PRIVACY POLICY

1. INTRODUCTION

This privacy notice provides detailed information about how Areté Health & Performance Ltd as Data Controller (referred to as "we", "us" or "our" in this privacy notice).

Areté Health & Performance Ltd takes your privacy seriously and is committed to ensuring compliance with its legal obligations to process data lawfully, fairly, and transparently for the purpose for which it was obtained accordingly, set out below are details of your rights in relation to your data, relevant contact details in the event of a data breach or any questions you may have.

Contact Details

Full name of legal entity: Areté Health & Performance Ltd
Email address: info@arete-performance.com
Postal address: Areté Health & Performance, Front Suite, 1st Floor, 131 High Street, Teddington, Middlesex, TW11 8HH
Telephone number: 07734 070672

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at info@arete-performance.com or calling us on 07734 070672.

2. WHAT DATA DO WE COLLECT ABOUT YOU, FOR WHAT PURPOSE AND ON WHAT GROUND WE PROCESS IT

We need to collect the following sensitive data about you in order to deliver the services we provide in a safe manner and in line with moral and ethical standards within the industry. We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails); so we can set this up we will ask you to provide some personal information such as:

We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy below for more details about this. When you are in our premises Areté uses CCTV for security monitoring purposes.

We may receive data from third parties such as analytics providers such as Google based outside the EU, advertising networks such as Facebook based outside the EU, such as search information providers such as Google based outside the EU, providers of technical, payment and delivery services, such as data brokers or aggregators.

Data Protection says that we are allowed to use and share your personal data only where we have a proper reason to do so. The law says we must have one or more of these reasons and these are:

Here is a list of the ways that we may use your personal information, and which of the reasons described above we rely on to do so. Where we list legitimate interests as a reason, we also describe below what we believe these legitimate interests are.

What We Use Your Personal Information For Our Reasons (Legal Basis) Our Explanation Of Areté's Legitimate Interests
PARQ & Client forms • Legitimate interest We need to collect sensitive data about you in order to deliver the services we provide in a safe manner within the industry. This includes performance or medical data about your health and wellbeing in relation to your physical fitness and ability to carry out a fitness regime.
Storing payment card information • Consent N/A
Process your orders and/or services • Fulfilling a contract N/A
Notify you of your order and/or service status. • Legitimate interests Process efficiency in dealing with such activity, and to make improvements to our services.
Manage your account/ provide client services to you. This may include: transfers to Third Countries who undertake client services/communications activities call recording data verification client complaints/queries. • Legal obligation/ Legitimate interests (depending on nature of services) Keeping our records up to date, handling our client contact efficiently and effectively, working out which of our products and services may interest you and telling you about them.
To detect, investigate and report financial crime (e.g. Fraud) • Legal Obligation / legitimate interests Developing and improving how we deal with financial crime. Complying with any legal obligation placed on us by regulators such as the FCA. Complying with any regulations that apply to us. Process efficiency in dealing with such activity, and to make service and process improvements.
Undertake website personalisation and administration. • Legitimate interests Developing products, services, applications and designs that attract and retain clients. Improving client interaction with our sites. Defining types of clients for new products or services
Marketing communications to inform you of special offers, promotions, new services. Provide you with online advertising. • Legitimate interests Developing products, services, applications and designs that attract and retain clients. Improving client interaction with our sites.
Notifying you about enhancements to our services, such as changes to the website and new services that may be of interest to you. • Legitimate interests Developing products, services, applications and designs that attract and retain clients. Improving client interaction with our sites.
Contact you to undertake client satisfaction surveys, invite you to provide product reviews or for market research. • Legitimate interests Developing services,that attract and retain clients. Improving client interaction with our sites.
Maintaining network and data security • Legitimate interests To maintain the security of our network this in turns helps us to maintain the safety and confidentiality of your information.

3. WHO WE SHARE YOUR INFORMATION WITH AND WHY

MARKETING COMPANIES AND ONLINE ADVERTISING

Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business).

Under the Privacy and Electronic Communications Regulations, we may send you marketing communications from us if (i) you made a purchase or asked for information from us about our goods or services or (ii) you agreed to receive marketing communications and in each case you have not opted out of receiving such communications since. Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However you can still opt out of receiving marketing emails from us at any time.

Before we share your personal data with any third party for their own marketing purposes we will get your express consent.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by emailing us at info@areteperformance.com at any time.

If you opt out of receiving marketing communications this opt-out does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations etc.

