Privacy Policy


Date updated: 15th May 2018

This privacy policy (“Privacy Policy”) governs the manner in which Craniosacral Therapy Assocation and our Affiliates (collectively “We”, “us” or “our”) collect, uses, maintains and discloses any data including personal data (“Data”) provided by you (“you”, “your”, “User”) through your use of our websites, products and services (“Services”).

Please read the following carefully to understand our views and practices regarding your Data and how we will treat it. By using our Services you are accepting and consenting to the practices described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use our Services. Your continued use of the Services following the posting of changes to this Privacy Policy will be deemed your acceptance of those changes.

For the purpose of the UK Data Protection Act 1995 and the General Data Protection Regulation (EU) 2016/679 (“Law”), the data controller is Craniosacral Therapy Assocation registered in England under registration number 3453913.

Data you give us

When you visit our Services, register with our Services, submit sales queries, place an order, submit support queries, subscribe to a newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make available, you give us Data about you. You may be asked for, as appropriate:

  • name
  • email address
  • other personal data and information.

You may, however, visit some of our Services anonymously. We will collect personal data from you only if you voluntarily submit such Data to us. You can always refuse to supply personal data, except that it may prevent you from using certain Services or engaging in certain Service-related activities.

Data we collect from you

We may automatically collect Data about you whenever you interact with our Services. Such Data may include:

  • Technical data, including the Internet protocol (IP) address used to connect your computer to the Internet, your login data, browser type and version, the type of device, the operating system and platform used, time zone setting, browser plug-in types and versions and other similar data.
  • Data about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Services (including date and time); data you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction data (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
  • Data about your use of our products, including the full Uniform Resource Locators (URL) clickstream to, through and from our products (including date and time); data you viewed, searched for, created, altered, deleted, exchanged or otherwise interacted with; recipient data of individuals or companies you contacted or with whom you exchanged data via the Services; third party sites, products, services and content you connected with; and any other activities of you that we track for providing you the Services.

Data we receive from other sources

We may receive Data about you if you use any of the other Services we operate or provide. In this case we will have informed you when we collected that Data that it may be shared internally and combined with Data collected from these Services. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search data providers, credit reference agencies) and may receive data about you from them.

Use of Cookies

Our Services use “cookies” to distinguish you from other Users of the Services. This is required to provide you certain Services, helps to enhance the User experience when using the Services and also allows us to improve the Services.

Cookies are small text files that are placed on your computer by websites that you visit. Your web browser places cookies on your hard drive for record-keeping purposes and sometimes to track Data about you. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide Data to the owners of the websites.

We use persistent cookies and session cookies in our Services. We use persistent cookies to save your login Data for future logins to the Services. We use session cookies to enable certain features of the Services, to better understand how you interact with the Services and to monitor aggregate usage by Users and web traffic routing on the Services. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Services and then close your browser.

You may choose to set your web browser to refuse cookies, or to alert you when cookies are being sent. If you do so, note that some Services may not function properly for which we cannot be held responsible.

Use of your Data

We use Data held about you for the following purposes:

Data you give to us

We will use this Data:

  • to carry out our obligations arising from any agreements entered into between you and us;
  • to provide you with the information and Services that you request from us;
  • to process orders and enable us to provide Services related to orders;
  • to enable you or other permitted users of our products to search, view, store and exchange Data using our products;
  • to enable us, you or other permitted users of our products to see your activities for use of the products and auditing your and other user’s compliance in using the products;
  • to run a promotion, contest, survey or other Services features;
  • to send you information you have agreed to receive about topics we think will be of interest to you;
  • to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you;
  • to notify you about changes to our Services and agreements where we have agreed to do so;
  • to verify your identity and compliance with permitted use of the Services;
  • to ensure that content from our Services is presented in the most effective manner for you and for your devices.

