Data Protection & Privacy Policy
Definitions
“We / our / us / DUET diabetes” – means DUET diabetes Limited; a company registered in England and Wales, Registration No. 10687394 at Cardinals Cottage, Mill Green, Horseheath, Cambridgeshire, CB21 4QZ.
UK GDPR – The Data Protection Act (2018) and UK General Data Protection Regulation
“Love Your Feet Ltd” – covers the organisation also known as ‘Love Your Feet Training’ and ‘LYFCPD’.
Key details
This data protection and privacy policy describes how DUET diabetes protects and makes use of the information you give the company including when you use our website.
If you are asked to provide information face to face, on the telephone, via email or when using our website, it will only be used in the ways described in this privacy policy.
This policy is updated from time to time. This privacy policy was reviewed and updated in July 2023.
If you have any questions about this policy or the data we store about you, you can contact us via
Email: info@duetdiabetes.co.uk
Post: DUET diabetes Ltd, Cardinals Cottage, Mill Green, Horseheath, Cambridgeshire, CB21 4QZ
Telephone: 01799 584178
Introduction
We gather and use information about individuals in order to provide products and services and to enable certain functions on our website.
We also collect information to better understand how visitors use our website and to present timely, relevant information to them.
The information that we collect about you will only be used lawfully (in accordance with the The Data Protection Act (2018)). DUET diabetes Ltd has sought and received assurances that all data is stored and processed where ‘adequacy of protection’ or specific certification is in place as defined by The Data Protection Act (2018), the UK General Data Protection Regulation (UK GDPR) and The Privacy and Electronic Communications Regulations (PECR).
What data we gather/hold
The type of information we may collect on you, and you voluntary provide to us includes:
-
Name and job title
-
Contact information including email address
-
Demographic information, such as postcode
-
Website usage data
-
Other information relevant to client enquiries, including digital correspondence
-
Other information pertaining to special offers and surveys
We do not request sensitive information, such as credit card, unless you are signing up for and paying for our services via this method, or if a refund is required.
You are under no statutory or contractual requirement or obligation to provide us with your personal information; however, we require at least the information above in order for us to deal with you as a (potential) customer in an efficient and effective manner.
We may, in further dealings with you, extend this information to include your address, services used (such as workshops booked/attended), post workshop Evaluation Reports, feedback forms, subscriptions, records of conversations and agreements and payment transactions.
This information will not be disclosed to anyone outside DUET diabetes Ltd or other companies with which we have arranged services for your benefit (such as 101Smart Ltd. – see the section “Email newsletter”).
How we use this data (personal information)
Collecting this data helps us understand what you are looking for from the company, enabling us to deliver (improved) services to you.
Specifically, we may use data:
-
To deliver our service to you
-
For our own internal records
-
To improve the products and services we provide
-
To contact you in response to a specific enquiry
-
To customise the website for you
-
To provide you relevant information that may be of use/interest to you such as our services, promotions, local and national events (also see the section ‘email newsletter’ below)
-
To contact you via email, telephone or mail for market research reasons
Ways we may contact you include: email, post, telephone or social media.
How we gather this data (personal information)
The data referred to above is:
-
Provided by you directly to us
-
Passed on to us by your contacts
-
Publicly accessible information
-
When you visit our website and subscribe to receive newsletters/updates
-
Provided to us by organisations we may partner with to deliver a service
Legal basis for data processing
The legal basis for collecting, storing and processing your data is based on at least one of the following:
-
Your specific consent
-
Performance of a contract (i.e. a workshop booking)
-
Compliance with a legal obligation
-
The legitimate interest of either us or you
Cookies and how we use them
What is a cookie?
A cookie is a small file placed on your computer’s hard drive. [Almost all websites do this too.] Cookies have many uses and most are not damaging to your privacy, all the cookies used on this website fall into that category.
Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also provide anonymised tracking data to third party applications like Google Analytics to enable us to see information like how many people use the website and what pages they tend to visit.
How we use cookies:
Our website may use cookies to improve the visitor’s experience while visiting the website. Where applicable our website uses a cookie control system allowing you, on your first visit to the website, to allow or disallow the use of cookies on your computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from visitors before leaving behind or reading files such as cookies on their computer / device.
Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.
Controlling cookies
You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies.
Unless you have changed your browser to refuse cookies, our website may issue cookies when you visit it.
