Sarah Smith Mediation Services
The following privacy notice outlines how Sarah Smith Mediation Services collects, uses, protects and transfers your personal data. It covers the General Data Protection Regulation (GDPR) as it applies in the UK, tailored by the Data Protection Act 2018.
The data owner for the organisation is Sarah Smith. You can contact the data owner by any of the following:
Our contact details
Name: Sarah Smith Mediation Services
Address: c/o First Floor, 7 Cheltenham Mount, Harrogate HG1 1DW
Phone Number: 07595 650223
The type of personal information we collect
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics (for example, name, date of birth, address, email, telephone)
- Financial information (if shared with us as part of a mediation service)
- Website user stats
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- we need to obtain and process your personal data to provide you with our services; and
- to fulfil our business and legal obligations.
We will never collect any personal information from you that we do not need or retain any data that is no longer necessary for the purposes specified in this notice.
Where we request sensitive personal data from you (i.e. health or financial data), the reason(s) for the request will be clearly given along with the purposes of the processing.
We may also receive personal information indirectly, from the following sources in the following scenarios:
- any other party engaging with our services; and
- other professional third parties, e.g. counsellors, solicitors, IFAs, accountants, pension experts.
We use the information that you have given us in order to:
- Ensure a safe service and comply with the required screening and safeguarding.
- Collect specific personal data (name, address, email, contact number, DOB) that is required to enter into a contract to sell a product or service.
- Communicate with you including confirmation of appointments, updates and requests to cancel.
- Store customer records; to include reporting obligations and conflict checking.
- Hold personal data that is required by law or to respond to legal process.
- Hold for supervision, training and insurance purposes.
- Select relevant updates, promotions and information for you.
We may share this information with regulatory bodies, third party suppliers (e.g. IT and case management – such organisations having their own confidentiality and privacy policies in place also) and for training and supervision.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- We have a contractual obligation.
- We have a legal obligation.
- We have a legitimate interest.
We do not collect the personal data of children under the age of 16 without parental or guardian consent.
How we store your personal information
Your information is collected when you provide it to us through our website, over the phone, in person, by email, social media, in writing or any other means by which you provide it to us. Information is stored using ResolveIT software, as well as paper record keeping whilst your case is active.
We may share access together to your information through file sharing platforms such as Dropbox, One Drive, GoogleDocs etc., for the limited purpose of viewing and updating that information.
We retain your personal data for as long as necessary to provide you with our services as our client. Thereafter, we keep your information as follows:
- Case records: for a period of 12 months after the mediation concludes; for training, membership and accreditation purposes or in case of any complaint investigation.
- Contact information: is extracted and retained on our client database to send future updates, promotions and information to you. We will retain the minimum required data to contact you until you notify us that you no longer wish to receive such information.
When we dispose of your information we do so by deleting from our systems, plus destroying any paper records by secure and confidential shredding. We avoid holding your personal information in paper format wherever possible.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at firstname.lastname@example.org if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at email@example.com.
You can also complain to the ICO if you are unhappy with how we have used your data. The ICO can be contacted as follows:
Information Commissioner’s Office
Helpline number: 0303 123 1113 ICO Website: https://www.ico.org.uk
What is a cookie?
Cookies are files containing small amounts of information which are downloaded from the website you are visiting onto your device. Cookies are useful because they make a more personalised browsing experience according to your preferences.
Functional cookies – so you can navigate around our website correctly.
Performance cookies – so we can administer the website, track visitor movements and gather broad information on trends to help us improve our website.
Targeted cookies – if we link with third party websites such as LinkedIn, Facebook, Twitter, Instagram, etc. these cookies tell us which pages you clicked on and interacted with. However, each third party uses its own tracking cookies and these are outside of our control. You should check the websites and cookie policies of any third parties.
How can you manage cookies?
You can accept, decline or modify the cookie settings. Most web browsers automatically prompt your response on this when you first enter the site, but you can also modify your own browser settings. Please be aware that this may prevent you from fully accessing our website.
This policy was last updated October 2020.