locations, our offices.
We store data for a maximum of 10 years after the point of last contact, after which it is securely destroyed. It is a requirement for us to retain data, where it is relevant to insurance companies or health providers, or where there is a contractual obligation.
We believe that 10 years is a reasonable time scale, allowing us to retain information should it be required for insurance claims or treatment. CSP guidance requires us to store data for this length of time.
Data is securely deleted, and/or shredded at the end of the retention period.
A small amount of data – such as analytics data on our website – is stored permanently.