Google Analytics
Our website sets “first party” cookies through its use of Google Analytics. We use Google Analytics to provide us with non-personal site analytics, which in turn help us improve the website. Google Analytics tracking uses cookies in order to provide meaningful reports about web site visitors’, but they do not collect personal data about you. Google Analytics sets or updates cookies only to collect data required for the reports. Additionally, Google Analytics only uses first-party cookies. This means that all cookies set by Google Analytics cannot be altered or retrieved by any service on any domain other than duetdiabetes.co.uk.
Email Newsletter
DUET diabetes operates an email newsletter program in conjunction with 101Smart Ltd. Visitors to our website can subscribe through an online automated process should they wish to but do so at their own discretion. Some subscriptions may be manually processed through verbal or written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with The General Data Protection Regulation. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates our website (other than 101Smart Ltd).
Email marketing campaigns published by DUET diabetes may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity (this is by no means a comprehensive list).
This information may be used to refine future email campaigns and supply you with more relevant content.
In compliance with current legislation subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable, you can un-subscribe by contacting DUET diabetes Ltd via any of the methods detailed under the “key details” section at the top of this policy.
Controlling information about you – your data protection rights
Your rights are detailed in the GDPR document, a summary can be found on the Information Commissioners Office (ICO) website https://ico.org.uk/
To update your details or to exercise any of your other rights under these regulations, please contact DUET diabetes Ltd via any of the methods detailed in the ‘key details’ section at the beginning of this policy, providing details of your request. We may require you to provide proof of identification.
If you have agreed that we can use your information for commercial purposes, you can change your mind easily by contacting DUET diabetes Ltd via any of the methods detailed in the ‘key details’ section at the beginning of this policy.
If you have a concern about how we handle your data, or you would like to lodge a complaint, you may do so by contacting The Information Commissioners Office.
Security – protecting your data (personal information)
We will always endeavour to hold your information securely. To prevent unauthorised disclosure or access to your information, we take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. We have received assurances from our website host and email provider that they are adhering to GDPR.
No information transmission over the internet can be entirely secure, and therefore we cannot guarantee the security of your personal information. Information that you send is at your own risk. However, we follow procedures to ensure that we work with all personal data in line with The Data Protection Act (2018) and associated regulations.
Laptops and mobile devices are password protected but not necessarily encrypted. Your personal information may be stored under secure cloud-based storage services, such as Dropbox and Google Drive.
Any paper copies of your personal information are stored within our premises and are kept with us or stored securely
.
Disclosing your data (personal information)
We will never lease, distribute or sell your personal information to third parties for marketing purposes unless we have your permission.
We may share your information with a third party when partnering with them to deliver a service to you (such as, but not limited to, Louella Belle Training Academy or Love Your Feet Ltd and Umbrella Insight/Gather).
We use an online platform called Gather to collect and collate pre and post workshop surveys/feedback. Please contact them directly to access their data protection and privacy policy (see ‘resources and further information’ section below).
We disclose relevant details with our accountant for reporting purposes.
We may disclose your personal information if law enforcement authorities require us to do so.
How long we store your data (personal information)
If you are a direct client, or if you have purchased our training via a third party (such as, but not limited to, Eventbrite, Ticket Tailor, Louella Belle Training Academy or Love Your Feet Ltd) we may retain your personal information for a period of 9 years to ensure we are able to comply with any contractual, legal and audit requirements. If we have an ongoing relationship with you then we may extend this period for longer than 9 years.
If you are not a client, we may keep your personal information for up to 7 years following our last contact with you.
Changes in Ownership
If DUET diabetes (or a substantial portion of its assets) is acquired, customer information would be considered part of those assets, and may be part of those assets that are transferred.
External links
Our website may contain links to other websites. Please note that we have no control of websites outside the duetdiabetes.co.uk domain. If you provide information to a website to which we link (such as third party ticketing and video conferencing platforms used in conjunction with our virtual training for example), we are not responsible for its protection and privacy.
Always be wary when submitting data to websites. Read the site’s data protection and privacy policies fully.
Social media platforms
Communication, engagement and actions taken through external social media platforms that we participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
You are advised to use social media platforms wisely and communicate / engage upon them with due care and caution regarding their own privacy and personal details. We will never ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to make contact through primary communication channels such as by telephone or email.
Our website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Visitors are advised using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Resources and further information
-
Guide to The UK General Data Protection Regulation (UK GDPR)
-
Louella Belle Training Academy Data Protection & Privacy Policy
-
Love Your Feet Ltd (LYFCPD) Data Protection & Privacy Policy
-
Ticket Tailor Data Protection and Privacy Policy
-
Umbrella Insight Data Protection & Privacy Policy Also trades as Gather
-
Stripe (payment provider) Data Protection & Privacy Policy
Data Protection and Privacy Policy ALR2017010v7