1.1 When you contact Embodiment Courses Limited (ECL); or use our services, including our websites, you are expressly providing us and trusting us with information about you.
what information we collect;
how we use and store it;
what rights you have concerning your information.
- General Data Protection Regulation (GDPR)
2.1 This GDPR compliant policy is for all Embodiment Courses Limited websites and governs users’ privacy who choose to use them. It explains how we comply with the GDPR (General Data Protection Regulations), the DPA (Data Protection Act) [pre-GDPR enforcement] and the PECR (Privacy and Electronic Communications Regulations).
2.2 This Policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA and PECR are adhered to.
2.3 Our contact information is provided within this Policy if you have any further questions.
2.4 The DPA & GDPR May 2018
This website complies with the DPA (Data Protection Act 1998) and GDPR (General Data Protection Regulation 2018).
2.5 At ECL, we are committed to user privacy. We will take all reasonable steps to ensure that your information is kept secure and according to the law. We respect your personal data and take our data controlling or handling responsibility very seriously.
2.6 This Policy applies to users of the website and our clients and customers. By providing us with your data, you confirm that you are over 13 years of age.
2.7 By using this website, you legally agree to the terms within this Policy. This applies from your first site visit and beyond.
2.8 We may change this Policy from time to time. If that happens, this page will be updated. We recommend you check this page before using the website to ensure that you are aware of and accept any relevant changes.
2.10 Where the word or term ‘We’ is used in this Policy, it means ECL.
- About us
3.1 ECL is registered in England and Wales under Company Registration Number 09887766. ECL’s registered office address is The Old Casino, Fourth Avenue, Hove, East Sussex, BN3 2PJ, UK.
3.2 ECL is registered with the Information Commissioner’s Office (ICO) for data protection. Our ICO registration number is ZA408788.
3.3 ECL is the data controller for this website. Full details of our notified purposes can be viewed at the Information Commissioner’s Office website: www.ico.org.uk.
3.4 The person currently responsible for data protection at ECL is Mark Walsh. This person is The Data Protection Officer.
What personal data do we collect?
- Online contact forms
4.1 We use online forms to collect your name and email address, for registration to the course and our mailing lists and email newsletters.
4.2 By agreeing to proceed with your online registration, you will automatically be signed up to receive our monthly/regular email newsletter(s), which may contain relevant offers and news concerning ECL’s services – opting in means you freely give consent.
4.3 We also use online application forms for prospective speakers, including contact details and other relevant personal details, teaching and facilitation, biography and social reach.
5.1 We retain copies of emails sent to us on our servers. These may contain personal information (name, email address(s), and personal information in message contents).
- Mailing lists and email newsletters
6.1 We use mailing lists and email newsletters.
6.2 By agreeing to proceed with your online registration, or by using the online contact form to contact us, you will automatically be signed up to our mailing lists and receive our monthly/regular email newsletter(s) which may contain relevant offers and relevant news concerning the services that ECL provides. This opting in is your freely given consent. This is repeating 4.2 above
6.3 We make it extremely and expressly clear what you are signing up to when you subscribe to our email newsletter(s). Data is only processed with your consent, and you have the right to unsubscribe at any time.
6.4 We use a third-party provider, GetResponse, to deliver and monitor our email newsletters, as well as maintain our mailing lists. For more information, please see GetResponse’s privacy notice: https://www.getresponse.com/legal/privacy.
6.5 We will record your communication preferences when you subscribe to our email newsletter(s) and may monitor whether you open our emails and which link(s) you click on. We will also log your Internet Protocol (IP) address, and the type of web browser used.
- Telephone/Video calls
7.1 Any personal information given through telephone and video calls (name, telephone numbers and any other personal data provided) may be held by us in accordance with this Policy.
- Social media
8.1 We use social media to engage with our users, and we link to our pages on Facebook, Twitter, Instagram, iTunes, and YouTube. According to what is shared by you and the platform concerned, we hold details of our social media followers.
8.3 This website may use social sharing buttons that help share web content directly from web pages to the social media platform in question. The use of social sharing buttons is at your discretion. Social media platforms may track and save your request to share a web page.
8.4 We would advise you to refer to the Privacy Policies of these channels to understand how they treat your data should you wish to understand their position any further or better:
- a) Facebook: https://www.facebook.com/privacy/explanation
- b) Twitter: https://www.twitter.com/en/privacy
- c) Instagram: http://instagram.com/legal/privacy/
- d) YouTube: https://policies.google.com/privacy
- e) iTunes: https://www.apple.com/uk/legal/privacy/en-ww/
- Google Analytics
10.1 When someone visits our websites, we use a third-party service, Google Analytics, to collect details of visitor behaviour patterns (e.g. how many people visit particular pages on our site and when). This information is to help us market our services to the right people in the best ways. This information does not allow us to identify users.
