Dragonfly Wellness Dorset
This Privacy Notice applies between you, the user of this website and Nestrem Limited (trading as Dragonfly Wellness Dorset), the owner and provider of this website.
At Dragonfly Wellness Dorset, we’re committed to protecting and respecting your privacy.
The purpose of this notice is to explain to you how we control, process, handle and protect your personal information through the business.
This privacy notice is provided by Nestrem Limited. The registered address is 35 St. George’s Road, Shaftesbury, Dorset, SP7 8NJ.
This Privacy Notice explains when and why we collect personal information about people who visit our website and interact with Dragonfly Wellness Dorset via telephone, email and any other forms of correspondence. It covers how we use this information, the conditions under which we may disclose it to others and how we keep it secure.
We may change this notice from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using this website and corresponding with Dragonfly Wellness Dorset, you’re agreeing to be bound by this notice.
Any questions regarding this notice and our privacy practices should be send by email to email@example.com. Alternatively, you can telephone 07979052236.
Notice key definitions:
· "I", "our", "us", or "we" refer to the business, Nestrem Limited.
· "you", "the user" refer to the person(s) corresponding with us.
· GDPR means General Data Protection Act.
· ICO means Information Commissioner's Office.
Who we are
Dragonfly Wellness Dorset is a training organisation focused on personal and organisational development in particular providing guidance and training to support mental wellness.
How do we collect information from you?
We obtain information about you when you use the website, email, telephone or correspond with Dragonfly Wellness Dorset, for example when you contact us about products and services.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, IP address and information regarding what pages are accessed and when.
When you make a payment directly to us the information is only stored on the HSBC business banking account for Nestrem Limited, no account information is held on a separate system by us. Below is an in-depth summary of the different categories of data we may use.
- Communication Data that includes any communication that you send us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
- Customer Data that includes data relating to any purchases of goods and / or services such as your name, title, billing address, delivery address, email address, phone number, contact details, purchase details and your card details. We process this data to supply the goods and / or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between you and us and / or taking steps at your request to enter into such a contract.
- User Data that includes data about how you use our website and any online services together with any data that you post for publication on our website or through other online services. We process this data to operate our website and ensure relevant content is provided to you, to ensure the security of our website, to maintain back-ups of our website and / or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business.
- Technical Data that includes data about your use of our website and online services such as your IP address, your log in data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy.
- Marketing Data that includes data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products and services, to develop them, to grow our business and to decide our marketing strategy.
- We may use Customer Data, User Data, Technical Data and Marketing Data to deliver relevant website content and advertisements to you (including social media adverts and other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. Our lawful ground for this processing is our legitimate interests which is to grow our business. We may also use such data to send other marketing communications to you. Our lawful ground for this processing is either consent or legitimate interests (namely to grow our business).
- Sensitive Data refers to data that includes details about your physical or mental health, race or ethnicity, religious or philosophical beliefs, sexual orientation, trade union membership and armed forced background. We require your explicit consent for processing sensitive data, so when you submit your details you will be asked to provide your consent for this processing.
- Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract. If you do not provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
- We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary. If we need to use your details for an unrelated new purpose we will let you know and explain the legal ground for processing.
- We may process your personal data without your knowledge or consent where this is required or permitted by law.
How is your information used?
We may use your information to:
- Process orders that you have submitted;
- Carry out our obligations arising from any contracts entered into by you and us;
- Seek your views or comments on the services we provide;
- Notify you of changes to our services;
- Send you communications which you have requested and that may be of interest to you. These may include information about information about campaigns, events, other activities and promotions of our associated companies’ goods and services;
- Process a job application.
- Anonymised statistical reporting.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf
We may pass your information to our third-party providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process payments and send you mailings).
However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not use it for their own direct marketing purposes.
Please be reassured that we will not release your information to third parties for them to use for their own purposes, unless you have requested us to do so, or we are required to do so by law, for example, by court order or for the purposes of prevention of fraud or other crime.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us, then you can select your choices by ticking the relevant boxes situation on the form on which we collect your information.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting us by email: firstname.lastname@example.org or telephone on 07979052236.
How you can access and update your information: your legal rights
Under data protection laws you have rights in relation to your personal data. These rights include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and where the lawful ground of processing is consent, to withdraw consent.
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any other information we hold is inaccurate or out of date, or you wish to exercise any of the rights set out above, please email us at email@example.com. Alternatively, you can telephone 07979052236.
You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case we will notify you.
Links to other websites
Similarly, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us will not be transferred to countries outside of the European Economic Area (EEA). The Microsoft servers which are used to store our data are located within the EEA. Microsoft are a GDPR compliant organisation whose Standard Contractual Clauses were approved by the EU’s Article 29 Working Party – Microsoft was the first cloud service provider to receive a letter of endorsement and approval from the group.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential. We have procedures in place to deal with any suspected data breach and will notify you and any applicable regulator of a breach if we are legally required to do so. Any sensitive information (such as credit or debit card details) is encrypted and protected.
Non-sensitive details (your email address etc.) are transmitted normally over the internet and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including the purposes of satisfying any legal, accounting or reporting requirements.
When deciding what the correct time is to keep data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements. For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Review of this notice
We keep this Notice under regular review. This notice was last updated in November 2020.