WellBeing World Data Protection Privacy Notice
This Notice also explain what your rights are in relation to any personal data about you that is processed by us.
Who Collects the Information?
WellBeing World trading as WellBeing World and WellBeing Reimagined (the ‘Company’ and ‘We’) is a ‘data controller’ and gathers and uses certain information about you.
Completion and return of your details provides the WellBeing World team with your permission to contact you about the WellBeing Reimagined Toolkit and to hold your details for this purpose.
We will not pass your details on to the Participating Practitioners, unless you give us specific permission to do so by registering via the Book Here process.
The way in which we process personal data is governed by data protection law, which includes the Data Protection (Jersey) Law 2018 (the ‘DPJL 2018’), the Data Protection Authority (Jersey) Law 2018 (the ‘Authority Law’) and, where relevant, the General Data Protection Regulation (EU) 2016/679 (‘GDPR’).
Data Protection Principles
We will comply with the data protection principles when gathering and using personal information.
We process data in order to:
Provide you with the services to best suit your needs.
The type of information we collect includes:
• Your name, contact details (i.e. address, email address, phone number);
• Information (including sensitive personal information regarding your physical and/or mental health);
• Information about your use of our IT, communication and other systems, and other monitoring information;
• We may collect information such as your business contact details if We meet you in person, or at a telephone, or online meeting (including images or video obtained during visits to events hosted by Us or in which We are involved);
• Any other information you may provide to Us including that which you provide by filling in the contact form on Our website.
How We Collect the Information
We will usually collect most information from you directly. However, we may also collect information from:
• Publicly accessible sources, e.g. social media sites such as LinkedIn;
• From your colleagues or third-party business contacts who have referred you to us, or put you in touch with us;
• From a third party with your consent (e.g. your Practitioner).]
Why We Collect the Information and How We Use It
We will typically collect and use this information for the following purposes:
• To enter into client relationships and provide the services you have asked us to provide;
• To ensure the security of our computer systems and premises;
• To notify you about goods or services and updates about relevant industry developments and our services, which may be of interest to you.
How We May Share the Information
We will never sell your information or pass it to any third party for marketing purposes or for any other purpose unconnected with the business.
We may need to share some of the above information with other parties such as:
• Any sub-contractors, agents or professional service providers;
• Potential purchasers of some or all of our business or on a re-structuring;
• Courts or tribunals;
• Third parties with whom we engage for the hosting of events or other marketing initiatives;
• Law enforcement agencies where considered necessary for me to fulfil legal obligations applicable to it;
• Regulators or other governmental or supervisory bodies with a legal right to the material or a legitimate interest in any material.
Where we enter into an engagement with a third party pursuant to which data may be processed by that third party, we will impose contractual obligations on them to ensure that they are only allowed to use your information to complete the tasks we have asked them to carry out and that they take appropriate measures to protect your personal data.
We may also disclose your personal data to third parties:
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce any agreement with you; or
• To protect our rights, property, or safety or that of our clients or any third party we interact with.
Other than as set out above, and save insofar as is necessary in order for us to carry out our obligations arising from any contracts entered into between us and you, we will not share your data with third parties unless we have procured your express consent to do so.
Where Information May be Held
Information may be held at our offices and those of our third party agencies, service providers, representatives and agents as described above.
Information is stored on secure systems provided by our third party service provider within Jersey.
How Long We Keep Your Information
We keep your information for no longer than is necessary for the purposes for which the personal information was collected.
Under data protection legislation, you have various rights in connection with any personal data about you that is processed by us as data controller. These include rights to:
• Access to your personal data and to certain other supplementary information that this notice is already designed to address;
• Require us to correct any mistakes in your information which we hold;
• Require the erasure of personal data concerning you in certain situations;
• Receive the personal data concerning you which you have provided to Us in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
• Object at any time to processing of personal data concerning you for direct marketing;
• Object in certain other situations to our continued processing of your personal data;
• Otherwise restrict our processing of your personal data in certain circumstances.
Further information on those rights can be found on the website of the Jersey Office of the Information Commissioner: www.jerseyoic.org
If you would like to exercise any of those rights, please call, email or write to us at firstname.lastname@example.org We are obliged to respond to your request.
Keeping Your Personal Information Secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How to Complain
You can also complain to the Jersey Office of the Information Commissioner (JOIC) if you are unhappy with how we have used your personal data.
2nd Floor, 5 Castle Street, St. Helier, Jersey JE2 3BT
+44 (0) 1534 716530
Changes to this Notice
We reserve the right to modify this notice at any time.
Any changes will be notified and made available via www.jerseyoic.org
Last updated: 16th March 2021.