11.1 To enhance our communications, we use photographs and videos on our websites and newsletters and social media posts. We will ask your permission before doing this and explain what the images will be used for – either verbally or as part of the sign-up/contracting process for a relevant event.
- Payment processing
12.1 This website uses PayPal and Stripe to process customer payments for our services. You may be asked for, as appropriate, name, email address, mailing address, phone number and credit/debit card information. PayPal and Stripe will collect personal identification information from users on behalf of Embodiment Courses Limited only if they voluntarily submit such information to them.
You should refer to Paypal and Stripe’s privacy policies for further information:
- Special categories of data
13.1 Data protection laws specify special categories of personal data (such as ethnic or racial origin, political opinions, religious beliefs, trade union membership, physical or mental health, sexual life or criminal record). For our business, we don’t collect special categories of data. However, we recognise that our users may volunteer other particular category information while communicating with us.
- How do we use your data?
14.1 The following are indicative of how we seek to use your data but are not exhaustive:
To answer your queries and respond to your feedback;
To follow up with you after a training/class/event;
To let you know of products, resources, updates and special offers related to ECL and embodiment;
To provide you with resources related to embodiment (e.g. ebook downloads);
To personalise your experience and to allow us to deliver the type of content and products in which you are most interested;
To improve our website, so we can better serve you;
To enable you to apply/register for our conference and events (in person or online) before or after;
To allow us to offer extra support where needed (e.g. with physical/mental health issues) during our training/classes/events;
To administer contests, promotions, surveys or other site features;
To efficiently process your transactions, including purchases made online.
14.2 Your personal information is held until it is no longer required or has no use.
- Sharing information with third parties
15.1 We do not sell, trade, or otherwise transfer your data to third parties unless we have gained your express permission and consent. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users – so long as those parties agree to keep your information secure and confidential. It also does not include institutions which require attendance registers for training/classes/events held at their premises.
15.2 We may also release information when it’s appropriate to comply with the law, enforce our site policies, or protect ourselves or others’ rights, property, or safety. Examples of third parties include, but not exhaustive of, regulators, government agencies, courts, etc.
- External links
- Data security
17.1 Every effort has been made to ensure that the technologies we use to collect and hold data are safe and secure. Your data is contained behind secured networks and is only accessible by designated members of our team, who must keep the information confidential. All sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. Our website is checked regularly for security risks and vulnerabilities.
17.2 However, the Internet is not entirely secure, and we cannot guarantee the security of personal data transmitted through our website or by email. Users provide personal details at their discretion and their own risk.
- Your legal rights
18.1 We recognise your legal rights concerning your data and uphold these according to relevant data protection laws. As already mentioned above, we respect your personal data and take our data controlling or handling responsibility very seriously.
18.2 You have the right to access the personal data we hold about you. We will endeavour to respond quickly to any such requests; legally, we must respond within one month of receiving the request and any other necessary information.
18.3 From 25 May 2018, you can ask that we erase all personal information that we hold about you. Where it is appropriate that we comply, your request will be fully actioned within 30 days.
18.4 You also have the right to request that we amend or change personal information that is inaccurate, incomplete and incorrect.
18.5 If you wish to make any such requests, as mentioned above, you should contact the Data Protection Officer by emailing us at email@example.com
- Changes to this Policy
19.1 This Policy was last updated on 20 May 2021. It is a living document and open to continual review(s) and amendment(s). We reserve the right to change it at any time, so please review it frequently, when and where relevant to you. Changes and clarifications will take effect immediately upon their posting and publication on the website. You will be deemed to have accepted any changes to this Policy’s terms when visiting the website following any changes.
- Concerns and complaints
20.1 If you want to raise a concern or complaint about our use of your data, you can contact us by emailing the Data Protection Officer at firstname.lastname@example.org. We will endeavour to address and deal with your query to your satisfaction and with reasonable promptness.
20.2 Alternatively, you can directly raise a concern or complaint to the Information Commissioner’s Office (ICO). You can telephone the ICO on 0303 123 1113 and see the options for reporting issues at https://ico.org.uk/concerns/. However, we believe that this possible route will not be possible given our position at 20.1.