Data we collect about you

We will use this Data:

  • to personalise the User experience via our Services;
  • to enable you or other permitted users of our products to search, view, store and exchange Data using our products;
  • to enable us, you or other permitted users of our products to see your activities for use of the products and auditing your and other user’s compliance in using the products;
  • to improve customer service to enable us to better respond to your customer service and support requests;
  • to improve our Services to ensure that content is presented in the most effective and user-friendly manner for you and your devices;
  • to improve our Services by using feedback you provide or usage statistics we collect;
  • to allow you to participate in interactive features of our Services which you choose to do so;
  • to administer our Site and for internal operations, including troubleshooting, analysis, testing, research, statistical and survey purposes;
  • as part of our efforts to keep our Services safe and secure and for investigating and resolving malfunctions and security incidents;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  • to make suggestions and recommendations to you and other Users of our Services about goods or services that may interest you or them.

Disclosure of your Data

We do not disclose, sell, trade, or rent your Data to third parties except as you direct, or as described in this Privacy Policy or other agreements related to our Services which you decided to use.

Data we share with third parties

We may share your Data with selected third parties including:

  • business partners, suppliers and sub-contractors for the performance of any agreement we enter into with them or you;
  • our data processors used for providing you our products such as our Cloud Service and related professional services such as technical support. We have corresponding agreements in place with our data processors to ensure that they safeguard your Data;
  • trusted partners when dealing with sales, service and information requests;
  • third party sub-processors to help us operate our business e.g. by providing us collaboration and communication infrastructure, support ticketing and remote presentation tools, sending out newsletters or surveys, or hosting your Data and providing you with support;
  • credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
  • third parties for the purpose of improving our Services that receive anonymous data not linked to any personal data or particular customer;
  • advertisers and advertising networks that require the Data to select and serve relevant adverts to you and others. We do not disclose Data about identifiable individuals to our advertisers, but we may provide them with aggregate or pseudonymized data about our Users and their use of our Services. We may make use of limited personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience;
  • analytics and search engine providers that assist us in the improvement and optimisation of our Services;

Data we disclose to third parties

We may disclose your Data to third parties:

  • in the event that we sell or buy any business or assets, in which case we may disclose your Data to the prospective seller or buyer of such business or assets;
  • if we or substantially all of our assets are acquired by a third party, in which case Data held by it about its customers will be one of the transferred assets;
  • if we are under a duty to disclose or share your Data in order to comply with any legal obligation, or in order to enforce or apply any of our contracts and agreements; or to protect our rights, property, safety, our customers or others. This includes exchanging Data with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where we store Data

We store all Data in the European Economic Area (“EEA”), the UK and the United States (USA).

The Data that you submit to us or we collect from you may however be transferred to, and stored at, a destination outside your country of operation or the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers.

Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details, answering your sales queries or the provision of support services. By submitting your Data, you agree to this transfer, storing or processing outside of the EEA. We will take all steps reasonably necessary to ensure that your Data is treated securely and in accordance with this Privacy Policy and other agreements we have entered into with you.

You understand and acknowledge that we do not control who accesses our Services and where you or your Users access or exchange Data from and to, via which locations the Data is transmitted and where it might be stored. Our Services are accessible via the internet and may potentially be accessed by anyone authorised to use the Services around the world. Other Users may access the Services from outside your country of operation.

This means that where you chose to register with our Services or process your Data to our Services, it could be accessed by permitted users from anywhere around the world and therefore a transfer of your Data outside of your country of operation may be deemed to have occurred. You consent to such transfer of your Data for and by way of this purpose.

Protection of Data

All Data you provide to us is stored on our secure servers and we use encryption technology for transferring Data where possible and required by industry standards.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Services, the password will be stored in encrypted form but you are responsible for keeping this password confidential and we ask you not to share any password with anyone.

The transmission of data via the Internet is not completely secure. Although we take state of the art measures to protect your Data, we cannot guarantee the security of your Data transmitted using our Services; any transmission is at your own risk. We will always use strict procedures and security features to try to prevent unauthorised access to your Data when it is processed using our Services.

