Life Rhythms Ltd respects your privacy and is committed to protecting your personal data. We comply with the EU’s General Data Protection Regulation 2018 (GDPR) and its UK implementation, the Data Protection Act 2018 (DPA).
Life Rhythms Ltd is registered with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Our ICO reference number is ZA388099.
- Who we are
Life Rhythms Ltd, registered in England and Wales, number 3395003. Our client company in Spain is Cortijo Romero SL, registered in Spain, CIF B18353938.
- Responsibility for processing your data:
This is the responsibility of Life Rhythms Ltd.
- Your data:
Bookings: we hold the following data in order to fulfil our contract with you:
Contact details (name, email address, postal address, telephone number).
- Booking details (course and dates, flight numbers and times, etc).
- Profile (passport number, date of birth, gender, contact for next of kin, medical and dietary requirements where necessary).
- Payment details - Note that we do NOT store any credit card or other bank card details.
- Any email or postal correspondence.
We store your contact details and the booking information securely, for our records and administrative purposes, and if you wish we will also store your profile details against any future bookings. Otherwise your data is deleted after the end of the calendar year when the booking took place.
Mailings: We will also hold your contact details in order to send you our newsletters and/or brochures if you have specifically consented to receive them, and we may also occasionally send you information about offers or other marketing which we think may be of legitimate interest to you, if you have contacted us to ask about our services or make a booking.
- What lawful bases do we use?
We hold your data under one of the following lawful bases:
- When you have booked one of our courses, or may be about to do so, we use the basis of contract.
- When you have told us you want to be on our mailing list, you have given us your consent to receive marketing from us.
- When we need your data to fulfil our legal obligation (eg, relating to tax or accounting).
- When we have a legitimate interest in using your data for market research, to improve our services to you, or to promote our courses, and where this does not impact adversely on you.
- Who has access to your data?
Your data is handled solely by our staff and none of it is passed on to any third parties for individual processing except to our client company, Cortijo Romero SL in Spain, which has access to booking and client details essential to the smooth running of courses.
However, your data is also stored securely with the following UK-based companies, who are all GDPR-compliant:
- Our bookings and courses database is supported by TGSi Ltd.
- Our emails are stored with MyOffice and hosted by Fasthosts.
- Our payments are collected by Sagepay.
or with the following USA-based companies, which all conform to the EU-USA Privacy Shield Framework (which has had an adequacy decision from the European Commission as a lawful data transfer mechanism):
- Our mailing list is handled by Mailchimp.
- Our cloud storage for documents, etc, is with Dropbox.
- Our payments are serviced by Worldpay.
- How long do we keep your data?
We will only retain your personal data for as long as is reasonably necessary to fulfil the purposes set out above, including any legal or accounting requirements. In particular:
- Booking data will only kept until the end of the financial year.
- We are required to keep transaction and financial data for six years.
- Your contact and profile information will be kept indefinitely unless you ask us to remove it, which we will do, subject to contractual and legal restraints.
- If you ask to be removed from our mailing list, we will keep the minimum contact data to ensure that you will not be contacted again.
The Cortijo Romero website, like most others, uses small data files called cookies, placed on your computing device, to help us improve your experience with our website. These files may track your usage (which pages you open, for example) but do not store any personal data. Although you can disable cookies in your browser, this may result in parts of this or other websites not functioning properly.
- What are your rights?
At any time you can ask to see a copy of the data we hold about you, and you can ask to have it corrected if it is wrong, or deleted completely, which we will do if this does not conflict with any other legal or legitimate interest constraints. At any time you can ask to be removed from our mailing list.
If you are not satisfied with our response or believe that our processing of your personal data is not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO), see https://ico.org.uk/global/contact-us.
- Further information
Please contact us at firstname.lastname@example.org or telephone us on +44 (0) 1494 765 775 if you require any further information.