DISCLOSURES OF YOUR PERSONAL DATA

We may have to share your personal data with the parties set out below:

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

INTERNATIONAL TRANSFERS

We share your personal data within our group of companies which may involve transferring your data outside the European Economic Area (EEA).

Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.

Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:

4. DATA SECURITY DATA

We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails). We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy below for more details about this.

We may receive data from third parties such as analytics providers such as Google based outside the EU, advertising networks such as Facebook based outside the EU, such as search information providers such as Google based outside the EU, providers of technical, payment and delivery services, such as data brokers or aggregators.

5. DATA RETENTION

– You need to hold a data retention policy which simply lists out the data you hold, where and how long for.

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

For tax purposes the law requires us to keep basic information about our clients (including Contact, Identity, Financial and Transaction Data) for six years after they stop being clients.

In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

6. YOUR LEGAL RIGHTS

Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.

Core Individual Rights

Please note that the following rights are available to you in connection with all processing of your personal data:

Right of Access

You may seek confirmation as to whether your personal data is processed by Areté Health & Performance Ltd and we will provide you with information concerning the use of such data and a copy of the personal data processed.

Right of Rectification of Inaccurate Data

Any personal data which is inaccurate or incomplete must be rectified by Areté Health & Performance Ltd and, if so requested, we will provide you with a statement showing the changes.

Right of Erasure or the Right to be Forgotten

You have the right to have your personal data erased by Areté Health & Performance Ltd where processing it is no longer necessary in relation to the original purpose for which it was collected or it has been unlawfully processed or where we are required to erase it to comply with a legal obligation applicable under the laws of England and Wales or EU law.

Right of Restriction of Processing In the event that:

Conditional Rights

Erasure
Where Areté Health & Performance Ltd processes your data based on explicit consent, if you withdraw that consent and Areté Health & Performance Ltd has not relied on any other legal ground for processing, you have the right to request erasure of that data.

Data Portability
If Areté Health & Performance Ltd processes personal data based on your consent or in order to enter into a contract with you, you may obtain that personal data directly from Areté Health & Performance Ltd in any structured, commonly used, machine readable format or indirectly by us providing it to any applicable third party you choose to nominate.

Objection to Processing
You may object to further processing of your personal data where we have relied on the ground of legitimate interests unless Areté Health & Performance Ltd can demonstrate compelling grounds to continue such processing which override your individual interests, rights and freedoms.
Pending verification of the latter, you may obtain restriction of further processing and, in the event that Areté Health & Performance Ltd cannot successfully demonstrate compelling legal grounds to continue processing which override your interests, Areté Health & Performance Ltd will erase the personal data.

Relevant Contacts
If you believe any of your rights have been breached in connection with processing of your personal data, you have the right to lodge a complaint with a supervisory authority of any Member State of the European Union, in particular the Member State where you have your habitual residence or place of work or where the alleged breach took place.
If you have any questions in relation to this Privacy Notice or processing of your personal data generally please contact Ian Taplin DPO Areté Health & Performance Ltd at ian@arete-performance.com

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

7. THIRD-PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

8. COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see below.

COOKIE POLICY

WHAT'S A COOKIE?

A "cookie" is a piece of information that is stored on your computer's hard drive and which records how you move your way around a website so that, when you revisit that website, it can present tailored options based on the information stored about your last visit. Cookies can also be used to analyse traffic and for advertising and marketing purposes.

Cookies are used by nearly all websites and do not harm your system.

HOW DO WE USE COOKIES?

Session cookies: these are only stored on your computer during your web session and are automatically deleted when you close your browser – they usually store an anonymous session ID allowing you to browse a website without having to log in to each page but they do not collect any personal data from your computer; or

Persistent cookies: a persistent cookie is stored as a file on your computer and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again.

Cookies can also be categorised as follows:

Strictly necessary cookies: These cookies are essential to enable you to use the website effectively, such as when buying a product and / or service, and therefore cannot be turned off. Without these cookies, the services available to you on our website cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.

Performance cookies: These cookies enable us to monitor and improve the performance of our website. For example, they allow us to count visits, identify traffic sources and see which parts of the site are most popular.

Functionality cookies: These cookies allow our website to remember choices you make and provide enhanced features. For instance, we may be able to provide you with news or updates relevant to the services you use. They may also be used to provide services you have requested such as viewing a video or commenting on a blog. The information these cookies collect is usually anonymised.