This policy applies to you, as a user of the Website: www.burning-brightly.co.uk (the “Website”). This policy also applies to Burning Brightly Meditation (“we”/“us”/“our”) as the owner and provider of the Website and sets out the basis on which any and all personal data we collect from you, or you provide to us, will be processed by us.
We are committed to protecting your privacy and being open and clear about how we use the information with which you entrust us. We may update this privacy notice from time to time and we will post the changes on this page. Please check back frequently to ensure you are aware of any updates.
If you have any questions about this notice please contact email@example.com.
Our commitment to you
We process your personal data in accordance with the overarching principles and requirements set out in the General Data Protection Regulation and the Data Protection Act 2018 (“Data Protection Law”). What this means is we process your data in a way which is:
- Lawful, fair and transparent
- Compatible with the purposes we have told you about
- Adequate and necessary, we only use the data we need to use for the reason(s) we told you
- Accurate and up to date
- Not excessive, we only keep your data for as long as we need it and
- Secure and protected.
Data we may collect from you
We may collect and process the following personal data about you:
- Contact Information
- Telephone Numbers
- Date of Birth
- IP Address
- Web Browser Type
- Operating System
- Financial Information relating to banking and payment information
- Your activity on the Website
- Cookie information
How and why we collect your personal data
We collect personal data when you complete forms on the Website or when you correspond with us in other ways such as by email or over the phone. Personal data is information which can be used to directly or indirectly identify you, such as your name, an ID number or an online identifier. Our lawful basis for processing this data under data protection law will be one of the following:
- Contract – e.g. it is necessary for us to process the data to fulfil the terms and conditions of our agreement with you;
- Consent – e.g. where you have given us your consent to send you promotional materials (remember you can withdraw this consent at any time); or
- Legitimate interest – e.g. where we process your personal data for direct marketing purposes or to ensure network and information security. Where we use legitimate interest as our lawful basis to process your personal data we will ensure our legitimate interests are proportional and do not compromise your personal data rights.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider we need to use it for another reason compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
We will only keep your data for as long as we need to for the reason(s) we have collected it.
You make a payment via the Website using Visa, MasterCard or American Express credit/debit cards. Your payment will be processed by Stripe, our third party payment processor, who collect, use and process your information, including payment information, in accordance with their privacy policies – which can be viewed here: https://stripe.com/gb/privacy.
We will not retain or process your credit/debit card details and this information will never be shared or viewed by us.
We may disclose your personal data to third parties in the following circumstances:
- Where we are obliged to or permitted by law;
- In order to enforce or apply our terms and other agreements with you;
- To protect the rights, property or safety of our customers or others (including exchanging information with other companies or organisations for the purposes of fraud prevention and credit risk reduction).
We employ a third party company based in the UK, to assist with the development, maintenance and management of the Website. This company may have access to your personal information in the course of providing us with their services. Where third parties process data on our behalf, they will not use your personal information for their own purposes and we only permit them to use it in accordance with our instructions and the law. We have appropriate safeguards in place to protect personal data transferred outside the EEA.
How do we keep your data safe?
We have put in place appropriate security measures to protect your personal information and prevent it from being lost, destroyed, damaged, used, altered or disclosed. The data is hosted on cloud servers by UK Web Solutions Direct Ltd which are located in the UK.
Third Party Links
The Website may contain links to other websites. If you follow a link to another website, please note these sites have their own privacy notices and we do not accept any responsibility or liability for these notices. We encourage you to check the privacy notices of these other sites when visiting.
Your legal rights
You have a number of rights under data protection law in relation to your personal information and if you want to exercise any of these rights, please contact us at firstname.lastname@example.org.
These rights are as follows:
- right to request access to your personal information – you can request a copy of the personal information we hold on you
- right to request correction of your personal information – if any personal information we hold on you is incorrect, you can request to have it corrected
- right to request erasure of your personal information – you can ask us to delete your personal information in certain circumstances
- right to object to processing or restrict processing of your personal information – you may object to our processing of your personal data in certain circumstances
- right to request the transfer of your personal information – to provide you, or a third party you have chosen, with your personal information and
- right to withdraw consent – where we process your data on the basis of consent, you can notify us you want to withdraw consent any time.
If you have any data protection complaints, you may contact the Information Commissioner’s Office (ICO) by post at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Email: email@example.com Telephone: 0303 123 1113.
We would like to try and help with any concerns you may have before you contact the ICO, so please get in touch with firstname.lastname@example.org in the first instance.