Privacy Policy

PRIVACY POLICY

This policy was last updated: 11/11/2020

Date to be reviewed: 11/11/2022

 

This policy explains how Amethyst Health and Beauty will handle the privacy of your information. We are committed to maintaining robust privacy protections for all our users. We will take the necessary steps to ensure that users information is safeguarded and kept in accordance with all applicable laws and regulations.

This Privacy Policy forms part of our terms and conditions and is designed to help you understand how we collect, use, share and safeguard information we receive from website visitors and customers.

 

What information do we collect?

The information that you provide us with may be collected and processed by us in accordance with the Data Protection Act 1998 and subsequent legislation.

Information you provide to us

We have a ‘Contact Us’ page which enables you to email us. We require you to complete the fields for your name, phone number, email and business name, so that we can contact you and provide details of our services to you, as well as deal with general company enquiries. Data collected is held on the grounds of being for legitimate business interests or to fulfil a contractual obligation.

If you do not proceed with any order your details will be deleted in accordance with our data retention policy.

We may use social media to engage with users and the Amethyst Health and Beauty website links to our social media pages. We do not keep any specific data that identifies an individual user but hold details of our followers on these platforms.

When you visit our website, the server collects IP addresses to provide security and prevent brute force or malicious attacks. These IP addresses are not linked to any other personal data. The address for our UK data centre is: Reynolds House, 4 Archway, Manchester M15 5RN

 

 

Information we get from other sources

From time to time, we may need to obtain information from third parties about you. This will only apply where it is necessary to provide our services to users and as permitted by law.

 

Cookies

We have a separate cookie policy that covers the type of data that is collected by cookies. See https://www.amethysthealth.co.uk/cookie-policy/

 

How we use your personal information

Your information will be used by us to enable us to provide our services to you. We act as a Data Controller of your information and undertake to protect your personal and sensitive data in a manner that is consistent with the requirements of the Data Protection Act/General Data Protection Regulation (GDPR). We will take reasonable measures to ensure the secure storage of your data.

Personal data submitted on this website will be used for the purposes specified in this Privacy Policy, to include the following:

  • administer the website;
  • improve your browsing experience by personalising the website;
  • follow up with correspondence, email enquires;
  • send you general (non-marketing) communications;
  • send you email notifications which you have specifically requested;
  • send to you marketing communications, where expressly agreed;
  • provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
  • ask for feedback and review products and services;
  • deal with enquiries and complaints made by or about you relating to the website.

Users of this website do so at their own discretion and provide any such personal details at their own risk.

 

Sharing Information

Disclosure

We do not share, sell, or distribute your data to third parties, except as provided in this Privacy Notice. Your data may be shared with contractors working on our behalf, who act on our instruction in relation to the management of your data and must adhere to all data protection laws and regulations. Data processors will be required to have a signed agreement with us to ensure accountability.

We will only send you emails about our products and services (i.e. direct marketing) with your express consent. You have the option not to give consent and to withdraw consent at any time. You may withdraw your consent for us to contact you by contacting us at enquiries@amethysthealth.co.uk

We may disclose your personal information if we are required to do so by law, in connection with any legal proceedings, and in order to establish, exercise or defend our legal rights, or if otherwise legally permitted.

Retaining your data

We keep your personal information in accordance with our Data Retention Policy which reflects our needs to provide services to you as contracted and also as required to meet legal, statutory and regulatory obligations. The need to hold information is regularly reviewed and information/data will be disposed of when no longer required.

Storage of data

Your information may be stored on a cloud-based system whose servers are located within the UK or European Union (EU). All data will be stored so to comply with the Data Protection Act 1998 and as enacted, the General Data Protection Regulation (GDPR).

External links

Users of the Amethyst Health and Beauty website are advised to adopt a policy of caution before clicking on any external web links. [External links are clickable text / banner / image links to other websites.] Clicking an external link will take the user away from our website. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s terms and conditions.

Amethyst Health and Beauty cannot guarantee or verify the contents of any externally linked website and users click on external links at their own risk. Amethyst Health and Beauty and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Social media platforms

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are subject to our terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate and/or engage with them with due care and caution in regard to their own privacy and personal details. This website nor its owners will not ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

Amethyst Health and Beauty may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised that before using such social sharing buttons, that they do so at their own discretion, and should consider that the social media platform may track and save requests to share a web page, through the users’ social media platform account.

 

Data Subject Rights

Subject Access Requests

The General Data Protection Regulation (GDPR) gives individuals, known as ‘data subjects’, the right to access personal data that is held by organisations by a subject access request (SAR). We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. We have a formal request form to deal with SAR requests that can be accessed on our website, https://www.amethysthealth.co.uk/ or by emailing us at enquiries@amethysthealth.co.uk. You will need to tell us how we acquired the information.

Right to Rectification

Data subjects have the right to request that we amend or change personal information that we hold about you, that is inaccurate or incorrect.

Right to erasure

Data subjects have the right to ask us to delete personal information from our systems without giving any reason and at any time. We will act on any request without delay.

Right to restrict processing

Data subjects have the right to rectification or erasure of personal data in the following circumstances:

  • Personal data is not accurate;
  • The processing of data is unlawful. Data subjects may request that processing is restricted;
  • Data is required to exercise legal rights or defend legal claims;
  • Data is unlawful but there may be lawful grounds for processing, which override this right.

Right to data portability

Data subjects have the right to obtain and transfer their data to different service providers.

Right to object

Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data where we can demonstrate lawful grounds for doing so.

Right not to be subject to decisions based on automated processing

We do not use any automated processing that results in any automated decision based on a data subject’s personal information.

Using your rights

If you wish to invoke any of these rights, you can contact our Data Controller by email to enquiries@amethysthealth.co.uk

Important Information

Questions and queries

If you have any concerns about how we handle your data, you can contact the Data Controller by email to enquiries@amethysthealth.co.uk

Changes to this policy

We reserve the right to change this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. You will be deemed to have accepted any changes to the terms of the privacy policy on your next visit of the website following the amendment.

Complaints

If you have a complaint about the use of your data, you can contact us by email to enquiries@amethysthealth.co.uk

Alternatively, you can formally report an issue of concern to the Information Commissioner’s Office, the UK body that governs Data Protection. See https://ico.org.uk

No Waiver

No failure or delay by us in exercising any of our rights in accordance with this Privacy Policy or our terms and conditions shall be deemed to be a waiver of that right, and no waiver of a breach of any provision of the Agreement shall be deemed to be a waiver of any subsequent breach of the same or any other provision.

Severance

If one or more of the provisions of this Privacy Policy or our terms and conditions is found to be unlawful, invalid or otherwise unenforceable, those provision(s) shall be deemed severed from the remainder of these terms and conditions and shall remain enforceable.

Third Party Rights

The terms of this Privacy Policy shall not confer rights on any third parties and accordingly the Contracts (Rights of Third Parties) Act shall not apply.

Jurisdiction and Governing Law

The terms of this Privacy Policy and all disputes, whether contractual or otherwise, arising out of or in connection with the policy are governed by and shall be construed in accordance with the laws of England and Wales and each party submits to the exclusive jurisdiction of the English courts.

© 2020  Amethyst Health and Beauty | Privacy Policy v2