Your Rights

Consent

You have the right to ask us not to process your Data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your Data for such purposes or if we intend to disclose your Data to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your Data. You can also exercise the right at any time by contacting us at the address given at the end of this Privacy Policy.

You can unsubscribe from all our automated electronic communication with you for sales and marketing purposes by following the unsubscribe instructions at the bottom of each email or by contacting us via our Services contact options.

For certain Services such as our products and where you have entered into corresponding agreements, we will be obliged to inform you about changes to the Services such as new product versions or product features, new terms and conditions, certain issues limiting your use of the Services such as bugs, planned maintenance windows or unexpected unavailability of the Services, or to verify your identity for use of the Services or responding to your support queries. We will contact you by electronic means (e-mail or SMS) or via phone calls. If you unsubscribe from receiving such information you must stop using the Services, or we may not be able to contact you for the purpose of fulfilling our contractual obligations.

Right to rectification, deletion and data export

We permit you to rectify, delete or export Data you have provided to us or we have collected about you, subject to the conditions of our other agreements with you and the provisions set out below. Any requests for rectification, deletion or export of Data we receive from users where you are the data controller will be forwarded to you to deal with. If you fail to act upon any forwarded request, we reserve the right to delete Data in order to comply with our obligations under applicable law.

You may rectify, delete or export Data that you have provided to us by using our website or registering to use Services and providing such additional information where applicable. If you would like to gain access to, or request rectification, deletion or export of your Data we have collected as “data controllers,” please contact us as set out at the end of this Privacy Policy. We will respond to such queries within 30 days.

We have no direct relationship with any individuals with whom you may interact when using the Services. Any such individual seeking access to, or who would like to rectify, delete or export data which may be stored by us should direct any query to You acting as the “data controller” for such Data. We will rectify, delete or export any Data placed in your account within 30 days of receiving a valid request, the deletion of data being subject to data retention policies as defined below.

Data Retention

We retain Data for as long as we provide access to the Services to you, your account remains open or we have an active relationship. However, we may keep some Data after your account is closed or you cease using the Services for the purposes set out below.

After you have closed your account, or ceased using the Services or we have no more active relationship for a period of at least five years, we usually delete Data within 12 months, however we may retain Data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Terms and Conditions, AUP, for backup purposes, or fulfil your request to “unsubscribe” from sending you further information.

We may retain anonymized data after your account has been closed or you have ceased using the Services for a period of at least five years.

Complaints

If you have any complaints about our use of your Data please contact us as set out at the end of this Privacy Policy.

Third party websites, content and integrated Services

You may find other content such as advertising or references provided through our Services that link to sites, products and services of our customers, partners, suppliers, advertisers, sponsors, licensors and other third parties.

Such links to sites, products or services, including their content, products and links, even if firmly integrated into our Services, may be constantly changing and might be provided under their own terms and privacy policies that are different from ours. We are not responsible for the sites, products and services including all content, changes or updates of any such third parties. Please check the corresponding third party’s terms and policies before you use and submit any Data to these third party sites, products and services.

Access to Data

The Law gives you the right to access data held about you. Your right of access can be exercised in accordance with the Law. Any access request may be subject to a fee to meet our costs in providing you with details of the data we hold about you, where this is permitted under applicable Law.

Age of Users

The Services are not intended for and shall not be used by anyone under the age of 18.

Changes to this privacy policy

At our discretion we may update this Privacy Policy at any time. When we do, we will only revise the update date on this page.

We encourage Users to frequently check this page for any changes to stay informed. You acknowledge and agree that it is ultimately your responsibility to review this Privacy Policy periodically and become aware of modifications.

Contacting us

If you have any questions, please contact us at:

Craniosacral Therapy Assocation
Monomark House
27 Old Gloucester Street
LONDON WC1N 3AX

Tel. 0844 700 2358