The cookies contain no personal data, preferences or do anything except prevent site spoofing. Keeping you safe. :)
We have attempted to cover all data aspects in this page.
If you find something is missing, wrong or you would like to see included, please contact us using this button.
The Data Protection Act 1998 (the Act) regulates the way in which all personal data is held and processed. This is a statement of the data protection policy adopted by Yogamindspace. It applies to all Yogamindspace staff. In order to operate efficiently Yogamindspace needs to collect and use information about the people with whom we work. This includes current, past and prospective staff, reviewers, professional experts, stakeholders, delegates, students, trainees and others with whom we communicate.
Yogamindspace regards the lawful and correct treatment of personal information as integral to our successful operation, and to maintaining the confidence of the people we work with. To this end we fully endorse and adhere to the principles of the Act.
The purpose of this policy is to ensure that everyone handing personal information at Yogamindspace is fully aware of the requirements of the Act and complies with data protection procedures and that our yoga students are aware of their rights under the Act.
The Faculty Administrator has overall responsibility for compliance with the Act but individual members of staff are responsible for the proper use of the data they process.
The principles of the Act require require that personal information must:
What we do in order to meet the requirements of these principles:
Yogamindspace will ensure that:
Yogamindspace respects your privacy.
The information that you provide us with, or that is gathered automatically,
helps us to monitor our services and provide you with the most relevant information.
More information on how Yogamindspace safeguards your privacy in relation to websites, email, voicemail, social media,
testing and training can be found on our website: www.Yogamindspace.com/privacy.
Under the Act individuals have the right to access personal information Yogamindspace may hold about them.
If you wish to request such information please contact us below.
Yogamindspace aims to comply fully with its obligations under the Act.
If you have any questions or concerns regarding Yogamindspace's management of personal data, including your right to access data about yourself,
or if you feel Yogamindspace holds inaccurate information about you, please contact Yogamindspace's Faculty Administrator (button above).
If you feel that your questions or concerns have not been dealt with adequately or that a subject access request you have made to Yogamindspace
has not been fulfilled you can use yogamindspace's complaints procedure.
Contact the Faculty Administrator for a copy.
If you are still dissatisfied, you have the right to contact the office of the Information Commissioner, the independent body overseeing compliance with the Act: http://ico.org.uk/.
In May 2018, the EU General Data Protection Regulation (GDPR) replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).
Yogamindspace training currently complies with applicable data protection regulations and is committed to GDPR compliance across its relevant services,
users, staff and students when the GDPR takes effect May 25, 2018.
Yogamindspace's continuing and ongoing compliance reviews include:
Yogamindspace training is regularly reviews where and how our relevant services collect, use, store and dispose of personal data alongside updating policies,
standards, governance and documentation as needed.
• CONTRACTUAL COMMITMENTS
Working in conjunction with our partners and customers,
Yogamindspace training is reviewing our contractual commitments and updating as needed to directly address GDPR requirements.
Yogamindspace is also regularly reviews its supplier contracts to ensure GDPR compliance throughout our supply chain.
• CROSS-BORDER DATA / ANY DATA TRANSFER
In addition to ensuring Yogamindspace's contractual commitments meet the requirements to legally transfer data from the
EU to the rest of the world under applicable law,
Yogamindspace plans to certify under the EU-US Privacy Shield Framework when and if this is applicable.
Currently we do not share information with any entity, and we do not anticipate this changing,
if it does change we will check that you are happy before we do.
This is only likely possibly for accreditation (British Wheel of Yoga, Independent Yoga Network, or Yoga Alliance)
or for insurance / medical purposes. Your data is yours - we will pass all queries in the first instance back to you.
• EMPLOYEE TRAINING AND AWARENESS
All Yogamindspace employees full or part time must complete data privacy and security training.
Yogamindspace will supplement existing training modules with GDPR-specific content.
In addition to these training requirements, Yogamindspace conducts ongoing awareness initiatives on a variety of topics,
including data protection, security and privacy. This includes user and student awareness on an annual basis.
• PARTNERS, CUSTOMERS AND STUDENTS
Compliance with the GDPR requires a partnership between Yogamindspace and our partners and customers in their use of applicable Yogamindspace
services or courses. In this context, Yogamindspace generally acts as a data processor and our partners and customers,
users and students generally will act as data controllers. Working together, we hope to explore opportunities within our relevant service
offerings to assist our partners and customers and students meet their GDPR obligations. In the meantime, Yogamindspace encourages partners
and customers to independently familiarize themselves with the GDPR.
If you feel you need to know more - ask us. We want you to be in control.
The UK is drafting a new Data Protection Bill which in the main includes all the provisions and legislation of GDPR.
There will be some smaller changes and the Yogamindspace policies and procedures will be updated in accordiance with this as more is known.
We hold the following informtion:
This information is required for membership and attendance.
We collect this information in a really simple manner.
You fill out and sign a handwritten form which contains a simple explanation of your membership T&Cs.
You fill out a Simple Medical Form that is standard across the wellness industry.
You give us consent to contact you via text or email.
We collect and retain the medical information you provide to us.
This is detailed in our medical form download available on the yogamindspace website.
We use this information to ensure you are safe in the class environment, and so we know of any injuries in advance.
All information is considered extremely sensitive and not available to third parties.
Our teachers hold regular meetings and may discuss students progress and health in order to ensure class safety.
These meetings are considered confidential, in which discussions are of a professional nature.
We only keep information that we consider to be vital to the running of our business, your safety, and your contact information.
We hold data that is of legitimate interest to your contract with yogamindspace.
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service and the best and most secure experience.
We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.
We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
We believe in transparency! We use paper forms in order that you can take them away, review, and decide whether you wish to fill them out.
If there is something that you do not want us to know, we are happy to talk about your concerns, and if possible; modify accordingly.
By signing your forms it is considered that you consent to us processing your data in line with lawful use (see above "Lawful basis").
We ensure you know your rights by including them on the paper forms.
If you feel you dont understand your rights or that we haven't kept you up-to-date; contact us.
We rarely have under 18's in our classes.
If we do they must always be accompanied by an Adult who takes soles responsibility for them.
We currently do not process data for under 18's.
You may request to see what information we have about you.
The process may take as long as 28 days, however it will normally take around 14.
Please make allowances for us if we are on retreat, holiday, ill or indisposed. If we anticipate that there may be a delay
we will contact you within that 28 period, with an estimated date.
If you make a data request and see something that's incorrect or you want deleted, you can make a request for data rectification.
As above we will do this within 28 days unless circumstances mean we are unable to do so, in which case we will contact you with
an estimated date within that 28 day period.
Yogamindspace has clear policies and procedures for processing and retaining your information.
We have an annual review of what works, and what does not. We collect information from teachers and students regarding our processes and their
experiences. We review our data protection and data security annually, or more frequently if we have a change in circumstances.
We collect this information using a combination of verbal and written processes.
We also ensure that all our teachers and staff are data protection aware and understand how to apply it to their classes.
Yogamindspace takes data security seriously.
All paper is stored securely, and any data stored digitally is encrypted (scrambled) with a 256hash .
If we have a data breach or we find data has been modified we will notify you IMMEDIATELY having taken steps to ensure that the breach
vector has been closed and the 'breach' has been stopped and further breaches prevented.
• More information may be found here :
A well written article covering what you need to know:
Wired Magazine's Guide For Consumers & Businesses
A series of in-depth articles from the Information Commissioner relating to GDPR:
UK Information Commissioner