Who we are
The website http://positivelymindful.net is run by Positively Mindful who are committed to respecting and safeguarding your personal information. We do not knowingly collect any personally identifiable information from anyone under the age of 18. We conform to the Data Protection Act 1998 and its successor the EU General Data Protection Regulation (GDPR). The data controller is Candice Sunney (sometimes trading as Positively Mindful, Positive Balanced Life, Positive Mindful Parenting, Positive Mindful Pregnancy and Positive Mindful Birthing)
What personal data we collect and why we collect it
Analytics
For website visitors, like most websites, we gather certain information automatically and store it in log files. This information includes Internet protocol (IP) addresses, browser type, referring pages, date/time stamp and clickstream data. We use this information, which does not identify individual users, to analyze trends, to administer the Web Site, to track users’ movements around the Web Site and to gather demographic information about our user base as a whole. We do not link this automatically-collected data to personally identifiable information.
We also may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage patterns
- To store information about your preferences, and so allow us to customise our site according to your individual interests.
- To speed up your searches.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Subscribers
If you sign up for a Positive Mindful e-newsletter, we will store your full name, location (country / district), email address, the specific reason you had for signing up (if given) and how you heard about us (if given). When you sign up we also ask you to give your consent to store this information in future.
We will use your email address to send you our newsletter which contains:
• News and information relevant to Mindfulness, Pregnancy, wellbeing, teaching or Parenting.
• This also includes marketing information such as details about forthcoming training courses and events, special offers, activities provided by other providers relevant to Positively Mindful pregnancy, parenting or teaching.
• To request information about you, for instance for research purposes.
In addition, we may send you email reminders, notices, and reports pertaining to any of the above information.
Your details are held securely by our newsletter distributors ‘Mailchimp’, who adhere to strong privacy protections which mean they are handling personal data appropriately and in line with EU legal requirements. You can check out their general privacy policy through this link: https://mailchimp.com/legal/privacy/
Course enrolment
For all paying customers, we will not store financial information about you. We offer the option for our customers to pay via Pay Pal. All PayPal transactions are subject to the PayPal Privacy Policy. We employ reasonable administrative, technical and physical measures to maintain the security and confidentiality of any and all PayPal data and information, including data and information about PayPal users and PayPal.
For our Positively Mindful learning participants, we ask you to fill out a booking form to provide us with your full contact details.
The data collected on the booking form is used solely in connection with the purposes of carrying out our services for you, e.g. emailing course materials, reminding you of class dates and times, etc. We will share your email address with other students on the same course as you so you can arrange contact with each other for learning purposes, eg. to arrange practice sessions.
Training sessions are conducted through Zoom and are recorded, by the audio and video file. Access to the recording will be emailed to all course participants who are requested to use the recordings for their own learning purposes only and not to distribute on to anyone else. Participants are also invited to discussions with other course participants over online meeting platforms, such as a Facebook group, Whatsapp, Skype and Zoom. You are also invited to record these sessions for your own learning purposes and to obtain personalised feedback from each other and your course tutor. Please see email and data security sections below. If you do not want any practice session recorded or you would like an existing discussion or class recording deleted, you may request this and we will take appropriate action. We may occasionally wish to use a class or discussion recording for more general use for future students. If this is the case we will expressly obtain your written consent to do so at the time.
For teaching or 1 to 1 coaching customers, we will ask for your full contact details and require that you give your consent for us to store and use this information by signing an agreement form.
We will store basic contact data about you held securely on our server, used solely for the purposes of us carrying out our obligations to you as our client. Any information you send us in an email will be kept within that email record. We will also keep records of our coaching conversation in note form. Handwritten notes will be held in a physical file, held securely within our offices.
Brief notes will be typed up after each session and copies of these will be sent to you by email. Online coaching sessions conducted by Skype, Whatsapp or Zoom will be recorded and transcribed, and the notes will be emailed to you afterwards.
How we protect your data
Mailing lists: are stored with mailchimp.
Contact via email: As with any transmission conducted over the internet, we cannot guarantee its security.
Any email contact you make to us will mean that any information you provide in those emails will be held securely on our servers, and within our office computers (including lap tops and tablets). This data is password protected and accessed only by the data controller ‘Candice Sunney’.
Data storage and security: All endeavours will be made to store personal details, emails, recordings and transcripts safely and destroy them when no longer required.
We will endeavour to keep your contact details correct and up to date. Please help us with this by reporting any changes to us at the email addresses shown below.
All electronic data: contracts, first session forms, session recordings and transcripts will be retained on office conputers and in a password protected and 256-bit AES encrypted online storage bank.
Who we share your data with
We may disclose personal information to a third party, but only where it is required by law, where it is otherwise allowed under the General Data Protection Regulation (GDPR), or where we have obtained your consent to do so. We may disclose information when necessary to prevent risk of harm to an individual.
The data that we collect from you may be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We have appropriate procedures in place to detect, report and investigate a personal data breach. In the unlikely event of a serious data breach, we will notify the ICO (Information Commissioner’s Office) as soon as reasonably possible and within 72 hours of becoming us aware of it.
Website visitor comments may be checked through an automated spam detection service.
What third parties we receive data from
We use google analytics and wordpress to analyse traffic to our website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you have agreed to provide a testimonial for us that will remain on our website. If at any time you would like to change this please contact us.
If you have enrolled on a course or enrolled on individual or couples coaching. When you cease to be our client, your electric data will be stored on a password protected and 256-bit AES encrypted online storage bank. All client records will be destroyed after 6 years, or sooner if you contact us to request all information is destroyed.
What data breach procedures we have in place:
A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure, theft, or unauthorised access, to personal data.
Procedures as per possible events:
Unauthorised acquisition of mailing list: Lists are stored with Mailchimp and their procedures will be followed.
Loss or theft of digital – Laptops and other digital devices are all password protect. Their theft will be reported to the police and google data location will be used to attempt to retrieve the device. Sugarsync will be used to delete the data contained on the laptop where possible.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You may request access to any data we hold on you and we will respond to and honour these requests as soon as possible. You may also request that any personal data with us is corrected, moved, or deleted and again we will oblige in a timely fashion. If you request that all your personal data is completely wiped from all our historical records, we will keep only the data we hold on our financial records, eg invoices and accounting information for the previous 6 years.
To exercise your rights, please contact us through the email addresses shown below.
Changes to our privacy policy
Any changes we may make to this policy in future will be posted on this page and, where appropriate, notified to you by e-mail.
Contact
We would welcome any questions, comments and requests regarding this privacy policy. Please contact us at info @ positivelymindful.net.
For further information on cookies view our cookie policy.
